commit ed94dd22ddca71d63a4b7faac46dfa97da6cdace
Author: Iliyan Angelov <angelov@angeloviliyan.com>
Date:   Wed Nov 26 22:32:20 2025 +0200

    update

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..82b4ac6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,67 @@
+# Python
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+
+# Virtual Environment
+venv/
+env/
+ENV/
+.venv
+
+# Django
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+/media
+/staticfiles
+/static
+
+# Environment variables
+.env
+.env.local
+.env.*.local
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+.DS_Store
+
+# Testing
+.coverage
+htmlcov/
+.pytest_cache/
+.tox/
+
+# OSINT
+*.pem
+*.key
+
+# Logs
+logs/
+*.log
+
+# Database
+*.db
+
diff --git a/FRAUD_SCAM_PLATFORM_ROADMAP.md b/FRAUD_SCAM_PLATFORM_ROADMAP.md
new file mode 100644
index 0000000..9079846
--- /dev/null
+++ b/FRAUD_SCAM_PLATFORM_ROADMAP.md
@@ -0,0 +1,727 @@
+# Fraud & Scam Reporting Platform - Development Roadmap
+
+## Project Overview
+
+A secure, GDPR-compliant platform for reporting and tracking fraud and scams in the Bulgarian internet space. The platform will use OSINT (Open Source Intelligence) techniques to trace and verify reported scams, providing a public database to help citizens stay informed and protected.
+
+---
+
+## 1. Legal Compliance & Requirements
+
+### 1.1 GDPR Compliance
+- **Data Minimization**: Collect only necessary personal data
+- **Consent Management**: Explicit consent for data processing
+- **Right to Access**: Users can request their data
+- **Right to Erasure**: Users can request data deletion
+- **Data Portability**: Export user data in machine-readable format
+- **Privacy by Design**: Security measures built into the system
+- **Data Protection Officer (DPO)**: Appoint or designate DPO
+- **Data Breach Notification**: 72-hour notification to authorities
+- **Privacy Policy**: Comprehensive, clear, and accessible
+- **Cookie Consent**: GDPR-compliant cookie management
+
+### 1.2 Bulgarian Law Compliance
+- **Personal Data Protection Act (PDPA)**: Align with Bulgarian implementation of GDPR
+- **Electronic Commerce Act**: Compliance for online services
+- **Consumer Protection Act**: Protect users' rights
+- **Cybercrime Act**: Legal framework for reporting cybercrimes
+- **Defamation Laws**: Ensure reports are factual and verified
+- **Data Retention**: Comply with Bulgarian data retention requirements
+- **Terms of Service**: Legally binding terms in Bulgarian and English
+
+### 1.3 Legal Documentation Required
+- Privacy Policy (BG/EN)
+- Terms of Service (BG/EN)
+- Cookie Policy
+- Data Processing Agreement templates
+- User Consent Forms
+- Data Subject Rights Request Forms
+
+---
+
+## 2. Security Architecture
+
+### 2.1 Authentication & Authorization
+- **Multi-factor Authentication (MFA)**: Required for admins and moderators
+- **Strong Password Policy**: Minimum 12 characters, complexity requirements
+- **Password Hashing**: Use bcrypt or Argon2
+- **Session Management**: Secure, HTTP-only, SameSite cookies
+- **JWT Tokens**: For API authentication (if needed)
+- **Rate Limiting**: Prevent brute force attacks
+- **Account Lockout**: After failed login attempts
+- **OAuth 2.0**: Optional social login (with privacy considerations)
+
+### 2.2 Data Security
+- **Encryption at Rest**: Encrypt sensitive database fields
+- **Encryption in Transit**: TLS 1.3 for all connections
+- **Database Encryption**: PostgreSQL encryption
+- **Backup Encryption**: Encrypted backups
+- **PII Masking**: Mask sensitive data in logs
+- **Secure File Uploads**: Validate, scan, and store securely
+- **SQL Injection Prevention**: Use Django ORM, parameterized queries
+- **XSS Prevention**: Content Security Policy, input sanitization
+
+### 2.3 Infrastructure Security
+- **HTTPS Only**: Force HTTPS, HSTS headers
+- **Security Headers**: 
+  - Content-Security-Policy
+  - X-Frame-Options
+  - X-Content-Type-Options
+  - Referrer-Policy
+  - Permissions-Policy
+- **DDoS Protection**: CloudFlare or similar
+- **WAF (Web Application Firewall)**: Protect against common attacks
+- **Regular Security Audits**: Penetration testing
+- **Vulnerability Scanning**: Automated security scans
+- **Intrusion Detection System (IDS)**: Monitor for suspicious activity
+- **Firewall Rules**: Restrict database access
+
+### 2.4 Code Security
+- **Dependency Scanning**: Check for vulnerable packages
+- **Secret Management**: Use environment variables, secrets manager
+- **Input Validation**: Validate all user inputs
+- **CSRF Protection**: Django CSRF tokens
+- **Security Logging**: Log security events
+- **Error Handling**: Don't expose sensitive information in errors
+
+---
+
+## 3. Technical Architecture
+
+### 3.1 Technology Stack
+- **Backend**: Django 4.2+ (Python 3.11+)
+- **Database**: PostgreSQL 15+
+- **Frontend**: HTML5, CSS3, JavaScript (Vanilla or minimal framework)
+- **Web Server**: Nginx
+- **WSGI Server**: Gunicorn or uWSGI
+- **Caching**: Redis
+- **Task Queue**: Celery (for OSINT tasks)
+- **OSINT Tools**: Custom integrations with public APIs and tools
+
+### 3.2 Project Structure
+```
+fraud_scam_platform/
+├── manage.py
+├── requirements.txt
+├── .env.example
+├── docker-compose.yml (optional)
+├── fraud_platform/
+│   ├── settings/
+│   │   ├── __init__.py
+│   │   ├── base.py
+│   │   ├── development.py
+│   │   ├── production.py
+│   │   └── security.py
+│   ├── urls.py
+│   ├── wsgi.py
+│   └── asgi.py
+├── apps/
+│   ├── accounts/          # User management
+│   ├── reports/           # Scam/fraud reports
+│   ├── osint/             # OSINT integration
+│   ├── moderation/        # Moderation system
+│   ├── analytics/         # Analytics and statistics
+│   └── legal/             # Legal compliance tools
+├── templates/
+├── static/
+├── media/
+└── tests/
+```
+
+---
+
+## 4. Database Design (PostgreSQL)
+
+### 4.1 Core Tables
+
+#### Users & Authentication
+- **users_user**: Extended user model
+  - id, email, username, password_hash
+  - role (normal, moderator, admin)
+  - is_verified, is_active
+  - created_at, updated_at
+  - last_login, mfa_enabled
+
+- **users_userprofile**: Additional user information
+  - user_id (FK)
+  - first_name, last_name
+  - phone (encrypted)
+  - date_of_birth (if required)
+  - consent_given, consent_date
+  - preferred_language
+
+- **users_activitylog**: User activity tracking
+  - user_id, action, ip_address
+  - timestamp, user_agent
+
+#### Reports
+- **reports_scamreport**: Main report table
+  - id, reporter_id (FK)
+  - title, description
+  - scam_type, category
+  - reported_url, reported_phone, reported_email
+  - evidence_files (JSON)
+  - status (pending, under_review, verified, rejected, archived)
+  - verification_score
+  - created_at, updated_at
+  - is_public, is_anonymous
+
+- **reports_scamverification**: OSINT verification data
+  - report_id (FK)
+  - verification_method
+  - verification_data (JSON)
+  - confidence_score
+  - verified_by (FK to user)
+  - verified_at
+
+- **reports_scamtag**: Tags for categorization
+  - id, name, slug, description
+
+- **reports_scamreport_tags**: Many-to-many relationship
+
+#### Moderation
+- **moderation_moderationaction**: Moderation actions
+  - id, report_id (FK)
+  - moderator_id (FK)
+  - action_type (approve, reject, edit, delete)
+  - reason, notes
+  - created_at
+
+- **moderation_moderationqueue**: Queue for pending reviews
+  - report_id (FK)
+  - priority, assigned_to (FK)
+  - created_at
+
+#### OSINT Data
+- **osint_osintresult**: OSINT investigation results
+  - id, report_id (FK)
+  - source, data_type
+  - raw_data (JSON)
+  - processed_data (JSON)
+  - confidence_level
+  - collected_at
+
+- **osint_osinttask**: Background tasks for OSINT
+  - id, report_id (FK)
+  - task_type, status
+  - parameters (JSON)
+  - result (JSON)
+  - created_at, completed_at
+
+#### Legal & Compliance
+- **legal_consentrecord**: User consent tracking
+  - user_id (FK)
+  - consent_type, consent_given
+  - ip_address, user_agent
+  - timestamp
+
+- **legal_datarequest**: GDPR data requests
+  - id, user_id (FK)
+  - request_type (access, deletion, portability)
+  - status, requested_at
+  - completed_at, response_data
+
+#### Security
+- **security_securityevent**: Security event logging
+  - id, event_type
+  - user_id (nullable), ip_address
+  - details (JSON)
+  - severity, timestamp
+
+- **security_failedlogin**: Failed login attempts
+  - id, email/username
+  - ip_address, user_agent
+  - timestamp
+
+### 4.2 Database Security
+- **Row-Level Security (RLS)**: Implement where applicable
+- **Encrypted Fields**: Use pgcrypto for sensitive data
+- **Backup Strategy**: Daily encrypted backups
+- **Access Control**: Limited database user permissions
+- **Audit Logging**: Track all data modifications
+
+---
+
+## 5. User Roles & Permissions
+
+### 5.1 Normal Users
+**Permissions:**
+- Create scam/fraud reports
+- View public reports
+- Edit own reports (before moderation)
+- Delete own reports (before moderation)
+- Comment on reports (optional)
+- Request data access/deletion
+- Report inappropriate content
+
+**Restrictions:**
+- Cannot approve/reject reports
+- Cannot access admin panel
+- Cannot view private reports
+- Limited API rate limits
+
+### 5.2 Moderators
+**Permissions:**
+- All normal user permissions
+- Review and moderate reports
+- Approve/reject reports
+- Edit any report
+- Add verification data
+- Manage tags
+- View moderation queue
+- Access moderation dashboard
+- View user activity logs (limited)
+
+**Restrictions:**
+- Cannot delete users
+- Cannot change user roles
+- Cannot access system settings
+- Cannot view all security logs
+
+### 5.3 Administrators
+**Permissions:**
+- All moderator permissions
+- Full admin panel access
+- User management (create, edit, delete, change roles)
+- System configuration
+- Security logs access
+- Database access (read-only recommended)
+- OSINT configuration
+- Analytics and reporting
+- Legal compliance tools
+
+**Security Requirements:**
+- Mandatory MFA
+- Regular security audits
+- Activity logging
+- IP whitelisting (optional)
+
+---
+
+## 6. OSINT Integration
+
+### 6.1 OSINT Sources & Tools
+- **Domain/URL Analysis**:
+  - WHOIS lookups
+  - DNS records
+  - SSL certificate information
+  - Wayback Machine (archive.org)
+  - URL reputation services
+
+- **Email Analysis**:
+  - Email validation services
+  - Breach databases (Have I Been Pwned)
+  - Email reputation checks
+
+- **Phone Number Analysis**:
+  - Phone number validation
+  - Carrier lookup
+  - Number reputation databases
+
+- **Social Media**:
+  - Public profile checks
+  - Account verification status
+  - Activity patterns
+
+- **Bulgarian-Specific Sources**:
+  - Bulgarian business registry (APIS)
+  - Bulgarian National Revenue Agency (public data)
+  - Bulgarian Consumer Protection Commission
+  - Bulgarian Financial Supervision Commission
+  - Local news and media archives
+
+### 6.2 OSINT Workflow
+1. **Report Submission**: User submits scam report
+2. **Initial Processing**: System extracts entities (URLs, emails, phones)
+3. **OSINT Task Creation**: Create background tasks for each entity
+4. **Data Collection**: Run OSINT tools and collect data
+5. **Data Analysis**: Process and analyze collected data
+6. **Verification Scoring**: Calculate confidence score
+7. **Moderator Review**: Moderator reviews OSINT results
+8. **Report Status Update**: Update report based on findings
+
+### 6.3 OSINT Implementation
+- **Celery Tasks**: Background processing
+- **API Integrations**: REST APIs for OSINT services
+- **Rate Limiting**: Respect API rate limits
+- **Caching**: Cache OSINT results to avoid duplicate queries
+- **Error Handling**: Graceful handling of API failures
+- **Data Storage**: Store raw and processed OSINT data
+
+---
+
+## 7. Features & Functionality
+
+### 7.1 Public Features
+- **Report Submission Form**:
+  - Scam type selection
+  - Description field
+  - URL/Email/Phone input
+  - File upload (evidence)
+  - Anonymous reporting option
+  - Consent checkboxes
+
+- **Public Database**:
+  - Searchable list of verified scams
+  - Filter by type, date, category
+  - Scam details page
+  - Verification status indicator
+  - OSINT evidence display (sanitized)
+
+- **Statistics Dashboard**:
+  - Total reports
+  - Scam types breakdown
+  - Trends over time
+  - Geographic distribution (if applicable)
+
+### 7.2 User Features
+- **User Dashboard**:
+  - My reports
+  - Report status tracking
+  - Edit/delete own reports
+  - Data request management
+
+- **Profile Management**:
+  - Edit profile
+  - Change password
+  - Enable/disable MFA
+  - Privacy settings
+  - Consent management
+
+### 7.3 Moderation Features
+- **Moderation Dashboard**:
+  - Pending reports queue
+  - Priority sorting
+  - Bulk actions
+  - Statistics
+
+- **Report Review**:
+  - View full report details
+  - Review OSINT results
+  - Add verification notes
+  - Approve/reject with reason
+  - Edit report content
+
+### 7.4 Admin Features
+- **User Management**:
+  - User list and search
+  - Edit user details
+  - Change user roles
+  - Suspend/activate users
+  - View user activity
+
+- **System Configuration**:
+  - OSINT settings
+  - Email templates
+  - Security settings
+  - Legal document management
+
+- **Analytics**:
+  - Platform statistics
+  - User activity reports
+  - Security event reports
+  - Compliance reports
+
+---
+
+## 8. Development Phases
+
+### Phase 1: Foundation (Weeks 1-4)
+- [ ] Project setup and configuration
+- [ ] Database design and migration
+- [ ] User authentication system
+- [ ] Basic user roles and permissions
+- [ ] Security framework implementation
+- [ ] Legal documentation templates
+
+### Phase 2: Core Features (Weeks 5-8)
+- [ ] Report submission system
+- [ ] Report listing and search
+- [ ] Basic moderation system
+- [ ] User dashboard
+- [ ] File upload and management
+- [ ] Email notifications
+
+### Phase 3: OSINT Integration (Weeks 9-12)
+- [ ] OSINT task system (Celery)
+- [ ] Domain/URL analysis integration
+- [ ] Email analysis integration
+- [ ] Phone number analysis
+- [ ] Bulgarian-specific sources integration
+- [ ] OSINT result processing and scoring
+
+### Phase 4: Moderation & Admin (Weeks 13-16)
+- [ ] Advanced moderation dashboard
+- [ ] Moderation queue system
+- [ ] Admin panel development
+- [ ] User management interface
+- [ ] Analytics dashboard
+- [ ] Reporting system
+
+### Phase 5: Security & Compliance (Weeks 17-20)
+- [ ] GDPR compliance tools
+- [ ] Data request handling
+- [ ] Consent management
+- [ ] Security audit implementation
+- [ ] Penetration testing
+- [ ] Security hardening
+
+### Phase 6: Testing & Optimization (Weeks 21-24)
+- [ ] Unit testing
+- [ ] Integration testing
+- [ ] Security testing
+- [ ] Performance optimization
+- [ ] Load testing
+- [ ] Bug fixes
+
+### Phase 7: Deployment & Launch (Weeks 25-26)
+- [ ] Production environment setup
+- [ ] SSL certificates
+- [ ] Database migration
+- [ ] Monitoring setup
+- [ ] Backup system
+- [ ] Launch and monitoring
+
+---
+
+## 9. Security Checklist
+
+### Authentication & Access
+- [ ] Strong password requirements enforced
+- [ ] MFA implemented for admins/moderators
+- [ ] Session timeout configured
+- [ ] Account lockout after failed attempts
+- [ ] Rate limiting on login endpoints
+- [ ] Secure password reset flow
+
+### Data Protection
+- [ ] All sensitive data encrypted at rest
+- [ ] TLS 1.3 enforced
+- [ ] Database encryption enabled
+- [ ] Backup encryption enabled
+- [ ] PII masking in logs
+- [ ] Secure file storage
+
+### Application Security
+- [ ] CSRF protection enabled
+- [ ] XSS prevention implemented
+- [ ] SQL injection prevention
+- [ ] Input validation on all forms
+- [ ] File upload validation
+- [ ] Security headers configured
+- [ ] Content Security Policy
+
+### Infrastructure
+- [ ] HTTPS only
+- [ ] Firewall rules configured
+- [ ] Database access restricted
+- [ ] Regular security updates
+- [ ] Intrusion detection
+- [ ] DDoS protection
+
+### Monitoring & Logging
+- [ ] Security event logging
+- [ ] Failed login tracking
+- [ ] User activity logging
+- [ ] Error logging (sanitized)
+- [ ] Monitoring alerts
+- [ ] Regular security audits
+
+---
+
+## 10. GDPR Compliance Checklist
+
+### Data Collection
+- [ ] Privacy policy created and accessible
+- [ ] Consent forms implemented
+- [ ] Data minimization practiced
+- [ ] Purpose limitation clear
+- [ ] Legal basis documented
+
+### Data Processing
+- [ ] Data processing agreements
+- [ ] Third-party processor agreements
+- [ ] Data retention policies
+- [ ] Data deletion procedures
+
+### User Rights
+- [ ] Right to access implementation
+- [ ] Right to rectification
+- [ ] Right to erasure
+- [ ] Right to data portability
+- [ ] Right to object
+- [ ] Right to restrict processing
+
+### Security & Breaches
+- [ ] Data breach notification procedure
+- [ ] Security measures documented
+- [ ] Regular security assessments
+- [ ] Incident response plan
+
+### Documentation
+- [ ] Data processing register
+- [ ] Privacy impact assessments
+- [ ] DPO contact information
+- [ ] Regular compliance reviews
+
+---
+
+## 11. Bulgarian Law Compliance Checklist
+
+- [ ] Personal Data Protection Act compliance
+- [ ] Electronic Commerce Act compliance
+- [ ] Consumer Protection Act alignment
+- [ ] Terms of Service in Bulgarian
+- [ ] Privacy Policy in Bulgarian
+- [ ] Bulgarian business registration (if applicable)
+- [ ] Tax compliance (if applicable)
+- [ ] Local hosting requirements (if applicable)
+
+---
+
+## 12. Deployment Considerations
+
+### 12.1 Hosting
+- **Recommended**: Bulgarian or EU-based hosting (GDPR)
+- **Options**: AWS EU, DigitalOcean EU, Bulgarian hosting providers
+- **Requirements**: 
+  - PostgreSQL support
+  - SSL certificates
+  - Backup capabilities
+  - Monitoring tools
+
+### 12.2 Environment Configuration
+- **Development**: Local development environment
+- **Staging**: Pre-production testing
+- **Production**: Live environment
+- **Environment Variables**: Secure secret management
+
+### 12.3 Monitoring & Maintenance
+- **Application Monitoring**: Error tracking (Sentry)
+- **Server Monitoring**: Uptime monitoring
+- **Database Monitoring**: Query performance
+- **Security Monitoring**: Intrusion detection
+- **Backup Monitoring**: Verify backups regularly
+
+### 12.4 Backup Strategy
+- **Database Backups**: Daily automated backups
+- **File Backups**: Daily media file backups
+- **Backup Retention**: 30 days minimum
+- **Backup Testing**: Monthly restore tests
+- **Offsite Backups**: Store backups separately
+
+---
+
+## 13. Post-Launch Considerations
+
+### 13.1 Maintenance
+- Regular security updates
+- Dependency updates
+- Database optimization
+- Performance monitoring
+- User feedback collection
+
+### 13.2 Continuous Improvement
+- Feature enhancements based on feedback
+- OSINT source expansion
+- Security improvements
+- Performance optimization
+- Legal compliance updates
+
+### 13.3 Community Engagement
+- User education about scams
+- Regular blog posts/articles
+- Social media presence
+- Partnership with authorities
+- Public awareness campaigns
+
+---
+
+## 14. Risk Management
+
+### 14.1 Technical Risks
+- **Data Breach**: Mitigation through security measures
+- **DDoS Attacks**: DDoS protection service
+- **System Downtime**: Redundancy and monitoring
+- **Data Loss**: Regular backups
+
+### 14.2 Legal Risks
+- **GDPR Violations**: Regular compliance audits
+- **Defamation Claims**: Moderation and verification
+- **Data Subject Complaints**: Clear procedures
+- **Regulatory Changes**: Regular legal review
+
+### 14.3 Operational Risks
+- **Moderator Availability**: Multiple moderators
+- **OSINT Service Failures**: Multiple sources, caching
+- **User Abuse**: Reporting and moderation tools
+- **Scalability**: Plan for growth
+
+---
+
+## 15. Resources & References
+
+### 15.1 Django Resources
+- Django Security Best Practices
+- Django GDPR Compliance Guide
+- Django Authentication System
+
+### 15.2 Security Resources
+- OWASP Top 10
+- GDPR Official Guidelines
+- Bulgarian Personal Data Protection Commission
+
+### 15.3 OSINT Resources
+- OSINT Framework
+- Bulgarian Public Registries
+- Open Source Intelligence Tools
+
+---
+
+## 16. Success Metrics
+
+### 16.1 Platform Metrics
+- Number of reports submitted
+- Number of verified scams
+- User registration rate
+- Report verification time
+- Platform uptime
+
+### 16.2 Security Metrics
+- Number of security incidents
+- Failed login attempts
+- Security audit results
+- Response time to incidents
+
+### 16.3 Compliance Metrics
+- GDPR request response time
+- Data breach incidents (target: 0)
+- Compliance audit results
+- User consent rate
+
+---
+
+## Conclusion
+
+This roadmap provides a comprehensive guide for developing a secure, GDPR-compliant fraud and scam reporting platform. The project should be developed incrementally, with security and legal compliance as top priorities throughout all phases.
+
+**Key Principles:**
+1. Security first
+2. Legal compliance from day one
+3. User privacy and data protection
+4. Transparency and accountability
+5. Continuous improvement
+
+**Next Steps:**
+1. Review and approve this roadmap
+2. Set up development environment
+3. Begin Phase 1 implementation
+4. Consult with legal experts for compliance
+5. Establish security review process
+
+---
+
+*Document Version: 1.0*  
+*Last Updated: [Date]*  
+*Maintained by: Development Team*
+
diff --git a/OSINT_SYSTEM_README.md b/OSINT_SYSTEM_README.md
new file mode 100644
index 0000000..7d2a8c8
--- /dev/null
+++ b/OSINT_SYSTEM_README.md
@@ -0,0 +1,266 @@
+# Enterprise OSINT System Documentation
+
+## Overview
+
+The Enterprise OSINT (Open Source Intelligence) system automatically crawls seed websites, searches for scam-related keywords, and generates reports for moderator review. Approved reports are automatically published to the platform.
+
+## Features
+
+### 1. Seed Website Management
+- **Admin Interface**: Manage seed websites to crawl
+- **Configuration**: Set crawl depth, interval, allowed domains, user agent
+- **Priority Levels**: High, Medium, Low
+- **Statistics**: Track pages crawled and matches found
+
+### 2. Keyword Management
+- **Multiple Types**: Exact match, regex, phrase, domain, email, phone patterns
+- **Confidence Scoring**: Each keyword has a confidence score (0-100)
+- **Auto-approval**: Keywords can be set to auto-approve high-confidence matches
+- **Case Sensitivity**: Configurable per keyword
+
+### 3. Automated Crawling
+- **Web Scraping**: Crawls seed websites using BeautifulSoup
+- **Content Analysis**: Extracts and analyzes page content
+- **Keyword Matching**: Searches for configured keywords
+- **Deduplication**: Uses content hashing to avoid duplicates
+- **Rate Limiting**: Configurable delays between requests
+
+### 4. Auto-Report Generation
+- **Automatic Detection**: Creates reports when keywords match
+- **Confidence Scoring**: Calculates confidence based on matches
+- **Moderator Review**: Reports sent for approval
+- **Auto-approval**: High-confidence reports with auto-approve keywords are automatically published
+
+### 5. Moderation Interface
+- **Review Queue**: Moderators can review pending auto-generated reports
+- **Approve/Reject**: One-click approval or rejection with notes
+- **Statistics Dashboard**: View counts by status
+- **Detailed View**: See full crawled content and matched keywords
+
+## Setup Instructions
+
+### 1. Install Dependencies
+
+```bash
+pip install -r requirements.txt
+```
+
+New dependencies added:
+- `beautifulsoup4>=4.12.2` - Web scraping
+- `lxml>=4.9.3` - HTML parsing
+- `urllib3>=2.0.7` - HTTP client
+
+### 2. Run Migrations
+
+```bash
+python manage.py makemigrations osint
+python manage.py makemigrations reports  # For is_auto_discovered field
+python manage.py migrate
+```
+
+### 3. Configure Seed Websites
+
+1. Go to Django Admin → OSINT → Seed Websites
+2. Click "Add Seed Website"
+3. Fill in:
+   - **Name**: Friendly name
+   - **URL**: Base URL to crawl
+   - **Crawl Depth**: How many levels deep to crawl (0 = only this page)
+   - **Crawl Interval**: Hours between crawls
+   - **Priority**: High/Medium/Low
+   - **Allowed Domains**: List of domains to crawl (empty = same domain only)
+   - **User Agent**: Custom user agent string
+
+### 4. Configure Keywords
+
+1. Go to Django Admin → OSINT → OSINT Keywords
+2. Click "Add OSINT Keyword"
+3. Fill in:
+   - **Name**: Friendly name
+   - **Keyword**: The pattern to search for
+   - **Keyword Type**: 
+     - `exact` - Exact string match
+     - `regex` - Regular expression
+     - `phrase` - Phrase with word boundaries
+     - `domain` - Domain pattern
+     - `email` - Email pattern
+     - `phone` - Phone pattern
+   - **Confidence Score**: Default confidence (0-100)
+   - **Auto Approve**: Auto-approve if confidence >= 80
+
+### 5. Run Crawling
+
+#### Manual Crawling
+
+```bash
+# Crawl all due seed websites
+python manage.py crawl_osint
+
+# Crawl all active seed websites
+python manage.py crawl_osint --all
+
+# Crawl specific seed website
+python manage.py crawl_osint --seed-id 1
+
+# Force crawl (ignore crawl interval)
+python manage.py crawl_osint --all --force
+
+# Limit pages per seed
+python manage.py crawl_osint --max-pages 100
+
+# Set delay between requests
+python manage.py crawl_osint --delay 2.0
+```
+
+#### Scheduled Crawling (Celery)
+
+Add to your Celery beat schedule:
+
+```python
+# In your Celery configuration (celery.py or settings)
+from celery.schedules import crontab
+
+app.conf.beat_schedule = {
+    'crawl-osint-hourly': {
+        'task': 'osint.tasks.crawl_osint_seeds',
+        'schedule': crontab(minute=0),  # Every hour
+    },
+    'auto-approve-reports': {
+        'task': 'osint.tasks.auto_approve_high_confidence_reports',
+        'schedule': crontab(minute='*/15'),  # Every 15 minutes
+    },
+}
+```
+
+## Workflow
+
+### 1. Crawling Process
+
+```
+Seed Website → Crawl Pages → Extract Content → Match Keywords → Calculate Confidence
+```
+
+1. System crawls seed website starting from base URL
+2. For each page:
+   - Fetches HTML content
+   - Extracts text content (removes scripts/styles)
+   - Calculates content hash for deduplication
+   - Matches against all active keywords
+   - Calculates confidence score
+3. If confidence >= 30, creates `CrawledContent` record
+4. If confidence >= 30, creates `AutoGeneratedReport` with status 'pending'
+
+### 2. Confidence Calculation
+
+```
+Base Score = Average of matched keyword confidence scores
+Match Boost = min(match_count * 2, 30)
+Keyword Boost = min(unique_keywords * 5, 20)
+Total = min(base_score + match_boost + keyword_boost, 100)
+```
+
+### 3. Auto-Approval
+
+Reports are auto-approved if:
+- Confidence score >= 80
+- At least one matched keyword has `auto_approve=True`
+
+Auto-approved reports are immediately published to the platform.
+
+### 4. Moderator Review
+
+1. Moderator views pending reports at `/osint/auto-reports/`
+2. Can filter by status (pending, approved, published, rejected)
+3. Views details including:
+   - Matched keywords
+   - Crawled content
+   - Source URL
+   - Confidence score
+4. Approves or rejects with optional notes
+5. Approved reports are published as `ScamReport` with `is_auto_discovered=True`
+
+## URL Routes
+
+- `/osint/auto-reports/` - List auto-generated reports (moderators only)
+- `/osint/auto-reports/<id>/` - View report details
+- `/osint/auto-reports/<id>/approve/` - Approve report
+- `/osint/auto-reports/<id>/reject/` - Reject report
+
+## Models
+
+### SeedWebsite
+- Manages websites to crawl
+- Tracks crawling statistics
+- Configures crawl behavior
+
+### OSINTKeyword
+- Defines patterns to search for
+- Sets confidence scores
+- Enables auto-approval
+
+### CrawledContent
+- Stores crawled page content
+- Links matched keywords
+- Tracks confidence scores
+
+### AutoGeneratedReport
+- Generated from crawled content
+- Links to ScamReport when approved
+- Tracks review status
+
+## Best Practices
+
+1. **Start Small**: Begin with 1-2 seed websites and a few keywords
+2. **Monitor Performance**: Check crawl statistics regularly
+3. **Tune Keywords**: Adjust confidence scores based on false positives
+4. **Respect Rate Limits**: Use appropriate delays to avoid being blocked
+5. **Review Regularly**: Check pending reports daily
+6. **Update Keywords**: Add new scam patterns as they emerge
+7. **Test Regex**: Validate regex patterns before activating
+
+## Troubleshooting
+
+### Crawling Fails
+- Check network connectivity
+- Verify seed website URLs are accessible
+- Check user agent and rate limiting
+- Review error messages in admin
+
+### Too Many False Positives
+- Increase confidence score thresholds
+- Refine keyword patterns
+- Add negative keywords (future feature)
+
+### Too Few Matches
+- Lower confidence thresholds
+- Add more keywords
+- Check if seed websites are being crawled
+- Verify keyword patterns match content
+
+### Performance Issues
+- Reduce crawl depth
+- Limit max pages per crawl
+- Increase delay between requests
+- Use priority levels to focus on important sites
+
+## Security Considerations
+
+1. **User Agent**: Use identifiable user agent for transparency
+2. **Rate Limiting**: Respect website terms of service
+3. **Content Storage**: Large HTML content stored in database
+4. **API Keys**: Store OSINT service API keys securely (encrypted)
+5. **Access Control**: Only moderators can review reports
+
+## Future Enhancements
+
+- [ ] Negative keywords to reduce false positives
+- [ ] Machine learning for better pattern recognition
+- [ ] Image analysis for scam detection
+- [ ] Social media monitoring
+- [ ] Email/phone validation services
+- [ ] Automated report categorization
+- [ ] Export/import keyword sets
+- [ ] Crawl scheduling per seed website
+- [ ] Content change detection
+- [ ] Multi-language support
+
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6f0eb4e
--- /dev/null
+++ b/README.md
@@ -0,0 +1,185 @@
+# Fraud & Scam Reporting Platform
+
+A secure, GDPR-compliant Django platform for reporting and tracking fraud and scams in the Bulgarian internet space.
+
+## Features
+
+- **User Management**: Role-based access (Normal Users, Moderators, Administrators)
+- **Report System**: Submit and track scam/fraud reports
+- **OSINT Integration**: Automated intelligence gathering for verification
+- **Moderation System**: Queue-based moderation workflow
+- **Analytics Dashboard**: Statistics and insights
+- **GDPR Compliance**: Data request handling and consent management
+- **Security**: Multi-factor authentication, activity logging, security events
+
+## Project Structure
+
+```
+fraud_platform/
+├── accounts/          # User management
+├── reports/           # Scam/fraud reports
+├── osint/             # OSINT integration
+├── moderation/        # Moderation system
+├── analytics/         # Analytics and statistics
+├── legal/             # Legal compliance tools
+└── fraud_platform/    # Project settings
+```
+
+## Installation
+
+1. **Clone the repository** (if applicable)
+
+2. **Create virtual environment**:
+```bash
+python3 -m venv venv
+source venv/bin/activate  # On Windows: venv\Scripts\activate
+```
+
+3. **Install dependencies**:
+```bash
+pip install -r requirements.txt
+```
+
+4. **Set up environment variables**:
+```bash
+cp .env.example .env
+# Edit .env with your configuration
+```
+
+5. **Set up PostgreSQL database**:
+```bash
+# Create database
+createdb fraud_platform_db
+
+# Or using psql:
+psql -U postgres
+CREATE DATABASE fraud_platform_db;
+```
+
+6. **Run migrations**:
+```bash
+python manage.py makemigrations
+python manage.py migrate
+```
+
+7. **Create superuser**:
+```bash
+python manage.py createsuperuser
+```
+
+8. **Run development server**:
+```bash
+python manage.py runserver
+```
+
+## Configuration
+
+### Database
+
+Update `.env` with your PostgreSQL credentials:
+```
+DB_NAME=fraud_platform_db
+DB_USER=postgres
+DB_PASSWORD=your-password
+DB_HOST=localhost
+DB_PORT=5432
+```
+
+### Email
+
+Configure email settings in `.env` for production:
+```
+EMAIL_HOST=smtp.example.com
+EMAIL_PORT=587
+EMAIL_USE_TLS=True
+EMAIL_HOST_USER=your-email@example.com
+EMAIL_HOST_PASSWORD=your-password
+```
+
+## Apps Overview
+
+### Accounts
+- User registration and authentication
+- Profile management
+- Activity logging
+- Failed login tracking
+
+### Reports
+- Scam report submission
+- Report listing and search
+- Report verification
+- Tag management
+
+### OSINT
+- Background task processing
+- OSINT data collection
+- Result storage and analysis
+- Service configuration
+
+### Moderation
+- Moderation queue
+- Report approval/rejection
+- Moderation actions logging
+- Automated rules
+
+### Analytics
+- Report statistics
+- User statistics
+- OSINT statistics
+- Dashboard views
+
+### Legal
+- GDPR data requests
+- Consent management
+- Privacy policy
+- Terms of service
+
+## Security Features
+
+- Strong password requirements (12+ characters)
+- Multi-factor authentication (MFA) for admins/moderators
+- Session security (HTTP-only, Secure cookies)
+- CSRF protection
+- XSS prevention
+- SQL injection prevention
+- Activity logging
+- Security event tracking
+- Rate limiting (to be configured)
+
+## Development
+
+### Running Tests
+```bash
+python manage.py test
+```
+
+### Creating Migrations
+```bash
+python manage.py makemigrations
+python manage.py migrate
+```
+
+### Creating Superuser
+```bash
+python manage.py createsuperuser
+```
+
+## Production Deployment
+
+1. Set `DJANGO_ENV=production` in environment
+2. Set `DEBUG=False` in `.env`
+3. Configure proper `ALLOWED_HOSTS`
+4. Set up SSL certificates
+5. Configure production database
+6. Set up static file serving
+7. Configure email backend
+8. Set up monitoring and logging
+
+## License
+
+[Your License Here]
+
+## Support
+
+For issues and questions, please contact [your contact information].
+
diff --git a/SAMPLE_DATA.md b/SAMPLE_DATA.md
new file mode 100644
index 0000000..9049ffa
--- /dev/null
+++ b/SAMPLE_DATA.md
@@ -0,0 +1,142 @@
+# Sample Data Information
+
+This document contains information about the sample data created for testing the Fraud & Scam Reporting Platform.
+
+## Test Users
+
+### Administrator
+- **Username:** `admin`
+- **Password:** `admin123`
+- **Email:** admin@fraudplatform.bg
+- **Role:** Administrator
+- **Access:** Full admin access, can manage users, view analytics, moderate reports
+
+### Moderators
+- **Username:** `moderator1`
+- **Password:** `mod123`
+- **Email:** moderator1@fraudplatform.bg
+- **Role:** Moderator
+
+- **Username:** `moderator2`
+- **Password:** `mod123`
+- **Email:** moderator2@fraudplatform.bg
+- **Role:** Moderator
+
+### Normal Users
+All normal users have the password: `user123`
+
+1. **john_doe**
+   - Email: john@example.com
+   - Name: John Doe
+
+2. **jane_smith**
+   - Email: jane@example.com
+   - Name: Jane Smith
+
+3. **ivan_petrov**
+   - Email: ivan@example.com
+   - Name: Ivan Petrov
+
+4. **maria_georgieva**
+   - Email: maria@example.com
+   - Name: Maria Georgieva
+
+5. **test_user**
+   - Email: test@example.com
+   - Name: Test User
+
+## Sample Scam Reports
+
+8 sample reports have been created with various statuses:
+
+### Verified Reports (5)
+1. **Fake Bulgarian Bank Website** - Phishing scam
+2. **Romance Scam on Dating Site** - Romance scam
+3. **Fake Investment Opportunity** - Investment scam
+4. **Tech Support Scam Call** - Tech support scam
+5. **Fake Online Store** - Fake product scam
+6. **Fake Job Offer** - Other scam type
+
+### Pending Review (1)
+- **Phishing Email - Tax Refund** - Phishing scam
+
+### Under Review (1)
+- **Advance Fee Fraud - Lottery Win** - Advance fee fraud
+
+## Sample Tags
+
+8 tags have been created:
+- Phishing
+- Fake Website
+- Romance Scam
+- Investment Scam
+- Tech Support
+- Identity Theft
+- Fake Product
+- Advance Fee
+
+## OSINT Data
+
+OSINT tasks and results have been created for the first 5 verified reports, including:
+- WHOIS lookups
+- DNS lookups
+- SSL certificate checks
+- Email analysis
+
+## Moderation Data
+
+- Moderation queue entries for pending reports
+- Moderation actions for verified reports
+- Assigned moderators for some reports
+
+## Analytics Data
+
+- Report statistics for the last 7 days
+- User statistics for today
+
+## Usage
+
+To recreate sample data, run:
+```bash
+python manage.py create_sample_data
+```
+
+To clear existing data and recreate:
+```bash
+python manage.py create_sample_data --clear
+```
+
+## Testing Scenarios
+
+1. **Login as Admin:**
+   - View all reports
+   - Access analytics dashboard
+   - Manage users
+   - Moderate reports
+
+2. **Login as Moderator:**
+   - View moderation dashboard
+   - Review pending reports
+   - Approve/reject reports
+   - View OSINT results
+
+3. **Login as Normal User:**
+   - View verified reports
+   - Create new reports
+   - View own reports
+   - Edit/delete pending reports
+
+4. **Test MFA:**
+   - Enable MFA from profile
+   - Scan QR code with authenticator app
+   - Verify setup
+   - Test login with MFA
+
+## Notes
+
+- All sample users have email verification enabled
+- All users have given consent (GDPR compliance)
+- Reports have realistic Bulgarian context
+- OSINT data is simulated for demonstration purposes
+- Dates are randomized within the last 30 days
+
diff --git a/accounts/__init__.py b/accounts/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/accounts/admin.py b/accounts/admin.py
new file mode 100644
index 0000000..74311e9
--- /dev/null
+++ b/accounts/admin.py
@@ -0,0 +1,47 @@
+"""
+Admin configuration for accounts app.
+"""
+from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
+from .models import User, UserProfile, ActivityLog, FailedLoginAttempt
+
+
+@admin.register(User)
+class UserAdmin(BaseUserAdmin):
+    """Custom user admin."""
+    list_display = ('username', 'email', 'role', 'is_verified', 'is_active', 'created_at')
+    list_filter = ('role', 'is_verified', 'is_active', 'created_at')
+    fieldsets = BaseUserAdmin.fieldsets + (
+        ('Additional Info', {'fields': ('role', 'is_verified', 'mfa_enabled', 'last_login_ip')}),
+    )
+    add_fieldsets = BaseUserAdmin.add_fieldsets + (
+        ('Additional Info', {'fields': ('role', 'is_verified')}),
+    )
+
+
+@admin.register(UserProfile)
+class UserProfileAdmin(admin.ModelAdmin):
+    """User profile admin."""
+    list_display = ('user', 'first_name', 'last_name', 'consent_given', 'preferred_language')
+    list_filter = ('consent_given', 'preferred_language')
+    search_fields = ('user__username', 'user__email', 'first_name', 'last_name')
+
+
+@admin.register(ActivityLog)
+class ActivityLogAdmin(admin.ModelAdmin):
+    """Activity log admin."""
+    list_display = ('user', 'action', 'ip_address', 'timestamp')
+    list_filter = ('action', 'timestamp')
+    search_fields = ('user__username', 'ip_address')
+    readonly_fields = ('user', 'action', 'ip_address', 'user_agent', 'details', 'timestamp')
+    date_hierarchy = 'timestamp'
+
+
+@admin.register(FailedLoginAttempt)
+class FailedLoginAttemptAdmin(admin.ModelAdmin):
+    """Failed login attempt admin."""
+    list_display = ('email_or_username', 'ip_address', 'timestamp', 'is_blocked')
+    list_filter = ('is_blocked', 'timestamp')
+    search_fields = ('email_or_username', 'ip_address')
+    readonly_fields = ('email_or_username', 'ip_address', 'user_agent', 'timestamp')
+    date_hierarchy = 'timestamp'
diff --git a/accounts/apps.py b/accounts/apps.py
new file mode 100644
index 0000000..3e3c765
--- /dev/null
+++ b/accounts/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class AccountsConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'accounts'
diff --git a/accounts/form_mixins.py b/accounts/form_mixins.py
new file mode 100644
index 0000000..a7c2247
--- /dev/null
+++ b/accounts/form_mixins.py
@@ -0,0 +1,141 @@
+"""
+Form mixins for bot protection and validation.
+"""
+from django import forms
+from django.core.cache import cache
+from django.utils import timezone
+from datetime import timedelta
+import time
+
+
+class HoneypotMixin:
+    """
+    Honeypot field mixin - adds a hidden field that bots will fill but humans won't.
+    """
+    # This field should be left empty by real users
+    website = forms.CharField(
+        required=False,
+        widget=forms.HiddenInput(attrs={'tabindex': '-1', 'autocomplete': 'off'}),
+        label='',  # Empty label so screen readers skip it
+    )
+    
+    def clean_website(self):
+        """If this field is filled, it's likely a bot."""
+        website = self.cleaned_data.get('website')
+        if website:
+            raise forms.ValidationError('Bot detected. Please try again.')
+        return website
+
+
+class TimeBasedValidationMixin:
+    """
+    Time-based validation - prevents forms from being submitted too quickly (bot behavior).
+    """
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        # Add a hidden timestamp field
+        self.fields['form_timestamp'] = forms.CharField(
+            required=False,
+            widget=forms.HiddenInput(),
+            initial=str(time.time())
+        )
+    
+    def clean_form_timestamp(self):
+        """Validate that form wasn't submitted too quickly."""
+        timestamp = self.cleaned_data.get('form_timestamp')
+        if not timestamp:
+            # If timestamp is missing, it might be a bot
+            raise forms.ValidationError('Invalid form submission.')
+        
+        try:
+            submit_time = float(timestamp)
+            current_time = time.time()
+            elapsed = current_time - submit_time
+            
+            # Forms submitted in less than 2 seconds are likely bots
+            if elapsed < 2:
+                raise forms.ValidationError('Form submitted too quickly. Please take your time.')
+            
+            # Forms submitted after 1 hour are likely stale
+            if elapsed > 3600:
+                raise forms.ValidationError('Form session expired. Please refresh and try again.')
+        except (ValueError, TypeError):
+            raise forms.ValidationError('Invalid form submission.')
+        
+        return timestamp
+
+
+class RateLimitMixin:
+    """
+    Rate limiting mixin - prevents too many form submissions from the same IP/user.
+    """
+    def __init__(self, *args, **kwargs):
+        self.request = kwargs.pop('request', None)
+        super().__init__(*args, **kwargs)
+    
+    def clean(self):
+        cleaned_data = super().clean()
+        
+        if self.request:
+            # Get client IP
+            ip = self.get_client_ip(self.request)
+            
+            # Create a unique key for this form type
+            form_name = self.__class__.__name__
+            cache_key = f'form_submission_{form_name}_{ip}'
+            
+            # Check submission count
+            submissions = cache.get(cache_key, 0)
+            
+            # Limit: 10 submissions per hour per IP
+            if submissions >= 10:
+                raise forms.ValidationError(
+                    'Too many submissions. Please wait before submitting again.'
+                )
+            
+            # Increment counter
+            cache.set(cache_key, submissions + 1, 3600)  # 1 hour
+        
+        return cleaned_data
+    
+    def get_client_ip(self, request):
+        """Get client IP address."""
+        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = request.META.get('REMOTE_ADDR')
+        return ip
+
+
+class BrowserFingerprintMixin:
+    """
+    Browser fingerprint validation - ensures form is submitted from a real browser.
+    """
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.fields['user_agent_hash'] = forms.CharField(
+            required=False,
+            widget=forms.HiddenInput()
+        )
+    
+    def clean_user_agent_hash(self):
+        """Validate user agent is present and reasonable."""
+        ua_hash = self.cleaned_data.get('user_agent_hash')
+        
+        # If no user agent hash, it might be a bot
+        if not ua_hash:
+            raise forms.ValidationError('Invalid browser signature.')
+        
+        return ua_hash
+
+
+class BotProtectionMixin(HoneypotMixin, TimeBasedValidationMixin, RateLimitMixin):
+    """
+    Combined bot protection mixin that includes:
+    - Honeypot field
+    - Time-based validation
+    - Rate limiting
+    """
+    pass
+
diff --git a/accounts/forms.py b/accounts/forms.py
new file mode 100644
index 0000000..e866921
--- /dev/null
+++ b/accounts/forms.py
@@ -0,0 +1,138 @@
+"""
+Forms for accounts app.
+"""
+from django import forms
+from django.contrib.auth.forms import UserCreationForm
+from django_otp.plugins.otp_totp.models import TOTPDevice
+from django.utils import timezone
+from .models import User, UserProfile
+from .security import InputSanitizer, PasswordSecurity
+from .form_mixins import BotProtectionMixin
+
+
+class UserRegistrationForm(BotProtectionMixin, UserCreationForm):
+    """User registration form with security validation and bot protection."""
+    email = forms.EmailField(required=True)
+    consent_given = forms.BooleanField(
+        required=True,
+        label='I agree to the Privacy Policy and Terms of Service'
+    )
+    
+    class Meta:
+        model = User
+        fields = ('username', 'email', 'password1', 'password2', 'consent_given')
+    
+    def clean_username(self):
+        username = self.cleaned_data.get('username')
+        if username:
+            # Sanitize username
+            username = InputSanitizer.sanitize_html(username)
+            # Check for SQL injection patterns
+            sanitized = InputSanitizer.sanitize_sql(username)
+            if sanitized is None:
+                raise forms.ValidationError('Invalid username format.')
+        return username
+    
+    def clean_email(self):
+        email = self.cleaned_data.get('email')
+        if email:
+            # Validate email format
+            if not InputSanitizer.validate_email(email):
+                raise forms.ValidationError('Invalid email format.')
+            # Sanitize email
+            email = InputSanitizer.sanitize_html(email)
+        return email
+    
+    def clean_password1(self):
+        password = self.cleaned_data.get('password1')
+        if password:
+            is_strong, message = PasswordSecurity.check_password_strength(password)
+            if not is_strong:
+                raise forms.ValidationError(message)
+        return password
+    
+    def save(self, commit=True):
+        user = super().save(commit=False)
+        user.email = self.cleaned_data['email']
+        if commit:
+            user.save()
+            # Create profile with consent
+            profile = UserProfile.objects.create(
+                user=user,
+                consent_given=self.cleaned_data['consent_given']
+            )
+        return user
+
+
+class UserProfileForm(forms.ModelForm):
+    """User profile edit form."""
+    first_name = forms.CharField(max_length=100, required=False)
+    last_name = forms.CharField(max_length=100, required=False)
+    
+    class Meta:
+        model = UserProfile
+        fields = ('first_name', 'last_name', 'phone', 'preferred_language')
+        widgets = {
+            'phone': forms.TextInput(attrs={'placeholder': '+359...'}),
+        }
+
+
+class MFAVerifyForm(forms.Form):
+    """MFA verification form."""
+    token = forms.CharField(
+        max_length=6,
+        min_length=6,
+        widget=forms.TextInput(attrs={
+            'class': 'form-control',
+            'placeholder': '000000',
+            'autofocus': True,
+            'pattern': '[0-9]{6}',
+            'maxlength': '6'
+        }),
+        label='Verification Code',
+        help_text='Enter the 6-digit code from your authenticator app'
+    )
+    
+    def __init__(self, *args, **kwargs):
+        self.user = kwargs.pop('user', None)
+        super().__init__(*args, **kwargs)
+    
+    def verify_token(self):
+        """Verify the TOTP token."""
+        if not self.user:
+            return False
+        
+        token = self.cleaned_data.get('token')
+        if not token:
+            return False
+        
+        # Get the TOTP device (for login, use confirmed device; for setup, use unconfirmed)
+        try:
+            # Try confirmed device first (for login)
+            device = TOTPDevice.objects.get(user=self.user, name='default', confirmed=True)
+        except TOTPDevice.DoesNotExist:
+            # Try unconfirmed device (for setup)
+            try:
+                device = TOTPDevice.objects.get(user=self.user, name='default', confirmed=False)
+            except TOTPDevice.DoesNotExist:
+                return False
+        
+        return device.verify_token(token)
+
+
+class MFASetupForm(forms.Form):
+    """MFA setup form (for confirmation)."""
+    token = forms.CharField(
+        max_length=6,
+        min_length=6,
+        widget=forms.TextInput(attrs={
+            'class': 'form-control',
+            'placeholder': '000000',
+            'autofocus': True,
+            'pattern': '[0-9]{6}',
+            'maxlength': '6'
+        }),
+        label='Verification Code',
+        help_text='Enter the 6-digit code from your authenticator app to confirm setup'
+    )
+
diff --git a/accounts/management/__init__.py b/accounts/management/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/accounts/management/commands/__init__.py b/accounts/management/commands/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/accounts/management/commands/check_security.py b/accounts/management/commands/check_security.py
new file mode 100644
index 0000000..f5b76bc
--- /dev/null
+++ b/accounts/management/commands/check_security.py
@@ -0,0 +1,110 @@
+"""
+Management command to check security settings and vulnerabilities.
+"""
+from django.core.management.base import BaseCommand
+from django.conf import settings
+from django.contrib.auth import get_user_model
+from accounts.models import FailedLoginAttempt, ActivityLog
+from django.utils import timezone
+from datetime import timedelta
+
+User = get_user_model()
+
+
+class Command(BaseCommand):
+    help = 'Check security settings and report potential vulnerabilities'
+
+    def handle(self, *args, **options):
+        self.stdout.write(self.style.SUCCESS('=' * 60))
+        self.stdout.write(self.style.SUCCESS('Security Audit Report'))
+        self.stdout.write(self.style.SUCCESS('=' * 60))
+        
+        issues = []
+        warnings = []
+        
+        # Check DEBUG mode
+        if settings.DEBUG:
+            warnings.append('DEBUG mode is enabled - disable in production!')
+        else:
+            self.stdout.write(self.style.SUCCESS('✓ DEBUG mode is disabled'))
+        
+        # Check SECRET_KEY
+        if settings.SECRET_KEY == 'django-insecure-change-this-in-production':
+            issues.append('CRITICAL: Default SECRET_KEY is being used!')
+        else:
+            self.stdout.write(self.style.SUCCESS('✓ SECRET_KEY is set'))
+        
+        # Check ALLOWED_HOSTS
+        if not settings.ALLOWED_HOSTS:
+            issues.append('ALLOWED_HOSTS is empty - set in production!')
+        else:
+            self.stdout.write(self.style.SUCCESS(f'✓ ALLOWED_HOSTS: {settings.ALLOWED_HOSTS}'))
+        
+        # Check HTTPS settings
+        if not settings.DEBUG:
+            if not getattr(settings, 'SECURE_SSL_REDIRECT', False):
+                issues.append('SECURE_SSL_REDIRECT should be True in production')
+            else:
+                self.stdout.write(self.style.SUCCESS('✓ SSL redirect enabled'))
+        
+        # Check password hashers
+        if 'argon2' in settings.PASSWORD_HASHERS[0].lower():
+            self.stdout.write(self.style.SUCCESS('✓ Using Argon2 password hasher'))
+        else:
+            warnings.append('Consider using Argon2 password hasher')
+        
+        # Check session security
+        if settings.SESSION_COOKIE_HTTPONLY:
+            self.stdout.write(self.style.SUCCESS('✓ Session cookies are HTTP-only'))
+        else:
+            issues.append('SESSION_COOKIE_HTTPONLY should be True')
+        
+        if settings.SESSION_COOKIE_SECURE or settings.DEBUG:
+            self.stdout.write(self.style.SUCCESS('✓ Session cookies are secure'))
+        else:
+            issues.append('SESSION_COOKIE_SECURE should be True in production')
+        
+        # Check CSRF protection
+        if settings.CSRF_COOKIE_HTTPONLY:
+            self.stdout.write(self.style.SUCCESS('✓ CSRF cookies are HTTP-only'))
+        else:
+            issues.append('CSRF_COOKIE_HTTPONLY should be True')
+        
+        # Check failed login attempts
+        recent_failures = FailedLoginAttempt.objects.filter(
+            timestamp__gte=timezone.now() - timedelta(hours=24)
+        ).count()
+        
+        if recent_failures > 0:
+            self.stdout.write(self.style.WARNING(f'⚠ {recent_failures} failed login attempts in last 24 hours'))
+        else:
+            self.stdout.write(self.style.SUCCESS('✓ No recent failed login attempts'))
+        
+        # Check for users with weak passwords (if possible)
+        users_without_mfa = User.objects.filter(mfa_enabled=False).count()
+        total_users = User.objects.count()
+        if total_users > 0:
+            mfa_percentage = (users_without_mfa / total_users) * 100
+            if mfa_percentage > 50:
+                warnings.append(f'Only {100-mfa_percentage:.1f}% of users have MFA enabled')
+            else:
+                self.stdout.write(self.style.SUCCESS(f'✓ {100-mfa_percentage:.1f}% of users have MFA enabled'))
+        
+        # Report issues
+        if issues:
+            self.stdout.write(self.style.ERROR('\n' + '=' * 60))
+            self.stdout.write(self.style.ERROR('CRITICAL ISSUES:'))
+            for issue in issues:
+                self.stdout.write(self.style.ERROR(f'✗ {issue}'))
+        
+        if warnings:
+            self.stdout.write(self.style.WARNING('\n' + '=' * 60))
+            self.stdout.write(self.style.WARNING('WARNINGS:'))
+            for warning in warnings:
+                self.stdout.write(self.style.WARNING(f'⚠ {warning}'))
+        
+        if not issues and not warnings:
+            self.stdout.write(self.style.SUCCESS('\n✓ No security issues found!'))
+        
+        self.stdout.write(self.style.SUCCESS('\n' + '=' * 60))
+
diff --git a/accounts/management/commands/create_initial_tags.py b/accounts/management/commands/create_initial_tags.py
new file mode 100644
index 0000000..e7e373f
--- /dev/null
+++ b/accounts/management/commands/create_initial_tags.py
@@ -0,0 +1,45 @@
+"""
+Management command to create initial scam tags.
+"""
+from django.core.management.base import BaseCommand
+from reports.models import ScamTag
+
+
+class Command(BaseCommand):
+    help = 'Create initial scam tags'
+
+    def handle(self, *args, **options):
+        tags = [
+            {'name': 'Phishing', 'description': 'Phishing scams', 'color': '#dc3545'},
+            {'name': 'Fake Website', 'description': 'Fake or fraudulent websites', 'color': '#fd7e14'},
+            {'name': 'Romance Scam', 'description': 'Romance and dating scams', 'color': '#e83e8c'},
+            {'name': 'Investment Scam', 'description': 'Investment and financial scams', 'color': '#ffc107'},
+            {'name': 'Tech Support', 'description': 'Tech support scams', 'color': '#20c997'},
+            {'name': 'Identity Theft', 'description': 'Identity theft attempts', 'color': '#6f42c1'},
+            {'name': 'Fake Product', 'description': 'Fake product sales', 'color': '#17a2b8'},
+            {'name': 'Advance Fee', 'description': 'Advance fee fraud', 'color': '#343a40'},
+        ]
+        
+        created_count = 0
+        for tag_data in tags:
+            tag, created = ScamTag.objects.get_or_create(
+                name=tag_data['name'],
+                defaults={
+                    'description': tag_data['description'],
+                    'color': tag_data['color']
+                }
+            )
+            if created:
+                created_count += 1
+                self.stdout.write(
+                    self.style.SUCCESS(f'Created tag: {tag.name}')
+                )
+            else:
+                self.stdout.write(
+                    self.style.WARNING(f'Tag already exists: {tag.name}')
+                )
+        
+        self.stdout.write(
+            self.style.SUCCESS(f'\nCreated {created_count} new tags.')
+        )
+
diff --git a/accounts/management/commands/create_sample_data.py b/accounts/management/commands/create_sample_data.py
new file mode 100644
index 0000000..d5ebcd2
--- /dev/null
+++ b/accounts/management/commands/create_sample_data.py
@@ -0,0 +1,377 @@
+"""
+Management command to create sample data for testing.
+"""
+from django.core.management.base import BaseCommand
+from django.contrib.auth import get_user_model
+from accounts.models import UserProfile, ActivityLog
+from reports.models import ScamReport, ScamTag, ScamVerification
+from osint.models import OSINTTask, OSINTResult
+from moderation.models import ModerationQueue, ModerationAction
+from analytics.models import ReportStatistic, UserStatistic
+from legal.models import ConsentRecord
+from django.utils import timezone
+from datetime import timedelta
+import random
+
+User = get_user_model()
+
+
+class Command(BaseCommand):
+    help = 'Create sample data for testing'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            '--clear',
+            action='store_true',
+            help='Clear existing data before creating sample data',
+        )
+
+    def handle(self, *args, **options):
+        if options['clear']:
+            self.stdout.write(self.style.WARNING('Clearing existing data...'))
+            ScamReport.objects.all().delete()
+            User.objects.filter(is_superuser=False).delete()
+            ScamTag.objects.all().delete()
+        
+        self.stdout.write(self.style.SUCCESS('Creating sample data...'))
+        
+        # Create users
+        users = self.create_users()
+        
+        # Create tags
+        tags = self.create_tags()
+        
+        # Create reports
+        reports = self.create_reports(users, tags)
+        
+        # Create OSINT data
+        self.create_osint_data(reports, users)
+        
+        # Create moderation data
+        self.create_moderation_data(reports, users)
+        
+        # Create analytics data
+        self.create_analytics_data()
+        
+        self.stdout.write(self.style.SUCCESS('\nSample data created successfully!'))
+        self.stdout.write(self.style.SUCCESS(f'Created {len(users)} users'))
+        self.stdout.write(self.style.SUCCESS(f'Created {len(tags)} tags'))
+        self.stdout.write(self.style.SUCCESS(f'Created {len(reports)} reports'))
+
+    def create_users(self):
+        """Create sample users."""
+        users = []
+        
+        # Create admin user
+        admin, created = User.objects.get_or_create(
+            username='admin',
+            defaults={
+                'email': 'admin@fraudplatform.bg',
+                'role': 'admin',
+                'is_verified': True,
+                'is_staff': True,
+            }
+        )
+        if created:
+            admin.set_password('admin123')
+            admin.save()
+            UserProfile.objects.create(
+                user=admin,
+                first_name='Admin',
+                last_name='User',
+                consent_given=True,
+                consent_date=timezone.now()
+            )
+            self.stdout.write(self.style.SUCCESS(f'Created admin user: {admin.username}'))
+        users.append(admin)
+        
+        # Create moderator users
+        for i in range(2):
+            mod, created = User.objects.get_or_create(
+                username=f'moderator{i+1}',
+                defaults={
+                    'email': f'moderator{i+1}@fraudplatform.bg',
+                    'role': 'moderator',
+                    'is_verified': True,
+                }
+            )
+            if created:
+                mod.set_password('mod123')
+                mod.save()
+                UserProfile.objects.create(
+                    user=mod,
+                    first_name=f'Moderator{i+1}',
+                    last_name='User',
+                    consent_given=True,
+                    consent_date=timezone.now()
+                )
+                self.stdout.write(self.style.SUCCESS(f'Created moderator: {mod.username}'))
+            users.append(mod)
+        
+        # Create normal users
+        user_data = [
+            ('john_doe', 'john@example.com', 'John', 'Doe'),
+            ('jane_smith', 'jane@example.com', 'Jane', 'Smith'),
+            ('ivan_petrov', 'ivan@example.com', 'Ivan', 'Petrov'),
+            ('maria_georgieva', 'maria@example.com', 'Maria', 'Georgieva'),
+            ('test_user', 'test@example.com', 'Test', 'User'),
+        ]
+        
+        for username, email, first_name, last_name in user_data:
+            user, created = User.objects.get_or_create(
+                username=username,
+                defaults={
+                    'email': email,
+                    'role': 'normal',
+                    'is_verified': True,
+                }
+            )
+            if created:
+                user.set_password('user123')
+                user.save()
+                UserProfile.objects.create(
+                    user=user,
+                    first_name=first_name,
+                    last_name=last_name,
+                    consent_given=True,
+                    consent_date=timezone.now()
+                )
+                self.stdout.write(self.style.SUCCESS(f'Created user: {user.username}'))
+            users.append(user)
+        
+        return users
+
+    def create_tags(self):
+        """Create sample tags."""
+        tag_data = [
+            ('Phishing', 'Phishing scams', '#dc3545'),
+            ('Fake Website', 'Fake or fraudulent websites', '#fd7e14'),
+            ('Romance Scam', 'Romance and dating scams', '#e83e8c'),
+            ('Investment Scam', 'Investment and financial scams', '#ffc107'),
+            ('Tech Support', 'Tech support scams', '#20c997'),
+            ('Identity Theft', 'Identity theft attempts', '#6f42c1'),
+            ('Fake Product', 'Fake product sales', '#17a2b8'),
+            ('Advance Fee', 'Advance fee fraud', '#343a40'),
+        ]
+        
+        tags = []
+        for name, description, color in tag_data:
+            tag, created = ScamTag.objects.get_or_create(
+                name=name,
+                defaults={
+                    'description': description,
+                    'color': color
+                }
+            )
+            if created:
+                self.stdout.write(self.style.SUCCESS(f'Created tag: {tag.name}'))
+            tags.append(tag)
+        
+        return tags
+
+    def create_reports(self, users, tags):
+        """Create sample scam reports."""
+        normal_users = [u for u in users if u.role == 'normal']
+        if not normal_users:
+            return []
+        
+        report_data = [
+            {
+                'title': 'Fake Bulgarian Bank Website',
+                'description': 'I received an email claiming to be from my bank asking me to verify my account. The website looked identical to the real bank website but the URL was slightly different. When I entered my credentials, I realized it was a phishing attempt.',
+                'scam_type': 'phishing',
+                'reported_url': 'https://fake-bank-bg.com',
+                'reported_email': 'support@fake-bank-bg.com',
+                'status': 'verified',
+                'verification_score': 95,
+            },
+            {
+                'title': 'Romance Scam on Dating Site',
+                'description': 'Someone contacted me on a dating site and after weeks of chatting, asked me to send money for an emergency. I later found out this was a common romance scam pattern.',
+                'scam_type': 'romance_scam',
+                'reported_email': 'scammer@example.com',
+                'reported_phone': '+359888123456',
+                'status': 'verified',
+                'verification_score': 88,
+            },
+            {
+                'title': 'Fake Investment Opportunity',
+                'description': 'Received a call about a "guaranteed" investment opportunity with high returns. They asked for an upfront fee and promised unrealistic returns. This is clearly a scam.',
+                'scam_type': 'investment_scam',
+                'reported_phone': '+359888654321',
+                'reported_company': 'Fake Investment Group',
+                'status': 'verified',
+                'verification_score': 92,
+            },
+            {
+                'title': 'Tech Support Scam Call',
+                'description': 'Received a call from someone claiming to be from Microsoft tech support. They said my computer was infected and asked me to install remote access software. This is a known tech support scam.',
+                'scam_type': 'tech_support_scam',
+                'reported_phone': '+359888999888',
+                'status': 'verified',
+                'verification_score': 90,
+            },
+            {
+                'title': 'Fake Online Store',
+                'description': 'Ordered a product from an online store that looked legitimate. After payment, I never received the product and the website disappeared. The products were fake listings.',
+                'scam_type': 'fake_product',
+                'reported_url': 'https://fake-store-bg.com',
+                'reported_email': 'orders@fake-store-bg.com',
+                'status': 'verified',
+                'verification_score': 85,
+            },
+            {
+                'title': 'Phishing Email - Tax Refund',
+                'description': 'Received an email claiming I was eligible for a tax refund. The email asked me to click a link and provide personal information. This is a phishing attempt.',
+                'scam_type': 'phishing',
+                'reported_email': 'tax-refund@scam.com',
+                'status': 'pending',
+                'verification_score': 0,
+            },
+            {
+                'title': 'Advance Fee Fraud - Lottery Win',
+                'description': 'Received an email claiming I won a lottery I never entered. They asked for payment of "processing fees" to claim the prize. This is advance fee fraud.',
+                'scam_type': 'advance_fee',
+                'reported_email': 'lottery@scam.com',
+                'status': 'under_review',
+                'verification_score': 75,
+            },
+            {
+                'title': 'Fake Job Offer',
+                'description': 'Received a job offer via email that seemed too good to be true. They asked for personal documents and bank account information before any interview. This is a scam.',
+                'scam_type': 'other',
+                'reported_email': 'hr@fake-company.com',
+                'reported_url': 'https://fake-jobs-bg.com',
+                'status': 'verified',
+                'verification_score': 87,
+            },
+        ]
+        
+        reports = []
+        for i, data in enumerate(report_data):
+            reporter = random.choice(normal_users)
+            created_at = timezone.now() - timedelta(days=random.randint(1, 30))
+            
+            report = ScamReport.objects.create(
+                reporter=reporter,
+                title=data['title'],
+                description=data['description'],
+                scam_type=data['scam_type'],
+                reported_url=data.get('reported_url', ''),
+                reported_email=data.get('reported_email', ''),
+                reported_phone=data.get('reported_phone', ''),
+                reported_company=data.get('reported_company', ''),
+                status=data['status'],
+                verification_score=data['verification_score'],
+                is_public=True if data['status'] == 'verified' else False,
+                is_anonymous=random.choice([True, False]),
+                created_at=created_at,
+            )
+            
+            # Add random tags
+            report.tags.set(random.sample(tags, random.randint(1, 3)))
+            
+            if data['status'] == 'verified':
+                report.verified_at = created_at + timedelta(hours=random.randint(1, 48))
+                report.save()
+            
+            reports.append(report)
+            self.stdout.write(self.style.SUCCESS(f'Created report: {report.title}'))
+        
+        return reports
+
+    def create_osint_data(self, reports, users):
+        """Create sample OSINT data."""
+        moderators = [u for u in users if u.role in ['moderator', 'admin']]
+        if not moderators or not reports:
+            return
+        
+        for report in reports[:5]:  # Add OSINT data to first 5 reports
+            # Create OSINT tasks
+            task_types = ['whois_lookup', 'dns_lookup', 'ssl_check', 'email_analysis']
+            for task_type in random.sample(task_types, 2):
+                OSINTTask.objects.create(
+                    report=report,
+                    task_type=task_type,
+                    status='completed',
+                    parameters={'target': report.reported_url or report.reported_email or report.reported_phone},
+                    result={'status': 'success', 'data': 'Sample OSINT data'},
+                    started_at=report.created_at + timedelta(minutes=5),
+                    completed_at=report.created_at + timedelta(minutes=10),
+                )
+            
+            # Create OSINT results
+            OSINTResult.objects.create(
+                report=report,
+                source='WHOIS Lookup',
+                data_type='whois',
+                raw_data={'domain': report.reported_url, 'registrar': 'Fake Registrar'},
+                processed_data={'risk_level': 'high', 'domain_age': '30 days'},
+                confidence_level=85,
+                is_verified=True,
+            )
+            
+            self.stdout.write(self.style.SUCCESS(f'Created OSINT data for: {report.title}'))
+
+    def create_moderation_data(self, reports, users):
+        """Create sample moderation data."""
+        moderators = [u for u in users if u.role in ['moderator', 'admin']]
+        if not moderators or not reports:
+            return
+        
+        # Add pending reports to moderation queue
+        pending_reports = [r for r in reports if r.status == 'pending']
+        for report in pending_reports:
+            ModerationQueue.objects.create(
+                report=report,
+                priority=random.choice(['low', 'normal', 'high']),
+                assigned_to=random.choice(moderators) if random.choice([True, False]) else None,
+            )
+        
+        # Create moderation actions for verified reports
+        verified_reports = [r for r in reports if r.status == 'verified']
+        for report in verified_reports:
+            moderator = random.choice(moderators)
+            ModerationAction.objects.create(
+                report=report,
+                moderator=moderator,
+                action_type='approve',
+                previous_status='pending',
+                new_status='verified',
+                reason='Verified through OSINT and manual review',
+                created_at=report.verified_at or report.created_at + timedelta(hours=1),
+            )
+        
+        self.stdout.write(self.style.SUCCESS(f'Created moderation data for {len(reports)} reports'))
+
+    def create_analytics_data(self):
+        """Create sample analytics data."""
+        today = timezone.now().date()
+        
+        # Create report statistics for last 7 days
+        for i in range(7):
+            date = today - timedelta(days=i)
+            ReportStatistic.objects.get_or_create(
+                date=date,
+                defaults={
+                    'total_reports': ScamReport.objects.filter(created_at__date=date).count(),
+                    'pending_reports': ScamReport.objects.filter(status='pending', created_at__date=date).count(),
+                    'verified_reports': ScamReport.objects.filter(status='verified', created_at__date=date).count(),
+                    'rejected_reports': ScamReport.objects.filter(status='rejected', created_at__date=date).count(),
+                }
+            )
+        
+        # Create user statistics
+        UserStatistic.objects.get_or_create(
+            date=today,
+            defaults={
+                'total_users': User.objects.count(),
+                'new_users': User.objects.filter(created_at__date=today).count(),
+                'active_users': User.objects.filter(last_login__date=today).count(),
+                'moderators': User.objects.filter(role__in=['moderator', 'admin']).count(),
+                'admins': User.objects.filter(role='admin').count(),
+            }
+        )
+        
+        self.stdout.write(self.style.SUCCESS('Created analytics data'))
+
diff --git a/accounts/management/commands/create_test_users.py b/accounts/management/commands/create_test_users.py
new file mode 100644
index 0000000..77580ed
--- /dev/null
+++ b/accounts/management/commands/create_test_users.py
@@ -0,0 +1,120 @@
+"""
+Management command to create test users for dashboard testing.
+"""
+from django.core.management.base import BaseCommand
+from django.contrib.auth import get_user_model
+from accounts.models import UserProfile
+from django.utils import timezone
+
+User = get_user_model()
+
+
+class Command(BaseCommand):
+    help = 'Create test users (normal, moderator, admin) for dashboard testing'
+
+    def handle(self, *args, **options):
+        self.stdout.write(self.style.SUCCESS('Creating test users...'))
+        
+        # Create/Update Normal User
+        normal_user, created = User.objects.get_or_create(
+            username='normal_user',
+            defaults={
+                'email': 'normal@test.bg',
+                'role': 'normal',
+                'is_verified': True,
+            }
+        )
+        normal_user.set_password('normal123')
+        normal_user.role = 'normal'
+        normal_user.is_verified = True
+        normal_user.save()
+        
+        if not hasattr(normal_user, 'profile'):
+            UserProfile.objects.create(
+                user=normal_user,
+                first_name='Normal',
+                last_name='User',
+                consent_given=True,
+                consent_date=timezone.now()
+            )
+        
+        self.stdout.write(self.style.SUCCESS(
+            f'{"Created" if created else "Updated"} normal user: {normal_user.username} (password: normal123)'
+        ))
+        
+        # Create/Update Moderator User
+        moderator_user, created = User.objects.get_or_create(
+            username='moderator',
+            defaults={
+                'email': 'moderator@test.bg',
+                'role': 'moderator',
+                'is_verified': True,
+            }
+        )
+        moderator_user.set_password('moderator123')
+        moderator_user.role = 'moderator'
+        moderator_user.is_verified = True
+        moderator_user.save()
+        
+        if not hasattr(moderator_user, 'profile'):
+            UserProfile.objects.create(
+                user=moderator_user,
+                first_name='Moderator',
+                last_name='User',
+                consent_given=True,
+                consent_date=timezone.now()
+            )
+        
+        self.stdout.write(self.style.SUCCESS(
+            f'{"Created" if created else "Updated"} moderator user: {moderator_user.username} (password: moderator123)'
+        ))
+        
+        # Create/Update Admin User
+        admin_user, created = User.objects.get_or_create(
+            username='admin',
+            defaults={
+                'email': 'admin@test.bg',
+                'role': 'admin',
+                'is_verified': True,
+                'is_staff': True,
+                'is_superuser': True,
+            }
+        )
+        admin_user.set_password('admin123')
+        admin_user.role = 'admin'
+        admin_user.is_verified = True
+        admin_user.is_staff = True
+        admin_user.is_superuser = True
+        admin_user.save()
+        
+        if not hasattr(admin_user, 'profile'):
+            UserProfile.objects.create(
+                user=admin_user,
+                first_name='Admin',
+                last_name='User',
+                consent_given=True,
+                consent_date=timezone.now()
+            )
+        
+        self.stdout.write(self.style.SUCCESS(
+            f'{"Created" if created else "Updated"} admin user: {admin_user.username} (password: admin123)'
+        ))
+        
+        self.stdout.write(self.style.SUCCESS('\n' + '='*60))
+        self.stdout.write(self.style.SUCCESS('Test Users Created Successfully!'))
+        self.stdout.write(self.style.SUCCESS('='*60))
+        self.stdout.write(self.style.SUCCESS('\nLogin Credentials:'))
+        self.stdout.write(self.style.SUCCESS('\n1. Normal User:'))
+        self.stdout.write(self.style.SUCCESS('   Username: normal_user'))
+        self.stdout.write(self.style.SUCCESS('   Password: normal123'))
+        self.stdout.write(self.style.SUCCESS('   Dashboard: /reports/my-reports/'))
+        self.stdout.write(self.style.SUCCESS('\n2. Moderator:'))
+        self.stdout.write(self.style.SUCCESS('   Username: moderator'))
+        self.stdout.write(self.style.SUCCESS('   Password: moderator123'))
+        self.stdout.write(self.style.SUCCESS('   Dashboard: /moderation/dashboard/'))
+        self.stdout.write(self.style.SUCCESS('\n3. Administrator:'))
+        self.stdout.write(self.style.SUCCESS('   Username: admin'))
+        self.stdout.write(self.style.SUCCESS('   Password: admin123'))
+        self.stdout.write(self.style.SUCCESS('   Dashboard: /analytics/dashboard/'))
+        self.stdout.write(self.style.SUCCESS('\n' + '='*60))
+
diff --git a/accounts/middleware.py b/accounts/middleware.py
new file mode 100644
index 0000000..5d0e8c8
--- /dev/null
+++ b/accounts/middleware.py
@@ -0,0 +1,279 @@
+"""
+Security middleware for enhanced protection.
+"""
+import time
+from django.core.cache import cache
+from django.http import HttpResponseForbidden, JsonResponse
+from django.utils.deprecation import MiddlewareMixin
+from django.contrib.auth import logout
+from django.contrib import messages
+from accounts.models import FailedLoginAttempt, ActivityLog
+from django.utils import timezone
+from datetime import timedelta, datetime
+
+
+class RateLimitMiddleware(MiddlewareMixin):
+    """
+    Rate limiting middleware to prevent brute force attacks.
+    """
+    def process_request(self, request):
+        # Skip rate limiting for static files and admin
+        if request.path.startswith('/static/') or request.path.startswith('/media/'):
+            return None
+        
+        # Get client IP
+        ip = self.get_client_ip(request)
+        
+        # Rate limit login attempts
+        if request.path == '/accounts/login/' and request.method == 'POST':
+            cache_key = f'login_attempts_{ip}'
+            attempts = cache.get(cache_key, 0)
+            
+            if attempts >= 5:  # Max 5 attempts per 15 minutes
+                # Log failed attempt
+                FailedLoginAttempt.objects.create(
+                    email_or_username=request.POST.get('username', ''),
+                    ip_address=ip,
+                    user_agent=request.META.get('HTTP_USER_AGENT', ''),
+                    is_blocked=True
+                )
+                return JsonResponse({
+                    'error': 'Too many login attempts. Please try again in 15 minutes.'
+                }, status=429)
+            
+            # Increment attempts
+            cache.set(cache_key, attempts + 1, 900)  # 15 minutes
+        
+        # Rate limit registration
+        if request.path == '/accounts/register/' and request.method == 'POST':
+            cache_key = f'register_attempts_{ip}'
+            attempts = cache.get(cache_key, 0)
+            
+            if attempts >= 3:  # Max 3 registrations per hour
+                return JsonResponse({
+                    'error': 'Too many registration attempts. Please try again later.'
+                }, status=429)
+            
+            cache.set(cache_key, attempts + 1, 3600)  # 1 hour
+        
+        # Rate limit report creation
+        if request.path.startswith('/reports/create/') and request.method == 'POST':
+            if request.user.is_authenticated:
+                cache_key = f'report_creation_{request.user.id}'
+                attempts = cache.get(cache_key, 0)
+                
+                if attempts >= 10:  # Max 10 reports per hour
+                    return JsonResponse({
+                        'error': 'Too many reports created. Please try again later.'
+                    }, status=429)
+                
+                cache.set(cache_key, attempts + 1, 3600)  # 1 hour
+        
+        return None
+    
+    def get_client_ip(self, request):
+        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = request.META.get('REMOTE_ADDR')
+        return ip
+
+
+class SecurityHeadersMiddleware(MiddlewareMixin):
+    """
+    Add security headers to all responses.
+    """
+    def process_response(self, request, response):
+        # Content Security Policy
+        csp = (
+            "default-src 'self'; "
+            "script-src 'self' 'unsafe-inline' https://fonts.googleapis.com; "
+            "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; "
+            "font-src 'self' https://fonts.gstatic.com; "
+            "img-src 'self' data: https:; "
+            "connect-src 'self'; "
+            "frame-ancestors 'none'; "
+            "base-uri 'self'; "
+            "form-action 'self';"
+        )
+        response['Content-Security-Policy'] = csp
+        
+        # X-Content-Type-Options
+        response['X-Content-Type-Options'] = 'nosniff'
+        
+        # X-Frame-Options
+        response['X-Frame-Options'] = 'DENY'
+        
+        # Referrer Policy
+        response['Referrer-Policy'] = 'strict-origin-when-cross-origin'
+        
+        # Permissions Policy
+        response['Permissions-Policy'] = (
+            'geolocation=(), microphone=(), camera=(), '
+            'payment=(), usb=(), magnetometer=(), gyroscope=()'
+        )
+        
+        # X-XSS-Protection (legacy but still useful)
+        response['X-XSS-Protection'] = '1; mode=block'
+        
+        # Remove server header
+        if 'Server' in response:
+            del response['Server']
+        
+        return response
+
+
+class IPWhitelistMiddleware(MiddlewareMixin):
+    """
+    IP whitelist/blacklist middleware (optional, for admin access).
+    """
+    def process_request(self, request):
+        # Only apply to admin area
+        if not request.path.startswith('/admin/'):
+            return None
+        
+        ip = self.get_client_ip(request)
+        
+        # Get blacklisted IPs from cache or database
+        blacklisted = cache.get(f'blacklisted_ip_{ip}', False)
+        
+        if blacklisted:
+            return HttpResponseForbidden('Access denied.')
+        
+        return None
+    
+    def get_client_ip(self, request):
+        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = request.META.get('REMOTE_ADDR')
+        return ip
+
+
+class SecurityLoggingMiddleware(MiddlewareMixin):
+    """
+    Log security-related events.
+    """
+    def process_response(self, request, response):
+        # Log suspicious activities
+        if response.status_code == 403:
+            self.log_security_event(request, 'FORBIDDEN_ACCESS', {
+                'path': request.path,
+                'method': request.method,
+                'status': 403
+            })
+        
+        if response.status_code == 429:
+            self.log_security_event(request, 'RATE_LIMIT_EXCEEDED', {
+                'path': request.path,
+                'method': request.method,
+            })
+        
+        # Log failed login attempts
+        if request.path == '/accounts/login/' and request.method == 'POST':
+            if response.status_code != 200 or (hasattr(response, 'content') and b'error' in response.content):
+                self.log_security_event(request, 'FAILED_LOGIN', {
+                    'username': request.POST.get('username', ''),
+                })
+        
+        return response
+    
+    def log_security_event(self, request, event_type, details):
+        """Log security event to ActivityLog."""
+        try:
+            ip = self.get_client_ip(request)
+            # Convert non-JSON-serializable objects to strings
+            serializable_details = self.make_json_serializable({
+                'event_type': event_type,
+                **details
+            })
+            ActivityLog.objects.create(
+                user=request.user if hasattr(request, 'user') and request.user.is_authenticated else None,
+                action='security_event',
+                ip_address=ip,
+                user_agent=request.META.get('HTTP_USER_AGENT', ''),
+                details=serializable_details
+            )
+        except Exception:
+            pass  # Don't break the request if logging fails
+    
+    def make_json_serializable(self, obj):
+        """Convert non-JSON-serializable objects to strings."""
+        import json
+        from datetime import datetime, date
+        from decimal import Decimal
+        
+        if isinstance(obj, dict):
+            return {k: self.make_json_serializable(v) for k, v in obj.items()}
+        elif isinstance(obj, (list, tuple)):
+            return [self.make_json_serializable(item) for item in obj]
+        elif isinstance(obj, (datetime, date)):
+            return obj.isoformat()
+        elif isinstance(obj, Decimal):
+            return float(obj)
+        elif hasattr(obj, '__dict__'):
+            return str(obj)
+        else:
+            try:
+                json.dumps(obj)  # Test if it's JSON serializable
+                return obj
+            except (TypeError, ValueError):
+                return str(obj)
+    
+    def get_client_ip(self, request):
+        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = request.META.get('REMOTE_ADDR')
+        return ip
+
+
+class SessionSecurityMiddleware(MiddlewareMixin):
+    """
+    Enhanced session security.
+    """
+    def process_request(self, request):
+        # Check if user attribute exists (AuthenticationMiddleware must run first)
+        if hasattr(request, 'user') and request.user.is_authenticated:
+            # Check for session hijacking
+            current_ip = self.get_client_ip(request)
+            session_ip = request.session.get('ip_address')
+            
+            if session_ip and session_ip != current_ip:
+                # IP changed - potential session hijacking
+                logout(request)
+                messages.error(request, 'Security alert: Session terminated due to IP change.')
+                return None
+            
+            # Store IP in session
+            request.session['ip_address'] = current_ip
+            
+            # Check session age
+            session_age = request.session.get('created_at')
+            if session_age:
+                # Convert string back to datetime if needed
+                if isinstance(session_age, str):
+                    from django.utils.dateparse import parse_datetime
+                    session_age = parse_datetime(session_age)
+                if isinstance(session_age, datetime):
+                    age = timezone.now() - session_age
+                    if age > timedelta(hours=24):  # Max 24 hours
+                        logout(request)
+                        messages.info(request, 'Your session has expired. Please log in again.')
+                        return None
+            else:
+                request.session['created_at'] = timezone.now().isoformat()
+        
+        return None
+    
+    def get_client_ip(self, request):
+        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = request.META.get('REMOTE_ADDR')
+        return ip
+
diff --git a/accounts/migrations/0001_initial.py b/accounts/migrations/0001_initial.py
new file mode 100644
index 0000000..726ea4d
--- /dev/null
+++ b/accounts/migrations/0001_initial.py
@@ -0,0 +1,114 @@
+# Generated by Django 5.2.8 on 2025-11-26 13:41
+
+import django.contrib.auth.models
+import django.contrib.auth.validators
+import django.core.validators
+import django.db.models.deletion
+import django.utils.timezone
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0012_alter_user_first_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('username', models.CharField(error_messages={'unique': 'A user with that username already exists.'}, help_text='Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.', max_length=150, unique=True, validators=[django.contrib.auth.validators.UnicodeUsernameValidator()], verbose_name='username')),
+                ('first_name', models.CharField(blank=True, max_length=150, verbose_name='first name')),
+                ('last_name', models.CharField(blank=True, max_length=150, verbose_name='last name')),
+                ('email', models.EmailField(blank=True, max_length=254, verbose_name='email address')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('is_active', models.BooleanField(default=True, help_text='Designates whether this user should be treated as active. Unselect this instead of deleting accounts.', verbose_name='active')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('role', models.CharField(choices=[('normal', 'Normal User'), ('moderator', 'Moderator'), ('admin', 'Administrator')], default='normal', help_text='User role in the system', max_length=20)),
+                ('is_verified', models.BooleanField(default=False, help_text='Email verification status')),
+                ('mfa_enabled', models.BooleanField(default=False, help_text='Multi-factor authentication enabled')),
+                ('mfa_secret', models.CharField(blank=True, help_text='MFA secret key', max_length=32, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('last_login_ip', models.GenericIPAddressField(blank=True, null=True)),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.group', verbose_name='groups')),
+                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.permission', verbose_name='user permissions')),
+            ],
+            options={
+                'verbose_name': 'User',
+                'verbose_name_plural': 'Users',
+                'db_table': 'users_user',
+                'ordering': ['-created_at'],
+            },
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+        migrations.CreateModel(
+            name='FailedLoginAttempt',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('email_or_username', models.CharField(max_length=255)),
+                ('ip_address', models.GenericIPAddressField()),
+                ('user_agent', models.TextField(blank=True)),
+                ('timestamp', models.DateTimeField(auto_now_add=True)),
+                ('is_blocked', models.BooleanField(default=False)),
+            ],
+            options={
+                'verbose_name': 'Failed Login Attempt',
+                'verbose_name_plural': 'Failed Login Attempts',
+                'db_table': 'security_failedlogin',
+                'ordering': ['-timestamp'],
+                'indexes': [models.Index(fields=['email_or_username', 'timestamp'], name='security_fa_email_o_e830a6_idx'), models.Index(fields=['ip_address', 'timestamp'], name='security_fa_ip_addr_d5cb75_idx')],
+            },
+        ),
+        migrations.CreateModel(
+            name='UserProfile',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('first_name', models.CharField(blank=True, max_length=100)),
+                ('last_name', models.CharField(blank=True, max_length=100)),
+                ('phone', models.CharField(blank=True, help_text='Encrypted phone number', max_length=17, null=True, validators=[django.core.validators.RegexValidator(message="Phone number must be entered in the format: '+999999999'. Up to 15 digits allowed.", regex='^\\+?1?\\d{9,15}$')])),
+                ('date_of_birth', models.DateField(blank=True, null=True)),
+                ('consent_given', models.BooleanField(default=False)),
+                ('consent_date', models.DateTimeField(blank=True, null=True)),
+                ('consent_ip', models.GenericIPAddressField(blank=True, null=True)),
+                ('preferred_language', models.CharField(choices=[('bg', 'Bulgarian'), ('en', 'English')], default='bg', max_length=10)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('user', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='profile', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'User Profile',
+                'verbose_name_plural': 'User Profiles',
+                'db_table': 'users_userprofile',
+            },
+        ),
+        migrations.CreateModel(
+            name='ActivityLog',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('action', models.CharField(choices=[('login', 'Login'), ('logout', 'Logout'), ('register', 'Registration'), ('password_change', 'Password Change'), ('profile_update', 'Profile Update'), ('report_create', 'Report Created'), ('report_edit', 'Report Edited'), ('report_delete', 'Report Deleted')], max_length=50)),
+                ('ip_address', models.GenericIPAddressField(blank=True, null=True)),
+                ('user_agent', models.TextField(blank=True)),
+                ('details', models.JSONField(blank=True, default=dict)),
+                ('timestamp', models.DateTimeField(auto_now_add=True)),
+                ('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='activity_logs', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'Activity Log',
+                'verbose_name_plural': 'Activity Logs',
+                'db_table': 'users_activitylog',
+                'ordering': ['-timestamp'],
+                'indexes': [models.Index(fields=['user', 'timestamp'], name='users_activ_user_id_049bc2_idx'), models.Index(fields=['action', 'timestamp'], name='users_activ_action_cdfe71_idx')],
+            },
+        ),
+    ]
diff --git a/accounts/migrations/0002_alter_activitylog_action.py b/accounts/migrations/0002_alter_activitylog_action.py
new file mode 100644
index 0000000..03e782c
--- /dev/null
+++ b/accounts/migrations/0002_alter_activitylog_action.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.2.8 on 2025-11-26 14:40
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='activitylog',
+            name='action',
+            field=models.CharField(choices=[('login', 'Login'), ('logout', 'Logout'), ('register', 'Registration'), ('password_change', 'Password Change'), ('profile_update', 'Profile Update'), ('report_create', 'Report Created'), ('report_edit', 'Report Edited'), ('report_delete', 'Report Deleted'), ('security_event', 'Security Event'), ('failed_login', 'Failed Login'), ('suspicious_activity', 'Suspicious Activity')], max_length=50),
+        ),
+    ]
diff --git a/accounts/migrations/__init__.py b/accounts/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/accounts/models.py b/accounts/models.py
new file mode 100644
index 0000000..04a04a0
--- /dev/null
+++ b/accounts/models.py
@@ -0,0 +1,175 @@
+"""
+User management models for the fraud reporting platform.
+"""
+from django.contrib.auth.models import AbstractUser
+from django.db import models
+from django.utils import timezone
+from django.core.validators import RegexValidator
+
+
+class User(AbstractUser):
+    """
+    Custom user model with role-based access control.
+    """
+    ROLE_CHOICES = [
+        ('normal', 'Normal User'),
+        ('moderator', 'Moderator'),
+        ('admin', 'Administrator'),
+    ]
+    
+    role = models.CharField(
+        max_length=20,
+        choices=ROLE_CHOICES,
+        default='normal',
+        help_text='User role in the system'
+    )
+    is_verified = models.BooleanField(
+        default=False,
+        help_text='Email verification status'
+    )
+    mfa_enabled = models.BooleanField(
+        default=False,
+        help_text='Multi-factor authentication enabled'
+    )
+    mfa_secret = models.CharField(
+        max_length=32,
+        blank=True,
+        null=True,
+        help_text='MFA secret key'
+    )
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    last_login_ip = models.GenericIPAddressField(null=True, blank=True)
+    
+    class Meta:
+        db_table = 'users_user'
+        verbose_name = 'User'
+        verbose_name_plural = 'Users'
+        ordering = ['-created_at']
+    
+    def __str__(self):
+        return f"{self.username} ({self.role})"
+    
+    def is_moderator(self):
+        return self.role in ['moderator', 'admin']
+    
+    def is_administrator(self):
+        return self.role == 'admin'
+
+
+class UserProfile(models.Model):
+    """
+    Extended user profile information.
+    """
+    user = models.OneToOneField(
+        User,
+        on_delete=models.CASCADE,
+        related_name='profile'
+    )
+    first_name = models.CharField(max_length=100, blank=True)
+    last_name = models.CharField(max_length=100, blank=True)
+    
+    phone_regex = RegexValidator(
+        regex=r'^\+?1?\d{9,15}$',
+        message="Phone number must be entered in the format: '+999999999'. Up to 15 digits allowed."
+    )
+    phone = models.CharField(
+        validators=[phone_regex],
+        max_length=17,
+        blank=True,
+        null=True,
+        help_text='Encrypted phone number'
+    )
+    date_of_birth = models.DateField(null=True, blank=True)
+    
+    # GDPR Consent
+    consent_given = models.BooleanField(default=False)
+    consent_date = models.DateTimeField(null=True, blank=True)
+    consent_ip = models.GenericIPAddressField(null=True, blank=True)
+    
+    # Preferences
+    preferred_language = models.CharField(
+        max_length=10,
+        default='bg',
+        choices=[('bg', 'Bulgarian'), ('en', 'English')]
+    )
+    
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'users_userprofile'
+        verbose_name = 'User Profile'
+        verbose_name_plural = 'User Profiles'
+    
+    def __str__(self):
+        return f"Profile of {self.user.username}"
+
+
+class ActivityLog(models.Model):
+    """
+    Log user activities for security and auditing.
+    """
+    ACTION_CHOICES = [
+        ('login', 'Login'),
+        ('logout', 'Logout'),
+        ('register', 'Registration'),
+        ('password_change', 'Password Change'),
+        ('profile_update', 'Profile Update'),
+        ('report_create', 'Report Created'),
+        ('report_edit', 'Report Edited'),
+        ('report_delete', 'Report Deleted'),
+        ('security_event', 'Security Event'),
+        ('failed_login', 'Failed Login'),
+        ('suspicious_activity', 'Suspicious Activity'),
+    ]
+    
+    user = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='activity_logs'
+    )
+    action = models.CharField(max_length=50, choices=ACTION_CHOICES)
+    ip_address = models.GenericIPAddressField(null=True, blank=True)
+    user_agent = models.TextField(blank=True)
+    details = models.JSONField(default=dict, blank=True)
+    timestamp = models.DateTimeField(auto_now_add=True)
+    
+    class Meta:
+        db_table = 'users_activitylog'
+        verbose_name = 'Activity Log'
+        verbose_name_plural = 'Activity Logs'
+        ordering = ['-timestamp']
+        indexes = [
+            models.Index(fields=['user', 'timestamp']),
+            models.Index(fields=['action', 'timestamp']),
+        ]
+    
+    def __str__(self):
+        return f"{self.user} - {self.action} at {self.timestamp}"
+
+
+class FailedLoginAttempt(models.Model):
+    """
+    Track failed login attempts for security.
+    """
+    email_or_username = models.CharField(max_length=255)
+    ip_address = models.GenericIPAddressField()
+    user_agent = models.TextField(blank=True)
+    timestamp = models.DateTimeField(auto_now_add=True)
+    is_blocked = models.BooleanField(default=False)
+    
+    class Meta:
+        db_table = 'security_failedlogin'
+        verbose_name = 'Failed Login Attempt'
+        verbose_name_plural = 'Failed Login Attempts'
+        ordering = ['-timestamp']
+        indexes = [
+            models.Index(fields=['email_or_username', 'timestamp']),
+            models.Index(fields=['ip_address', 'timestamp']),
+        ]
+    
+    def __str__(self):
+        return f"Failed login: {self.email_or_username} from {self.ip_address}"
diff --git a/accounts/security.py b/accounts/security.py
new file mode 100644
index 0000000..d666c0d
--- /dev/null
+++ b/accounts/security.py
@@ -0,0 +1,134 @@
+"""
+Security utilities for encryption and data protection.
+"""
+from cryptography.fernet import Fernet
+from django.conf import settings
+import base64
+import hashlib
+import os
+
+
+class DataEncryption:
+    """
+    Encrypt/decrypt sensitive data.
+    """
+    @staticmethod
+    def get_encryption_key():
+        """Get or generate encryption key."""
+        key = getattr(settings, 'ENCRYPTION_KEY', None)
+        if not key:
+            # Generate a key (in production, this should be in environment)
+            key = Fernet.generate_key()
+        elif isinstance(key, str):
+            key = key.encode()
+        return key
+    
+    @staticmethod
+    def encrypt(data):
+        """Encrypt sensitive data."""
+        if not data:
+            return data
+        try:
+            key = DataEncryption.get_encryption_key()
+            f = Fernet(key)
+            encrypted = f.encrypt(data.encode() if isinstance(data, str) else data)
+            return base64.urlsafe_b64encode(encrypted).decode()
+        except Exception:
+            return data  # Return original if encryption fails
+    
+    @staticmethod
+    def decrypt(encrypted_data):
+        """Decrypt sensitive data."""
+        if not encrypted_data:
+            return encrypted_data
+        try:
+            key = DataEncryption.get_encryption_key()
+            f = Fernet(key)
+            decoded = base64.urlsafe_b64decode(encrypted_data.encode())
+            decrypted = f.decrypt(decoded)
+            return decrypted.decode()
+        except Exception:
+            return encrypted_data  # Return original if decryption fails
+
+
+class InputSanitizer:
+    """
+    Sanitize user input to prevent XSS and injection attacks.
+    """
+    @staticmethod
+    def sanitize_html(text):
+        """Remove potentially dangerous HTML."""
+        if not text:
+            return text
+        
+        import html
+        # Escape HTML entities
+        text = html.escape(text)
+        return text
+    
+    @staticmethod
+    def sanitize_sql(text):
+        """Basic SQL injection prevention (Django ORM handles this, but extra check)."""
+        if not text:
+            return text
+        
+        # Remove SQL keywords
+        dangerous = ['DROP', 'DELETE', 'INSERT', 'UPDATE', 'SELECT', 'UNION', '--', ';']
+        text_upper = text.upper()
+        for keyword in dangerous:
+            if keyword in text_upper:
+                # Log potential SQL injection attempt
+                return None
+        return text
+    
+    @staticmethod
+    def validate_email(email):
+        """Validate email format."""
+        import re
+        pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
+        return bool(re.match(pattern, email))
+    
+    @staticmethod
+    def validate_url(url):
+        """Validate URL format."""
+        import re
+        pattern = r'^https?://[^\s/$.?#].[^\s]*$'
+        return bool(re.match(pattern, url))
+
+
+class PasswordSecurity:
+    """
+    Enhanced password security utilities.
+    """
+    @staticmethod
+    def check_password_strength(password):
+        """Check password strength."""
+        if len(password) < 12:
+            return False, "Password must be at least 12 characters long"
+        
+        if not any(c.isupper() for c in password):
+            return False, "Password must contain at least one uppercase letter"
+        
+        if not any(c.islower() for c in password):
+            return False, "Password must contain at least one lowercase letter"
+        
+        if not any(c.isdigit() for c in password):
+            return False, "Password must contain at least one number"
+        
+        if not any(c in "!@#$%^&*()_+-=[]{}|;:,.<>?" for c in password):
+            return False, "Password must contain at least one special character"
+        
+        # Check for common patterns
+        common_patterns = ['123456', 'password', 'qwerty', 'abc123']
+        password_lower = password.lower()
+        for pattern in common_patterns:
+            if pattern in password_lower:
+                return False, "Password contains common patterns"
+        
+        return True, "Password is strong"
+    
+    @staticmethod
+    def hash_sensitive_data(data):
+        """Hash sensitive data for storage."""
+        return hashlib.sha256(data.encode()).hexdigest()
+
diff --git a/accounts/tests.py b/accounts/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/accounts/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/accounts/urls.py b/accounts/urls.py
new file mode 100644
index 0000000..df3f1a7
--- /dev/null
+++ b/accounts/urls.py
@@ -0,0 +1,33 @@
+"""
+URL configuration for accounts app.
+"""
+from django.urls import path
+from django.contrib.auth import views as auth_views
+from . import views
+
+app_name = 'accounts'
+
+urlpatterns = [
+    # Authentication
+    path('login/', views.LoginView.as_view(), name='login'),
+    path('logout/', views.LogoutView.as_view(), name='logout'),
+    path('register/', views.RegisterView.as_view(), name='register'),
+    
+    # MFA
+    path('mfa/verify/', views.MFAVerifyView.as_view(), name='mfa_verify'),
+    path('mfa/setup/', views.MFASetupView.as_view(), name='mfa_setup'),
+    path('mfa/enable/', views.MFAEnableView.as_view(), name='mfa_enable'),
+    path('mfa/disable/', views.MFADisableView.as_view(), name='mfa_disable'),
+    
+    # Profile
+    path('profile/', views.ProfileView.as_view(), name='profile'),
+    path('profile/edit/', views.ProfileEditView.as_view(), name='profile_edit'),
+    
+    # Password management
+    path('password/change/', views.PasswordChangeView.as_view(), name='password_change'),
+    path('password/reset/', views.PasswordResetView.as_view(), name='password_reset'),
+    path('password/reset/done/', views.PasswordResetDoneView.as_view(), name='password_reset_done'),
+    path('password/reset/confirm/<uidb64>/<token>/', views.PasswordResetConfirmView.as_view(), name='password_reset_confirm'),
+    path('password/reset/complete/', auth_views.PasswordResetCompleteView.as_view(), name='password_reset_complete'),
+]
+
diff --git a/accounts/views.py b/accounts/views.py
new file mode 100644
index 0000000..175685e
--- /dev/null
+++ b/accounts/views.py
@@ -0,0 +1,433 @@
+"""
+Views for accounts app.
+"""
+from django.shortcuts import render, redirect, get_object_or_404
+from django.contrib.auth import login, logout
+from django.contrib.auth.views import LoginView, PasswordChangeView, PasswordResetView, PasswordResetConfirmView, PasswordResetDoneView
+from django.views.generic import CreateView, UpdateView, DetailView, TemplateView, FormView, View
+from django.urls import reverse_lazy
+from django.contrib.messages.views import SuccessMessageMixin
+from django.contrib.messages import success, error
+from django.contrib.auth.decorators import login_required
+from django.utils.decorators import method_decorator
+from django_otp import devices_for_user
+from django_otp.plugins.otp_totp.models import TOTPDevice
+from django_otp.decorators import otp_required
+from django.views.decorators.csrf import csrf_exempt
+from django.http import JsonResponse
+import qrcode
+import qrcode.image.svg
+from io import BytesIO
+import base64
+from .models import User, UserProfile, ActivityLog, FailedLoginAttempt
+from .forms import UserRegistrationForm, UserProfileForm, MFAVerifyForm, MFASetupForm
+from .security import InputSanitizer, PasswordSecurity
+from django.core.cache import cache
+from django.utils import timezone
+from datetime import timedelta
+
+
+class RegisterView(SuccessMessageMixin, CreateView):
+    """User registration view with security checks."""
+    model = User
+    form_class = UserRegistrationForm
+    template_name = 'accounts/register.html'
+    success_url = reverse_lazy('accounts:profile')
+    success_message = "Registration successful! Please verify your email."
+    
+    def get_form_kwargs(self):
+        """Pass request to form for rate limiting."""
+        kwargs = super().get_form_kwargs()
+        kwargs['request'] = self.request
+        return kwargs
+    
+    def form_valid(self, form):
+        # Sanitize input
+        if form.cleaned_data.get('email'):
+            form.cleaned_data['email'] = InputSanitizer.sanitize_html(form.cleaned_data['email'])
+        
+        # Check password strength
+        password = form.cleaned_data.get('password1')
+        is_strong, message = PasswordSecurity.check_password_strength(password)
+        if not is_strong:
+            form.add_error('password1', message)
+            return self.form_invalid(form)
+        
+        response = super().form_valid(form)
+        login(self.request, self.object)
+        
+        # Log activity
+        ActivityLog.objects.create(
+            user=self.object,
+            action='register',
+            ip_address=self.get_client_ip(),
+            user_agent=self.request.META.get('HTTP_USER_AGENT', '')
+        )
+        return response
+    
+    def get_client_ip(self):
+        x_forwarded_for = self.request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = self.request.META.get('REMOTE_ADDR')
+        return ip
+
+
+def csrf_failure(request, reason=""):
+    """Custom CSRF failure view."""
+    from django.contrib import messages
+    messages.error(request, 'Security error: Invalid request. Please try again.')
+    return redirect('accounts:login')
+
+
+class LoginView(SuccessMessageMixin, LoginView):
+    """Custom login view with MFA support and security checks."""
+    template_name = 'accounts/login.html'
+    redirect_authenticated_user = True
+    success_message = "Welcome back!"
+    
+    def form_valid(self, form):
+        # Check for account lockout
+        username = form.cleaned_data.get('username')
+        ip = self.get_client_ip()
+        
+        # Check if IP is blocked
+        if self.is_ip_blocked(ip):
+            error(self.request, 'Too many failed login attempts. Please try again later.')
+            return redirect('accounts:login')
+        
+        # Check if user account is locked
+        try:
+            user = User.objects.get(username=username)
+            if self.is_account_locked(user):
+                error(self.request, 'Account temporarily locked due to too many failed attempts.')
+                return redirect('accounts:login')
+        except User.DoesNotExist:
+            pass  # Don't reveal if user exists
+        
+        # Authenticate user first
+        response = super().form_valid(form)
+        user = self.request.user
+        
+        # Clear failed login attempts on successful login
+        FailedLoginAttempt.objects.filter(
+            email_or_username=username,
+            ip_address=ip
+        ).delete()
+        cache.delete(f'login_attempts_{ip}')
+        
+        # Check if MFA is enabled
+        if user.mfa_enabled:
+            # Store user ID in session for MFA verification
+            self.request.session['mfa_user_id'] = user.id
+            # Don't log them in yet - redirect to MFA verification
+            logout(self.request)
+            return redirect('accounts:mfa_verify')
+        
+        # Log activity for non-MFA users
+        ActivityLog.objects.create(
+            user=user,
+            action='login',
+            ip_address=ip,
+            user_agent=self.request.META.get('HTTP_USER_AGENT', '')
+        )
+        return response
+    
+    def form_invalid(self, form):
+        # Log failed login attempt
+        username = form.data.get('username', '')
+        ip = self.get_client_ip()
+        
+        FailedLoginAttempt.objects.create(
+            email_or_username=username,
+            ip_address=ip,
+            user_agent=self.request.META.get('HTTP_USER_AGENT', '')
+        )
+        
+        # Check if should block IP
+        failed_attempts = FailedLoginAttempt.objects.filter(
+            ip_address=ip,
+            timestamp__gte=timezone.now() - timedelta(minutes=15)
+        ).count()
+        
+        if failed_attempts >= 10:
+            cache.set(f'blocked_ip_{ip}', True, 3600)  # Block for 1 hour
+        
+        return super().form_invalid(form)
+    
+    def is_ip_blocked(self, ip):
+        """Check if IP is blocked."""
+        return cache.get(f'blocked_ip_{ip}', False)
+    
+    def is_account_locked(self, user):
+        """Check if user account is locked."""
+        failed_attempts = FailedLoginAttempt.objects.filter(
+            email_or_username=user.username,
+            timestamp__gte=timezone.now() - timedelta(minutes=30)
+        ).count()
+        return failed_attempts >= 5
+    
+    def get_client_ip(self):
+        x_forwarded_for = self.request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = self.request.META.get('REMOTE_ADDR')
+        return ip
+
+
+class LogoutView(View):
+    """Custom logout view that accepts GET requests."""
+    
+    def get(self, request, *args, **kwargs):
+        if request.user.is_authenticated:
+            # Log activity
+            ActivityLog.objects.create(
+                user=request.user,
+                action='logout',
+                ip_address=self.get_client_ip(request),
+                user_agent=request.META.get('HTTP_USER_AGENT', '')
+            )
+        logout(request)
+        success(request, "You have been logged out successfully.")
+        return redirect('reports:home')
+    
+    def post(self, request, *args, **kwargs):
+        return self.get(request, *args, **kwargs)
+    
+    def get_client_ip(self, request):
+        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = request.META.get('REMOTE_ADDR')
+        return ip
+
+
+class ProfileView(DetailView):
+    """User profile view."""
+    model = User
+    template_name = 'accounts/profile.html'
+    context_object_name = 'user_obj'
+    
+    def get_object(self):
+        return self.request.user
+
+
+class ProfileEditView(SuccessMessageMixin, UpdateView):
+    """Edit user profile."""
+    model = UserProfile
+    form_class = UserProfileForm
+    template_name = 'accounts/profile_edit.html'
+    success_url = reverse_lazy('accounts:profile')
+    success_message = "Profile updated successfully!"
+    
+    def get_object(self):
+        profile, created = UserProfile.objects.get_or_create(user=self.request.user)
+        return profile
+    
+    def form_valid(self, form):
+        response = super().form_valid(form)
+        # Log activity
+        ActivityLog.objects.create(
+            user=self.request.user,
+            action='profile_update',
+            ip_address=self.get_client_ip(),
+            user_agent=self.request.META.get('HTTP_USER_AGENT', '')
+        )
+        return response
+    
+    def get_client_ip(self):
+        x_forwarded_for = self.request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = self.request.META.get('REMOTE_ADDR')
+        return ip
+
+
+class PasswordChangeView(SuccessMessageMixin, PasswordChangeView):
+    """Change password view."""
+    template_name = 'accounts/password_change.html'
+    success_url = reverse_lazy('accounts:profile')
+    success_message = "Password changed successfully!"
+
+
+class PasswordResetView(SuccessMessageMixin, PasswordResetView):
+    """Password reset view."""
+    template_name = 'accounts/password_reset.html'
+    email_template_name = 'accounts/password_reset_email.html'
+    subject_template_name = 'accounts/password_reset_email_subject.txt'
+    success_url = reverse_lazy('accounts:password_reset_done')
+    success_message = "Password reset email sent!"
+    
+    def form_valid(self, form):
+        """Override to use SiteSettings for from_email."""
+        try:
+            from reports.models import SiteSettings
+            site_settings = SiteSettings.get_settings()
+            self.from_email = site_settings.default_from_email
+        except:
+            pass  # Fallback to default
+        return super().form_valid(form)
+    
+    def get_email_context_data(self, **kwargs):
+        """Override to ensure site_name is set for email template."""
+        context = super().get_email_context_data(**kwargs)
+        # Ensure site_name is set (Django uses sites framework, but provide fallback)
+        if 'site_name' not in context or not context['site_name']:
+            context['site_name'] = 'Портал за Докладване на Измами'
+        return context
+
+
+class PasswordResetDoneView(TemplateView):
+    """Password reset done view - shows confirmation that email was sent."""
+    template_name = 'accounts/password_reset_done.html'
+
+
+class PasswordResetConfirmView(SuccessMessageMixin, PasswordResetConfirmView):
+    """Password reset confirmation view."""
+    template_name = 'accounts/password_reset_confirm.html'
+    success_url = reverse_lazy('accounts:password_reset_complete')
+    success_message = "Password reset successful!"
+
+
+class MFAVerifyView(FormView):
+    """MFA verification view after login."""
+    template_name = 'accounts/mfa_verify.html'
+    form_class = MFAVerifyForm
+    
+    def dispatch(self, request, *args, **kwargs):
+        # Check if user ID is in session
+        if 'mfa_user_id' not in request.session:
+            error(request, 'Please log in first.')
+            return redirect('accounts:login')
+        return super().dispatch(request, *args, **kwargs)
+    
+    def get_form_kwargs(self):
+        kwargs = super().get_form_kwargs()
+        user_id = self.request.session.get('mfa_user_id')
+        if user_id:
+            kwargs['user'] = get_object_or_404(User, id=user_id)
+        return kwargs
+    
+    def form_valid(self, form):
+        user_id = self.request.session.get('mfa_user_id')
+        user = get_object_or_404(User, id=user_id)
+        
+        # Verify the token
+        if form.verify_token():
+            # Login the user
+            login(self.request, user)
+            # Clear the session
+            del self.request.session['mfa_user_id']
+            # Log activity
+            ActivityLog.objects.create(
+                user=user,
+                action='login',
+                ip_address=self.get_client_ip(),
+                user_agent=self.request.META.get('HTTP_USER_AGENT', '')
+            )
+            success(self.request, 'Login successful!')
+            return redirect('accounts:profile')
+        else:
+            error(self.request, 'Invalid verification code. Please try again.')
+            return self.form_invalid(form)
+    
+    def get_client_ip(self):
+        x_forwarded_for = self.request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = self.request.META.get('REMOTE_ADDR')
+        return ip
+
+
+@method_decorator(login_required, name='dispatch')
+class MFASetupView(TemplateView):
+    """MFA setup view."""
+    template_name = 'accounts/mfa_setup.html'
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        user = self.request.user
+        
+        # Delete any existing unconfirmed devices
+        TOTPDevice.objects.filter(user=user, confirmed=False).delete()
+        
+        # Create new TOTP device
+        device = TOTPDevice.objects.create(
+            user=user,
+            name='default',
+            confirmed=False
+        )
+        
+        # Generate QR code
+        config_url = device.config_url
+        qr = qrcode.QRCode(version=1, box_size=10, border=5)
+        qr.add_data(config_url)
+        qr.make(fit=True)
+        
+        img = qr.make_image(fill_color="black", back_color="white")
+        buffer = BytesIO()
+        img.save(buffer, format='PNG')
+        img_str = base64.b64encode(buffer.getvalue()).decode()
+        context['qr_code'] = f'data:image/png;base64,{img_str}'
+        context['secret_key'] = device.key
+        context['device'] = device
+        context['mfa_enabled'] = user.mfa_enabled
+        return context
+
+
+@method_decorator(login_required, name='dispatch')
+class MFAEnableView(FormView):
+    """Enable MFA after verification."""
+    template_name = 'accounts/mfa_enable.html'
+    form_class = MFAVerifyForm
+    
+    def get_form_kwargs(self):
+        kwargs = super().get_form_kwargs()
+        kwargs['user'] = self.request.user
+        return kwargs
+    
+    def form_valid(self, form):
+        user = self.request.user
+        
+        # Verify the token
+        if form.verify_token():
+            # Enable MFA
+            user.mfa_enabled = True
+            user.save()
+            
+            # Confirm the device
+            device = TOTPDevice.objects.get(user=user, name='default')
+            device.confirmed = True
+            device.save()
+            
+            success(self.request, 'MFA has been enabled successfully!')
+            return redirect('accounts:profile')
+        else:
+            error(self.request, 'Invalid verification code. Please try again.')
+            return self.form_invalid(form)
+
+
+@method_decorator(login_required, name='dispatch')
+class MFADisableView(TemplateView):
+    """Disable MFA."""
+    template_name = 'accounts/mfa_disable.html'
+    
+    def post(self, request, *args, **kwargs):
+        user = request.user
+        user.mfa_enabled = False
+        user.mfa_secret = ''
+        user.save()
+        
+        # Delete TOTP devices
+        TOTPDevice.objects.filter(user=user).delete()
+        
+        success(request, 'MFA has been disabled.')
+        return redirect('accounts:profile')
+    
+    def get(self, request, *args, **kwargs):
+        return super().get(request, *args, **kwargs)
diff --git a/analytics/__init__.py b/analytics/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/analytics/admin.py b/analytics/admin.py
new file mode 100644
index 0000000..f115653
--- /dev/null
+++ b/analytics/admin.py
@@ -0,0 +1,32 @@
+"""
+Admin configuration for analytics app.
+"""
+from django.contrib import admin
+from .models import ReportStatistic, UserStatistic, OSINTStatistic
+
+
+@admin.register(ReportStatistic)
+class ReportStatisticAdmin(admin.ModelAdmin):
+    """Report statistic admin."""
+    list_display = ('date', 'total_reports', 'verified_reports', 'pending_reports')
+    list_filter = ('date',)
+    date_hierarchy = 'date'
+    readonly_fields = ('created_at', 'updated_at')
+
+
+@admin.register(UserStatistic)
+class UserStatisticAdmin(admin.ModelAdmin):
+    """User statistic admin."""
+    list_display = ('date', 'total_users', 'new_users', 'active_users')
+    list_filter = ('date',)
+    date_hierarchy = 'date'
+    readonly_fields = ('created_at', 'updated_at')
+
+
+@admin.register(OSINTStatistic)
+class OSINTStatisticAdmin(admin.ModelAdmin):
+    """OSINT statistic admin."""
+    list_display = ('date', 'total_tasks', 'completed_tasks', 'average_confidence')
+    list_filter = ('date',)
+    date_hierarchy = 'date'
+    readonly_fields = ('created_at', 'updated_at')
diff --git a/analytics/apps.py b/analytics/apps.py
new file mode 100644
index 0000000..258d4dd
--- /dev/null
+++ b/analytics/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class AnalyticsConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'analytics'
diff --git a/analytics/migrations/0001_initial.py b/analytics/migrations/0001_initial.py
new file mode 100644
index 0000000..9b939ec
--- /dev/null
+++ b/analytics/migrations/0001_initial.py
@@ -0,0 +1,82 @@
+# Generated by Django 5.2.8 on 2025-11-26 13:41
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='OSINTStatistic',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('date', models.DateField(unique=True)),
+                ('total_tasks', models.IntegerField(default=0)),
+                ('completed_tasks', models.IntegerField(default=0)),
+                ('failed_tasks', models.IntegerField(default=0)),
+                ('average_confidence', models.FloatField(default=0.0, help_text='Average confidence score')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'OSINT Statistic',
+                'verbose_name_plural': 'OSINT Statistics',
+                'db_table': 'analytics_osintstatistic',
+                'ordering': ['-date'],
+            },
+        ),
+        migrations.CreateModel(
+            name='UserStatistic',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('date', models.DateField(unique=True)),
+                ('total_users', models.IntegerField(default=0)),
+                ('new_users', models.IntegerField(default=0)),
+                ('active_users', models.IntegerField(default=0, help_text='Users who logged in')),
+                ('moderators', models.IntegerField(default=0)),
+                ('admins', models.IntegerField(default=0)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'User Statistic',
+                'verbose_name_plural': 'User Statistics',
+                'db_table': 'analytics_userstatistic',
+                'ordering': ['-date'],
+            },
+        ),
+        migrations.CreateModel(
+            name='ReportStatistic',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('date', models.DateField(unique=True)),
+                ('total_reports', models.IntegerField(default=0)),
+                ('pending_reports', models.IntegerField(default=0)),
+                ('verified_reports', models.IntegerField(default=0)),
+                ('rejected_reports', models.IntegerField(default=0)),
+                ('phishing_count', models.IntegerField(default=0)),
+                ('fake_website_count', models.IntegerField(default=0)),
+                ('romance_scam_count', models.IntegerField(default=0)),
+                ('investment_scam_count', models.IntegerField(default=0)),
+                ('tech_support_scam_count', models.IntegerField(default=0)),
+                ('identity_theft_count', models.IntegerField(default=0)),
+                ('fake_product_count', models.IntegerField(default=0)),
+                ('advance_fee_count', models.IntegerField(default=0)),
+                ('other_count', models.IntegerField(default=0)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'Report Statistic',
+                'verbose_name_plural': 'Report Statistics',
+                'db_table': 'analytics_reportstatistic',
+                'ordering': ['-date'],
+                'indexes': [models.Index(fields=['date'], name='analytics_r_date_0bacbd_idx')],
+            },
+        ),
+    ]
diff --git a/analytics/migrations/__init__.py b/analytics/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/analytics/models.py b/analytics/models.py
new file mode 100644
index 0000000..12225a3
--- /dev/null
+++ b/analytics/models.py
@@ -0,0 +1,98 @@
+"""
+Analytics and statistics models.
+"""
+from django.db import models
+from django.contrib.auth import get_user_model
+from reports.models import ScamReport
+
+User = get_user_model()
+
+
+class ReportStatistic(models.Model):
+    """
+    Aggregated statistics for reports.
+    """
+    date = models.DateField(unique=True)
+    total_reports = models.IntegerField(default=0)
+    pending_reports = models.IntegerField(default=0)
+    verified_reports = models.IntegerField(default=0)
+    rejected_reports = models.IntegerField(default=0)
+    
+    # By scam type
+    phishing_count = models.IntegerField(default=0)
+    fake_website_count = models.IntegerField(default=0)
+    romance_scam_count = models.IntegerField(default=0)
+    investment_scam_count = models.IntegerField(default=0)
+    tech_support_scam_count = models.IntegerField(default=0)
+    identity_theft_count = models.IntegerField(default=0)
+    fake_product_count = models.IntegerField(default=0)
+    advance_fee_count = models.IntegerField(default=0)
+    other_count = models.IntegerField(default=0)
+    
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'analytics_reportstatistic'
+        verbose_name = 'Report Statistic'
+        verbose_name_plural = 'Report Statistics'
+        ordering = ['-date']
+        indexes = [
+            models.Index(fields=['date']),
+        ]
+    
+    def __str__(self):
+        return f"Statistics for {self.date}"
+
+
+class UserStatistic(models.Model):
+    """
+    User activity statistics.
+    """
+    date = models.DateField(unique=True)
+    total_users = models.IntegerField(default=0)
+    new_users = models.IntegerField(default=0)
+    active_users = models.IntegerField(
+        default=0,
+        help_text='Users who logged in'
+    )
+    moderators = models.IntegerField(default=0)
+    admins = models.IntegerField(default=0)
+    
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'analytics_userstatistic'
+        verbose_name = 'User Statistic'
+        verbose_name_plural = 'User Statistics'
+        ordering = ['-date']
+    
+    def __str__(self):
+        return f"User Statistics for {self.date}"
+
+
+class OSINTStatistic(models.Model):
+    """
+    OSINT task and result statistics.
+    """
+    date = models.DateField(unique=True)
+    total_tasks = models.IntegerField(default=0)
+    completed_tasks = models.IntegerField(default=0)
+    failed_tasks = models.IntegerField(default=0)
+    average_confidence = models.FloatField(
+        default=0.0,
+        help_text='Average confidence score'
+    )
+    
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'analytics_osintstatistic'
+        verbose_name = 'OSINT Statistic'
+        verbose_name_plural = 'OSINT Statistics'
+        ordering = ['-date']
+    
+    def __str__(self):
+        return f"OSINT Statistics for {self.date}"
diff --git a/analytics/tests.py b/analytics/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/analytics/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/analytics/urls.py b/analytics/urls.py
new file mode 100644
index 0000000..1780c1f
--- /dev/null
+++ b/analytics/urls.py
@@ -0,0 +1,14 @@
+"""
+URL configuration for analytics app.
+"""
+from django.urls import path
+from . import views
+
+app_name = 'analytics'
+
+urlpatterns = [
+    path('', views.AnalyticsDashboardView.as_view(), name='dashboard'),
+    path('reports/', views.ReportAnalyticsView.as_view(), name='reports'),
+    path('users/', views.UserAnalyticsView.as_view(), name='users'),
+]
+
diff --git a/analytics/views.py b/analytics/views.py
new file mode 100644
index 0000000..0738052
--- /dev/null
+++ b/analytics/views.py
@@ -0,0 +1,174 @@
+"""
+Views for analytics app.
+"""
+from django.views.generic import TemplateView
+from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
+from django.db.models import Count, Q, Avg, Max, Min
+from django.utils import timezone
+from django.utils.safestring import mark_safe
+import json
+from datetime import timedelta
+from reports.models import ScamReport
+from accounts.models import User, ActivityLog
+from osint.models import OSINTTask
+from moderation.models import ModerationAction
+
+
+class AdminRequiredMixin(UserPassesTestMixin):
+    """Mixin to require admin role."""
+    def test_func(self):
+        return self.request.user.is_authenticated and self.request.user.is_administrator()
+
+
+class AnalyticsDashboardView(LoginRequiredMixin, AdminRequiredMixin, TemplateView):
+    """Analytics dashboard."""
+    template_name = 'analytics/dashboard.html'
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        
+        # Report statistics
+        context['total_reports'] = ScamReport.objects.count()
+        context['pending_reports'] = ScamReport.objects.filter(status='pending').count()
+        context['verified_reports'] = ScamReport.objects.filter(status='verified').count()
+        context['rejected_reports'] = ScamReport.objects.filter(status='rejected').count()
+        
+        # Scam type breakdown with display names and percentages
+        scam_types_data = ScamReport.objects.values('scam_type').annotate(
+            count=Count('id')
+        ).order_by('-count')
+        
+        scam_types_list = []
+        total_reports = context.get('total_reports', 0)
+        for item in scam_types_data:
+            scam_type_key = item['scam_type']
+            display_name = dict(ScamReport.SCAM_TYPE_CHOICES).get(scam_type_key, scam_type_key)
+            percentage = (item['count'] / total_reports * 100) if total_reports > 0 else 0
+            scam_types_list.append({
+                'scam_type': scam_type_key,
+                'display_name': display_name,
+                'count': item['count'],
+                'percentage': round(percentage, 1)
+            })
+        context['scam_types'] = scam_types_list
+        
+        # User statistics
+        context['total_users'] = User.objects.count()
+        context['moderators'] = User.objects.filter(role__in=['moderator', 'admin']).count()
+        
+        # OSINT statistics
+        context['osint_tasks'] = OSINTTask.objects.count()
+        context['completed_tasks'] = OSINTTask.objects.filter(status='completed').count()
+        
+        return context
+
+
+class ReportAnalyticsView(LoginRequiredMixin, AdminRequiredMixin, TemplateView):
+    """Report analytics."""
+    template_name = 'analytics/reports.html'
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        
+        # Overall statistics
+        context['total_reports'] = ScamReport.objects.count()
+        context['pending_reports'] = ScamReport.objects.filter(status='pending').count()
+        context['verified_reports'] = ScamReport.objects.filter(status='verified').count()
+        context['rejected_reports'] = ScamReport.objects.filter(status='rejected').count()
+        context['under_review_reports'] = ScamReport.objects.filter(status='under_review').count()
+        
+        # Scam type distribution
+        scam_types_data = ScamReport.objects.values('scam_type').annotate(
+            count=Count('id')
+        ).order_by('-count')
+        
+        scam_types_list = []
+        for item in scam_types_data:
+            scam_type_key = item['scam_type']
+            display_name = dict(ScamReport.SCAM_TYPE_CHOICES).get(scam_type_key, scam_type_key)
+            percentage = (item['count'] / context['total_reports'] * 100) if context['total_reports'] > 0 else 0
+            scam_types_list.append({
+                'scam_type': scam_type_key,
+                'display_name': display_name,
+                'count': item['count'],
+                'percentage': round(percentage, 1)
+            })
+        context['scam_types'] = scam_types_list
+        
+        # Time-based statistics
+        now = timezone.now()
+        last_7_days = now - timedelta(days=7)
+        last_30_days = now - timedelta(days=30)
+        last_90_days = now - timedelta(days=90)
+        
+        context['reports_last_7_days'] = ScamReport.objects.filter(created_at__gte=last_7_days).count()
+        context['reports_last_30_days'] = ScamReport.objects.filter(created_at__gte=last_30_days).count()
+        context['reports_last_90_days'] = ScamReport.objects.filter(created_at__gte=last_90_days).count()
+        
+        # Daily reports for the last 30 days
+        daily_reports = []
+        for i in range(29, -1, -1):  # From 29 days ago to today
+            date = now - timedelta(days=i)
+            count = ScamReport.objects.filter(
+                created_at__date=date.date()
+            ).count()
+            daily_reports.append({
+                'date': date.date().isoformat(),
+                'count': count
+            })
+        context['daily_reports'] = mark_safe(json.dumps(daily_reports))
+        
+        # Average moderation time
+        verified_reports = ScamReport.objects.filter(
+            status='verified',
+            verified_at__isnull=False
+        )
+        if verified_reports.exists():
+            moderation_times = []
+            for report in verified_reports:
+                if report.created_at and report.verified_at:
+                    time_diff = report.verified_at - report.created_at
+                    moderation_times.append(time_diff.total_seconds() / 3600)  # Convert to hours
+            
+            if moderation_times:
+                context['avg_moderation_time_hours'] = round(sum(moderation_times) / len(moderation_times), 2)
+                context['min_moderation_time_hours'] = round(min(moderation_times), 2)
+                context['max_moderation_time_hours'] = round(max(moderation_times), 2)
+        
+        # Top reporters
+        top_reporters = ScamReport.objects.values(
+            'reporter__username',
+            'reporter__email'
+        ).annotate(
+            report_count=Count('id')
+        ).order_by('-report_count')[:10]
+        context['top_reporters'] = top_reporters
+        
+        # Moderation statistics
+        context['total_moderations'] = ModerationAction.objects.count()
+        context['approvals'] = ModerationAction.objects.filter(action_type='approve').count()
+        context['rejections'] = ModerationAction.objects.filter(action_type='reject').count()
+        
+        # Reports by status over time
+        status_over_time = []
+        for i in range(6, -1, -1):  # From 6 days ago to today
+            date = now - timedelta(days=i)
+            status_over_time.append({
+                'date': date.date().isoformat(),
+                'pending': ScamReport.objects.filter(status='pending', created_at__date=date.date()).count(),
+                'verified': ScamReport.objects.filter(status='verified', created_at__date=date.date()).count(),
+                'rejected': ScamReport.objects.filter(status='rejected', created_at__date=date.date()).count(),
+            })
+        context['status_over_time'] = mark_safe(json.dumps(status_over_time))
+        
+        return context
+
+
+class UserAnalyticsView(LoginRequiredMixin, AdminRequiredMixin, TemplateView):
+    """User analytics."""
+    template_name = 'analytics/users.html'
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        # Add detailed user analytics
+        return context
diff --git a/fraud_platform/__init__.py b/fraud_platform/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/fraud_platform/asgi.py b/fraud_platform/asgi.py
new file mode 100644
index 0000000..6e2c077
--- /dev/null
+++ b/fraud_platform/asgi.py
@@ -0,0 +1,16 @@
+"""
+ASGI config for fraud_platform project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.2/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'fraud_platform.settings')
+
+application = get_asgi_application()
diff --git a/fraud_platform/context_processors.py b/fraud_platform/context_processors.py
new file mode 100644
index 0000000..48d88be
--- /dev/null
+++ b/fraud_platform/context_processors.py
@@ -0,0 +1,71 @@
+"""
+Context processors for SEO and site-wide data.
+"""
+from django.conf import settings
+from reports.models import SiteSettings
+
+
+def seo_context(request):
+    """
+    Provides SEO-related context variables for all templates.
+    """
+    site_url = request.build_absolute_uri('/').rstrip('/')
+    
+    # Get site settings
+    site_settings = SiteSettings.get_settings()
+    
+    # Default SEO values
+    default_seo = {
+        'site_name': 'Портал за Докладване на Измами',
+        'site_description': 'Портал за докладване на измами. Защита на гражданите от онлайн измами.',
+        'site_keywords': 'измами, киберпрестъпления, докладване измами, защита потребители, България, официален портал, анти-измами, сигурност онлайн',
+        'site_author': 'Официален Портал - Република България',
+        'site_language': 'bg',
+        'site_url': site_url,
+        'site_image': f'{site_url}/static/images/logo.svg',
+        'twitter_site': '@fraudplatformbg',
+        'twitter_creator': '@fraudplatformbg',
+    }
+    
+    # Get page-specific SEO from view context if available
+    page_seo = {
+        'page_title': getattr(request, 'seo_title', None),
+        'page_description': getattr(request, 'seo_description', None),
+        'page_keywords': getattr(request, 'seo_keywords', None),
+        'page_image': getattr(request, 'seo_image', None),
+        'page_type': getattr(request, 'seo_type', 'website'),
+        'canonical_url': getattr(request, 'canonical_url', request.build_absolute_uri()),
+    }
+    
+    # Merge defaults with page-specific
+    seo = {**default_seo, **{k: v for k, v in page_seo.items() if v}}
+    
+    # Build full title
+    if seo.get('page_title'):
+        seo['full_title'] = f"{seo['page_title']} | {seo['site_name']}"
+    else:
+        seo['full_title'] = seo['site_name']
+    
+    # Use page image or default
+    seo['og_image'] = seo.get('page_image') or seo['site_image']
+    
+    return {
+        'seo': seo,
+        'site_settings': site_settings,
+    }
+
+
+def email_settings(request):
+    """
+    Provides email settings context (for use in settings if needed).
+    """
+    from reports.models import SiteSettings
+    site_settings = SiteSettings.get_settings()
+    
+    return {
+        'email_settings': {
+            'default_from_email': site_settings.default_from_email,
+            'contact_email': site_settings.contact_email,
+        }
+    }
+
diff --git a/fraud_platform/settings/__init__.py b/fraud_platform/settings/__init__.py
new file mode 100644
index 0000000..dfda800
--- /dev/null
+++ b/fraud_platform/settings/__init__.py
@@ -0,0 +1,9 @@
+import os
+from .base import *
+
+# Import environment-specific settings
+if os.environ.get('DJANGO_ENV') == 'production':
+    from .production import *
+else:
+    from .development import *
+
diff --git a/fraud_platform/settings/base.py b/fraud_platform/settings/base.py
new file mode 100644
index 0000000..f7c1c55
--- /dev/null
+++ b/fraud_platform/settings/base.py
@@ -0,0 +1,241 @@
+"""
+Base settings for fraud_platform project.
+"""
+import os
+from pathlib import Path
+import environ
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent.parent
+
+# Initialize environment variables
+env = environ.Env(
+    DEBUG=(bool, False)
+)
+
+# Read .env file if it exists
+environ.Env.read_env(os.path.join(BASE_DIR, '.env'))
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = env('SECRET_KEY', default='django-insecure-change-this-in-production')
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = env('DEBUG', default=False)
+
+ALLOWED_HOSTS = env.list('ALLOWED_HOSTS', default=[])
+
+# Application definition
+INSTALLED_APPS = [
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    
+    # MFA/OTP
+    'django_otp',
+    'django_otp.plugins.otp_totp',
+    'django_otp.plugins.otp_static',
+    
+    # Local apps
+    'accounts',
+    'reports',
+    'osint',
+    'moderation',
+    'analytics',
+    'legal',
+]
+
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'accounts.middleware.SecurityHeadersMiddleware',  # Security headers
+    'accounts.middleware.RateLimitMiddleware',  # Rate limiting
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django_otp.middleware.OTPMiddleware',  # MFA middleware
+    'accounts.middleware.SessionSecurityMiddleware',  # Session security (after auth)
+    'accounts.middleware.SecurityLoggingMiddleware',  # Security logging
+    'accounts.middleware.IPWhitelistMiddleware',  # IP filtering (admin)
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'fraud_platform.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [BASE_DIR / 'templates'],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+                'fraud_platform.context_processors.seo_context',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'fraud_platform.wsgi.application'
+
+# Database
+# https://docs.djangoproject.com/en/5.2/ref/settings/#databases
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.postgresql',
+        'NAME': env('DB_NAME', default='fraud_platform_db'),
+        'USER': env('DB_USER', default='postgres'),
+        'PASSWORD': env('DB_PASSWORD', default=''),
+        'HOST': env('DB_HOST', default='localhost'),
+        'PORT': env('DB_PORT', default='5432'),
+    }
+}
+
+# Custom User Model
+AUTH_USER_MODEL = 'accounts.User'
+
+# Password validation - Enhanced security
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+        'OPTIONS': {
+            'user_attributes': ('username', 'email', 'first_name', 'last_name'),
+            'max_similarity': 0.7,
+        }
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+        'OPTIONS': {
+            'min_length': 12,
+        }
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+    },
+]
+
+# Additional password requirements
+PASSWORD_MIN_LENGTH = 12
+PASSWORD_REQUIRE_UPPERCASE = True
+PASSWORD_REQUIRE_LOWERCASE = True
+PASSWORD_REQUIRE_DIGITS = True
+PASSWORD_REQUIRE_SPECIAL = True
+
+# Internationalization
+LANGUAGE_CODE = 'bg'  # Bulgarian
+TIME_ZONE = 'Europe/Sofia'
+USE_I18N = True
+USE_TZ = True
+
+# Static files (CSS, JavaScript, Images)
+STATIC_URL = '/static/'
+STATIC_ROOT = BASE_DIR / 'staticfiles'
+STATICFILES_DIRS = [
+    BASE_DIR / 'static',
+]
+
+# Media files
+MEDIA_URL = '/media/'
+MEDIA_ROOT = BASE_DIR / 'media'
+
+# Default primary key field type
+DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+# Security Settings
+SECURE_BROWSER_XSS_FILTER = True
+SECURE_CONTENT_TYPE_NOSNIFF = True
+X_FRAME_OPTIONS = 'DENY'
+SECURE_HSTS_SECONDS = 31536000 if not DEBUG else 0
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+SECURE_HSTS_PRELOAD = True
+SECURE_SSL_REDIRECT = not DEBUG
+SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+
+# Session Security
+SESSION_COOKIE_SECURE = not DEBUG
+SESSION_COOKIE_HTTPONLY = True
+SESSION_COOKIE_SAMESITE = 'Lax'
+SESSION_COOKIE_AGE = 86400  # 24 hours
+SESSION_EXPIRE_AT_BROWSER_CLOSE = True
+SESSION_SAVE_EVERY_REQUEST = True  # Extend session on activity
+
+# CSRF Security
+CSRF_COOKIE_SECURE = not DEBUG
+CSRF_COOKIE_HTTPONLY = True
+CSRF_COOKIE_SAMESITE = 'Lax'
+CSRF_USE_SESSIONS = True  # Store CSRF token in session instead of cookie
+CSRF_FAILURE_VIEW = 'accounts.views.csrf_failure'
+
+# Password Security
+PASSWORD_HASHERS = [
+    'django.contrib.auth.hashers.Argon2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
+]
+
+# Encryption Key (should be in environment in production)
+ENCRYPTION_KEY = env('ENCRYPTION_KEY', default=None)
+
+# Rate Limiting
+RATELIMIT_ENABLE = True
+RATELIMIT_USE_CACHE = 'default'
+
+# Security Logging
+SECURITY_LOG_FAILED_LOGINS = True
+SECURITY_LOG_SUSPICIOUS_ACTIVITY = True
+
+# Login URLs
+LOGIN_URL = '/accounts/login/'
+LOGIN_REDIRECT_URL = '/'
+LOGOUT_REDIRECT_URL = '/'
+
+# Email Configuration
+# Uses custom backend that reads from SiteSettings model
+# Falls back to environment variables if SiteSettings not configured
+EMAIL_BACKEND = env('EMAIL_BACKEND', default='reports.email_backend.SiteSettingsEmailBackend')
+EMAIL_HOST = env('EMAIL_HOST', default='')
+EMAIL_PORT = env('EMAIL_PORT', default=587)
+EMAIL_USE_TLS = env('EMAIL_USE_TLS', default=True)
+EMAIL_USE_SSL = env('EMAIL_USE_SSL', default=False)
+EMAIL_HOST_USER = env('EMAIL_HOST_USER', default='')
+EMAIL_HOST_PASSWORD = env('EMAIL_HOST_PASSWORD', default='')
+# DEFAULT_FROM_EMAIL is now managed via SiteSettings model
+# Fallback to env variable if SiteSettings not configured
+DEFAULT_FROM_EMAIL = env('DEFAULT_FROM_EMAIL', default='noreply@fraudplatform.bg')
+EMAIL_TIMEOUT = env('EMAIL_TIMEOUT', default=10)
+
+# File Upload Settings - Security
+FILE_UPLOAD_MAX_MEMORY_SIZE = 10485760  # 10MB
+DATA_UPLOAD_MAX_MEMORY_SIZE = 10485760  # 10MB
+FILE_UPLOAD_PERMISSIONS = 0o644
+DATA_UPLOAD_MAX_NUMBER_FIELDS = 1000  # Prevent DoS via form fields
+
+# Allowed file types for uploads
+ALLOWED_FILE_EXTENSIONS = ['.pdf', '.jpg', '.jpeg', '.png', '.txt', '.doc', '.docx']
+ALLOWED_MIME_TYPES = [
+    'application/pdf',
+    'image/jpeg',
+    'image/png',
+    'text/plain',
+    'application/msword',
+    'application/vnd.openxmlformats-officedocument.wordprocessingml.document'
+]
+
+# Database Security
+if 'default' in DATABASES:
+    DATABASES['default']['CONN_MAX_AGE'] = 600  # Connection pooling
+    DATABASES['default']['OPTIONS'] = {
+        'connect_timeout': 10,
+        'options': '-c statement_timeout=30000'  # 30 second query timeout
+    }
+
diff --git a/fraud_platform/settings/development.py b/fraud_platform/settings/development.py
new file mode 100644
index 0000000..d16dc51
--- /dev/null
+++ b/fraud_platform/settings/development.py
@@ -0,0 +1,33 @@
+"""
+Development settings for fraud_platform project.
+"""
+from .base import *
+import os
+
+DEBUG = True
+
+ALLOWED_HOSTS = ['localhost', '127.0.0.1']
+
+# Use SQLite for development if PostgreSQL is not available
+if os.environ.get('USE_SQLITE', 'True').lower() == 'true':
+    DATABASES = {
+        'default': {
+            'ENGINE': 'django.db.backends.sqlite3',
+            'NAME': BASE_DIR / 'db.sqlite3',
+        }
+    }
+
+# Development-specific settings (django_extensions is optional)
+# INSTALLED_APPS += [
+#     'django_extensions',  # Optional: for development tools
+# ]
+
+# Use SiteSettings email backend (will use console if SMTP not configured)
+# EMAIL_BACKEND is set in base.py to use SiteSettingsEmailBackend
+# This allows admin to configure SMTP even in development
+
+# Disable security features for development
+SECURE_SSL_REDIRECT = False
+SESSION_COOKIE_SECURE = False
+CSRF_COOKIE_SECURE = False
+
diff --git a/fraud_platform/settings/production.py b/fraud_platform/settings/production.py
new file mode 100644
index 0000000..c422135
--- /dev/null
+++ b/fraud_platform/settings/production.py
@@ -0,0 +1,54 @@
+"""
+Production settings for fraud_platform project.
+"""
+from .base import *
+
+DEBUG = False
+
+# Production security settings
+SECURE_SSL_REDIRECT = True
+SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True
+SECURE_HSTS_SECONDS = 31536000
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+SECURE_HSTS_PRELOAD = True
+
+# Logging
+LOGGING = {
+    'version': 1,
+    'disable_existing_loggers': False,
+    'formatters': {
+        'verbose': {
+            'format': '{levelname} {asctime} {module} {message}',
+            'style': '{',
+        },
+    },
+    'handlers': {
+        'file': {
+            'level': 'INFO',
+            'class': 'logging.FileHandler',
+            'filename': BASE_DIR / 'logs' / 'django.log',
+            'formatter': 'verbose',
+        },
+        'security_file': {
+            'level': 'WARNING',
+            'class': 'logging.FileHandler',
+            'filename': BASE_DIR / 'logs' / 'security.log',
+            'formatter': 'verbose',
+        },
+    },
+    'loggers': {
+        'django': {
+            'handlers': ['file'],
+            'level': 'INFO',
+            'propagate': True,
+        },
+        'django.security': {
+            'handlers': ['security_file'],
+            'level': 'WARNING',
+            'propagate': True,
+        },
+    },
+}
+
diff --git a/fraud_platform/sitemaps.py b/fraud_platform/sitemaps.py
new file mode 100644
index 0000000..c12634e
--- /dev/null
+++ b/fraud_platform/sitemaps.py
@@ -0,0 +1,54 @@
+"""
+Sitemap configuration for SEO.
+"""
+from django.contrib.sitemaps import Sitemap
+from django.urls import reverse
+from reports.models import ScamReport
+
+
+class StaticViewSitemap(Sitemap):
+    """Sitemap for static pages."""
+    priority = 1.0
+    changefreq = 'monthly'
+    
+    def items(self):
+        return [
+            'reports:home',
+            'reports:list',
+            'reports:create',
+            'reports:contact',
+            'reports:search',
+            'legal:privacy',
+            'legal:terms',
+        ]
+    
+    def location(self, item):
+        return reverse(item)
+
+
+class ScamReportSitemap(Sitemap):
+    """Sitemap for scam reports."""
+    changefreq = 'weekly'
+    priority = 0.8
+    
+    def items(self):
+        # Only include public, verified reports
+        return ScamReport.objects.filter(
+            is_public=True,
+            status='verified'
+        ).order_by('-created_at')
+    
+    def lastmod(self, obj):
+        return obj.updated_at or obj.created_at
+    
+    def location(self, obj):
+        from django.urls import reverse
+        return reverse('reports:detail', kwargs={'pk': obj.pk})
+
+
+# Combine sitemaps
+sitemaps = {
+    'static': StaticViewSitemap,
+    'reports': ScamReportSitemap,
+}
+
diff --git a/fraud_platform/urls.py b/fraud_platform/urls.py
new file mode 100644
index 0000000..86ec394
--- /dev/null
+++ b/fraud_platform/urls.py
@@ -0,0 +1,57 @@
+"""
+URL configuration for fraud_platform project.
+"""
+from django.contrib import admin
+from django.contrib.sitemaps.views import sitemap
+from django.urls import path, include
+from django.conf import settings
+from django.conf.urls.static import static
+from django.http import HttpResponse, Http404
+from django.views.decorators.cache import cache_control
+from .sitemaps import sitemaps
+import os
+
+@cache_control(max_age=86400)  # Cache for 1 day
+def favicon_view(request):
+    """Serve favicon.ico"""
+    favicon_path = os.path.join(settings.BASE_DIR, 'static', 'favicon.ico')
+    if os.path.exists(favicon_path):
+        with open(favicon_path, 'rb') as f:
+            return HttpResponse(f.read(), content_type='image/x-icon')
+    raise Http404("Favicon not found")
+
+@cache_control(max_age=86400)  # Cache for 1 day
+def robots_txt(request):
+    """Serve robots.txt"""
+    content = """User-agent: *
+Allow: /
+Disallow: /admin/
+Disallow: /accounts/
+Disallow: /moderation/
+Disallow: /analytics/
+Disallow: /osint/admin-dashboard/
+Disallow: /api/
+
+Sitemap: {}/sitemap.xml
+""".format(request.build_absolute_uri('/').rstrip('/'))
+    return HttpResponse(content, content_type='text/plain')
+
+urlpatterns = [
+    path('admin/', admin.site.urls),
+    path('accounts/', include('accounts.urls')),
+    path('osint/', include('osint.urls')),
+    path('moderation/', include('moderation.urls')),
+    path('analytics/', include('analytics.urls')),
+    path('legal/', include('legal.urls')),
+    path('', include('reports.urls')),  # Home page and reports (reports:home, reports:list, etc.)
+    # SEO
+    path('sitemap.xml', sitemap, {'sitemaps': sitemaps}, name='django.contrib.sitemaps.views.sitemap'),
+    path('robots.txt', robots_txt, name='robots'),
+    # Favicon
+    path('favicon.ico', favicon_view, name='favicon'),
+]
+
+# Serve media files in development
+if settings.DEBUG:
+    urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
+    urlpatterns += static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
diff --git a/fraud_platform/wsgi.py b/fraud_platform/wsgi.py
new file mode 100644
index 0000000..e1f4a24
--- /dev/null
+++ b/fraud_platform/wsgi.py
@@ -0,0 +1,16 @@
+"""
+WSGI config for fraud_platform project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.2/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'fraud_platform.settings')
+
+application = get_wsgi_application()
diff --git a/legal/__init__.py b/legal/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/legal/admin.py b/legal/admin.py
new file mode 100644
index 0000000..4bd3e88
--- /dev/null
+++ b/legal/admin.py
@@ -0,0 +1,47 @@
+"""
+Admin configuration for legal app.
+"""
+from django.contrib import admin
+from .models import ConsentRecord, DataRequest, SecurityEvent
+
+
+@admin.register(ConsentRecord)
+class ConsentRecordAdmin(admin.ModelAdmin):
+    """Consent record admin."""
+    list_display = ('user', 'consent_type', 'consent_given', 'timestamp', 'version')
+    list_filter = ('consent_type', 'consent_given', 'timestamp')
+    search_fields = ('user__username', 'user__email')
+    readonly_fields = ('timestamp',)
+    date_hierarchy = 'timestamp'
+
+
+@admin.register(DataRequest)
+class DataRequestAdmin(admin.ModelAdmin):
+    """Data request admin."""
+    list_display = ('user', 'request_type', 'status', 'requested_at', 'completed_at', 'handled_by')
+    list_filter = ('request_type', 'status', 'requested_at')
+    search_fields = ('user__username', 'user__email', 'description')
+    readonly_fields = ('requested_at',)
+    date_hierarchy = 'requested_at'
+    
+    fieldsets = (
+        ('Request Information', {
+            'fields': ('user', 'request_type', 'status', 'description')
+        }),
+        ('Response', {
+            'fields': ('response_data', 'response_file', 'notes')
+        }),
+        ('Handling', {
+            'fields': ('handled_by', 'requested_at', 'completed_at')
+        }),
+    )
+
+
+@admin.register(SecurityEvent)
+class SecurityEventAdmin(admin.ModelAdmin):
+    """Security event admin."""
+    list_display = ('event_type', 'user', 'severity', 'ip_address', 'timestamp', 'resolved')
+    list_filter = ('event_type', 'severity', 'resolved', 'timestamp')
+    search_fields = ('user__username', 'ip_address')
+    readonly_fields = ('timestamp',)
+    date_hierarchy = 'timestamp'
diff --git a/legal/apps.py b/legal/apps.py
new file mode 100644
index 0000000..372b98b
--- /dev/null
+++ b/legal/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class LegalConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'legal'
diff --git a/legal/forms.py b/legal/forms.py
new file mode 100644
index 0000000..bfc93b5
--- /dev/null
+++ b/legal/forms.py
@@ -0,0 +1,22 @@
+"""
+Forms for legal app.
+"""
+from django import forms
+from .models import DataRequest
+
+
+class DataRequestForm(forms.ModelForm):
+    """Form for GDPR data requests."""
+    
+    class Meta:
+        model = DataRequest
+        fields = ['request_type', 'description']
+        widgets = {
+            'request_type': forms.Select(attrs={'class': 'form-control'}),
+            'description': forms.Textarea(attrs={
+                'class': 'form-control',
+                'rows': 5,
+                'placeholder': 'Additional details about your request...'
+            }),
+        }
+
diff --git a/legal/migrations/0001_initial.py b/legal/migrations/0001_initial.py
new file mode 100644
index 0000000..f6a4c04
--- /dev/null
+++ b/legal/migrations/0001_initial.py
@@ -0,0 +1,83 @@
+# Generated by Django 5.2.8 on 2025-11-26 13:41
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='ConsentRecord',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('consent_type', models.CharField(choices=[('privacy_policy', 'Privacy Policy'), ('terms_of_service', 'Terms of Service'), ('data_processing', 'Data Processing'), ('marketing', 'Marketing Communications'), ('cookies', 'Cookie Consent')], max_length=50)),
+                ('consent_given', models.BooleanField(default=False)),
+                ('ip_address', models.GenericIPAddressField(blank=True, null=True)),
+                ('user_agent', models.TextField(blank=True)),
+                ('timestamp', models.DateTimeField(auto_now_add=True)),
+                ('version', models.CharField(blank=True, help_text='Version of the policy/terms', max_length=20)),
+                ('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='consents', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'Consent Record',
+                'verbose_name_plural': 'Consent Records',
+                'db_table': 'legal_consentrecord',
+                'ordering': ['-timestamp'],
+                'indexes': [models.Index(fields=['user', 'consent_type'], name='legal_conse_user_id_c707fa_idx'), models.Index(fields=['consent_type', 'timestamp'], name='legal_conse_consent_216033_idx')],
+            },
+        ),
+        migrations.CreateModel(
+            name='DataRequest',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('request_type', models.CharField(choices=[('access', 'Data Access Request'), ('deletion', 'Data Deletion Request'), ('portability', 'Data Portability Request'), ('rectification', 'Data Rectification Request'), ('objection', 'Objection to Processing'), ('restriction', 'Restriction of Processing')], max_length=50)),
+                ('status', models.CharField(choices=[('pending', 'Pending'), ('in_progress', 'In Progress'), ('completed', 'Completed'), ('rejected', 'Rejected')], default='pending', max_length=20)),
+                ('description', models.TextField(blank=True, help_text='Additional details about the request')),
+                ('requested_at', models.DateTimeField(auto_now_add=True)),
+                ('completed_at', models.DateTimeField(blank=True, null=True)),
+                ('response_data', models.JSONField(blank=True, default=dict, help_text='Response data (e.g., exported data)')),
+                ('response_file', models.FileField(blank=True, help_text='File containing requested data', null=True, upload_to='data_requests/')),
+                ('notes', models.TextField(blank=True, help_text='Internal notes about handling the request')),
+                ('handled_by', models.ForeignKey(blank=True, limit_choices_to={'role': 'admin'}, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='handled_data_requests', to=settings.AUTH_USER_MODEL)),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='data_requests', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'Data Request',
+                'verbose_name_plural': 'Data Requests',
+                'db_table': 'legal_datarequest',
+                'ordering': ['-requested_at'],
+                'indexes': [models.Index(fields=['user', 'status'], name='legal_datar_user_id_da1063_idx'), models.Index(fields=['request_type', 'status'], name='legal_datar_request_ad226f_idx'), models.Index(fields=['status', 'requested_at'], name='legal_datar_status_392f15_idx')],
+            },
+        ),
+        migrations.CreateModel(
+            name='SecurityEvent',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('event_type', models.CharField(choices=[('login_success', 'Successful Login'), ('login_failed', 'Failed Login'), ('password_change', 'Password Changed'), ('account_locked', 'Account Locked'), ('suspicious_activity', 'Suspicious Activity'), ('data_breach', 'Data Breach'), ('unauthorized_access', 'Unauthorized Access Attempt'), ('file_upload', 'File Upload'), ('data_export', 'Data Export'), ('admin_action', 'Admin Action')], max_length=50)),
+                ('ip_address', models.GenericIPAddressField(blank=True, null=True)),
+                ('user_agent', models.TextField(blank=True)),
+                ('details', models.JSONField(blank=True, default=dict, help_text='Additional event details')),
+                ('severity', models.CharField(choices=[('low', 'Low'), ('medium', 'Medium'), ('high', 'High'), ('critical', 'Critical')], default='low', max_length=20)),
+                ('timestamp', models.DateTimeField(auto_now_add=True)),
+                ('resolved', models.BooleanField(default=False)),
+                ('resolved_at', models.DateTimeField(blank=True, null=True)),
+                ('resolved_by', models.ForeignKey(blank=True, limit_choices_to={'role': 'admin'}, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='resolved_security_events', to=settings.AUTH_USER_MODEL)),
+                ('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='security_events', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'Security Event',
+                'verbose_name_plural': 'Security Events',
+                'db_table': 'security_securityevent',
+                'ordering': ['-timestamp'],
+                'indexes': [models.Index(fields=['event_type', 'timestamp'], name='security_se_event_t_1a00f0_idx'), models.Index(fields=['severity', 'timestamp'], name='security_se_severit_5c25b4_idx'), models.Index(fields=['user', 'timestamp'], name='security_se_user_id_6ceb62_idx'), models.Index(fields=['resolved', 'timestamp'], name='security_se_resolve_dbd0de_idx')],
+            },
+        ),
+    ]
diff --git a/legal/migrations/__init__.py b/legal/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/legal/models.py b/legal/models.py
new file mode 100644
index 0000000..dfb7c02
--- /dev/null
+++ b/legal/models.py
@@ -0,0 +1,210 @@
+"""
+Legal compliance and GDPR models.
+"""
+from django.db import models
+from django.contrib.auth import get_user_model
+from django.utils import timezone
+
+User = get_user_model()
+
+
+class ConsentRecord(models.Model):
+    """
+    Track user consent for GDPR compliance.
+    """
+    CONSENT_TYPE_CHOICES = [
+        ('privacy_policy', 'Privacy Policy'),
+        ('terms_of_service', 'Terms of Service'),
+        ('data_processing', 'Data Processing'),
+        ('marketing', 'Marketing Communications'),
+        ('cookies', 'Cookie Consent'),
+    ]
+    
+    user = models.ForeignKey(
+        User,
+        on_delete=models.CASCADE,
+        related_name='consents',
+        null=True,
+        blank=True
+    )
+    consent_type = models.CharField(
+        max_length=50,
+        choices=CONSENT_TYPE_CHOICES
+    )
+    consent_given = models.BooleanField(default=False)
+    ip_address = models.GenericIPAddressField(null=True, blank=True)
+    user_agent = models.TextField(blank=True)
+    timestamp = models.DateTimeField(auto_now_add=True)
+    version = models.CharField(
+        max_length=20,
+        blank=True,
+        help_text='Version of the policy/terms'
+    )
+    
+    class Meta:
+        db_table = 'legal_consentrecord'
+        verbose_name = 'Consent Record'
+        verbose_name_plural = 'Consent Records'
+        ordering = ['-timestamp']
+        indexes = [
+            models.Index(fields=['user', 'consent_type']),
+            models.Index(fields=['consent_type', 'timestamp']),
+        ]
+    
+    def __str__(self):
+        status = "Given" if self.consent_given else "Not Given"
+        return f"{self.get_consent_type_display()} - {status} - {self.timestamp}"
+
+
+class DataRequest(models.Model):
+    """
+    GDPR data subject requests (access, deletion, portability).
+    """
+    REQUEST_TYPE_CHOICES = [
+        ('access', 'Data Access Request'),
+        ('deletion', 'Data Deletion Request'),
+        ('portability', 'Data Portability Request'),
+        ('rectification', 'Data Rectification Request'),
+        ('objection', 'Objection to Processing'),
+        ('restriction', 'Restriction of Processing'),
+    ]
+    
+    STATUS_CHOICES = [
+        ('pending', 'Pending'),
+        ('in_progress', 'In Progress'),
+        ('completed', 'Completed'),
+        ('rejected', 'Rejected'),
+    ]
+    
+    user = models.ForeignKey(
+        User,
+        on_delete=models.CASCADE,
+        related_name='data_requests'
+    )
+    request_type = models.CharField(
+        max_length=50,
+        choices=REQUEST_TYPE_CHOICES
+    )
+    status = models.CharField(
+        max_length=20,
+        choices=STATUS_CHOICES,
+        default='pending'
+    )
+    description = models.TextField(
+        blank=True,
+        help_text='Additional details about the request'
+    )
+    requested_at = models.DateTimeField(auto_now_add=True)
+    completed_at = models.DateTimeField(null=True, blank=True)
+    response_data = models.JSONField(
+        default=dict,
+        blank=True,
+        help_text='Response data (e.g., exported data)'
+    )
+    response_file = models.FileField(
+        upload_to='data_requests/',
+        blank=True,
+        null=True,
+        help_text='File containing requested data'
+    )
+    handled_by = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='handled_data_requests',
+        limit_choices_to={'role': 'admin'}
+    )
+    notes = models.TextField(
+        blank=True,
+        help_text='Internal notes about handling the request'
+    )
+    
+    class Meta:
+        db_table = 'legal_datarequest'
+        verbose_name = 'Data Request'
+        verbose_name_plural = 'Data Requests'
+        ordering = ['-requested_at']
+        indexes = [
+            models.Index(fields=['user', 'status']),
+            models.Index(fields=['request_type', 'status']),
+            models.Index(fields=['status', 'requested_at']),
+        ]
+    
+    def __str__(self):
+        return f"{self.get_request_type_display()} by {self.user.username} - {self.get_status_display()}"
+
+
+class SecurityEvent(models.Model):
+    """
+    Security event logging for compliance and monitoring.
+    """
+    EVENT_TYPE_CHOICES = [
+        ('login_success', 'Successful Login'),
+        ('login_failed', 'Failed Login'),
+        ('password_change', 'Password Changed'),
+        ('account_locked', 'Account Locked'),
+        ('suspicious_activity', 'Suspicious Activity'),
+        ('data_breach', 'Data Breach'),
+        ('unauthorized_access', 'Unauthorized Access Attempt'),
+        ('file_upload', 'File Upload'),
+        ('data_export', 'Data Export'),
+        ('admin_action', 'Admin Action'),
+    ]
+    
+    SEVERITY_CHOICES = [
+        ('low', 'Low'),
+        ('medium', 'Medium'),
+        ('high', 'High'),
+        ('critical', 'Critical'),
+    ]
+    
+    event_type = models.CharField(
+        max_length=50,
+        choices=EVENT_TYPE_CHOICES
+    )
+    user = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='security_events'
+    )
+    ip_address = models.GenericIPAddressField(null=True, blank=True)
+    user_agent = models.TextField(blank=True)
+    details = models.JSONField(
+        default=dict,
+        blank=True,
+        help_text='Additional event details'
+    )
+    severity = models.CharField(
+        max_length=20,
+        choices=SEVERITY_CHOICES,
+        default='low'
+    )
+    timestamp = models.DateTimeField(auto_now_add=True)
+    resolved = models.BooleanField(default=False)
+    resolved_at = models.DateTimeField(null=True, blank=True)
+    resolved_by = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='resolved_security_events',
+        limit_choices_to={'role': 'admin'}
+    )
+    
+    class Meta:
+        db_table = 'security_securityevent'
+        verbose_name = 'Security Event'
+        verbose_name_plural = 'Security Events'
+        ordering = ['-timestamp']
+        indexes = [
+            models.Index(fields=['event_type', 'timestamp']),
+            models.Index(fields=['severity', 'timestamp']),
+            models.Index(fields=['user', 'timestamp']),
+            models.Index(fields=['resolved', 'timestamp']),
+        ]
+    
+    def __str__(self):
+        return f"{self.get_event_type_display()} - {self.get_severity_display()} - {self.timestamp}"
diff --git a/legal/tests.py b/legal/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/legal/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/legal/urls.py b/legal/urls.py
new file mode 100644
index 0000000..77f3347
--- /dev/null
+++ b/legal/urls.py
@@ -0,0 +1,16 @@
+"""
+URL configuration for legal app.
+"""
+from django.urls import path
+from . import views
+
+app_name = 'legal'
+
+urlpatterns = [
+    path('privacy/', views.PrivacyPolicyView.as_view(), name='privacy'),
+    path('terms/', views.TermsOfServiceView.as_view(), name='terms'),
+    path('data-request/', views.DataRequestView.as_view(), name='data_request'),
+    path('data-request/<int:pk>/', views.DataRequestDetailView.as_view(), name='data_request_detail'),
+    path('cookie-consent/', views.cookie_consent_view, name='cookie_consent'),
+]
+
diff --git a/legal/views.py b/legal/views.py
new file mode 100644
index 0000000..5e18133
--- /dev/null
+++ b/legal/views.py
@@ -0,0 +1,111 @@
+"""
+Views for legal app.
+"""
+from django.shortcuts import render
+from django.views.generic import TemplateView, CreateView, DetailView
+from django.contrib.auth.mixins import LoginRequiredMixin
+from django.urls import reverse_lazy
+from django.http import JsonResponse
+from django.views.decorators.http import require_http_methods
+from .models import DataRequest, ConsentRecord
+from .forms import DataRequestForm
+
+
+class PrivacyPolicyView(TemplateView):
+    """Privacy policy page."""
+    template_name = 'legal/privacy_policy.html'
+
+
+class TermsOfServiceView(TemplateView):
+    """Terms of service page."""
+    template_name = 'legal/terms_of_service.html'
+
+
+class DataRequestView(LoginRequiredMixin, CreateView):
+    """GDPR data request form."""
+    model = DataRequest
+    form_class = DataRequestForm
+    template_name = 'legal/data_request.html'
+    success_url = reverse_lazy('legal:data_request_detail')
+    
+    def form_valid(self, form):
+        form.instance.user = self.request.user
+        return super().form_valid(form)
+    
+    def get_success_url(self):
+        return reverse_lazy('legal:data_request_detail', kwargs={'pk': self.object.pk})
+
+
+class DataRequestDetailView(LoginRequiredMixin, DetailView):
+    """View data request status."""
+    model = DataRequest
+    template_name = 'legal/data_request_detail.html'
+    context_object_name = 'data_request'
+    
+    def get_queryset(self):
+        return DataRequest.objects.filter(user=self.request.user)
+
+
+@require_http_methods(["POST"])
+def cookie_consent_view(request):
+    """
+    Handle cookie consent submission.
+    Stores consent in database and sets a cookie.
+    """
+    import json
+    from django.utils import timezone
+    
+    try:
+        data = json.loads(request.body)
+        consent_given = data.get('consent', False)
+        
+        # Get client IP
+        x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip_address = x_forwarded_for.split(',')[0]
+        else:
+            ip_address = request.META.get('REMOTE_ADDR')
+        
+        # Create consent record
+        ConsentRecord.objects.create(
+            user=request.user if request.user.is_authenticated else None,
+            consent_type='cookies',
+            consent_given=consent_given,
+            ip_address=ip_address,
+            user_agent=request.META.get('HTTP_USER_AGENT', ''),
+            version='1.0'
+        )
+        
+        # Create response
+        response = JsonResponse({
+            'success': True,
+            'message': 'Cookie consent recorded successfully'
+        })
+        
+        # Set cookie (expires in 1 year)
+        if consent_given:
+            response.set_cookie(
+                'cookie_consent',
+                'accepted',
+                max_age=31536000,  # 1 year in seconds
+                httponly=False,
+                samesite='Lax',
+                secure=request.is_secure()
+            )
+        else:
+            response.set_cookie(
+                'cookie_consent',
+                'declined',
+                max_age=31536000,
+                httponly=False,
+                samesite='Lax',
+                secure=request.is_secure()
+            )
+        
+        return response
+    
+    except Exception as e:
+        return JsonResponse({
+            'success': False,
+            'message': str(e)
+        }, status=400)
diff --git a/manage.py b/manage.py
new file mode 100755
index 0000000..6b589c8
--- /dev/null
+++ b/manage.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+
+def main():
+    """Run administrative tasks."""
+    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'fraud_platform.settings')
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
+
+
+if __name__ == '__main__':
+    main()
diff --git a/moderation/__init__.py b/moderation/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/moderation/admin.py b/moderation/admin.py
new file mode 100644
index 0000000..32760c1
--- /dev/null
+++ b/moderation/admin.py
@@ -0,0 +1,32 @@
+"""
+Admin configuration for moderation app.
+"""
+from django.contrib import admin
+from .models import ModerationQueue, ModerationAction, ModerationRule
+
+
+@admin.register(ModerationQueue)
+class ModerationQueueAdmin(admin.ModelAdmin):
+    """Moderation queue admin."""
+    list_display = ('report', 'priority', 'assigned_to', 'created_at')
+    list_filter = ('priority', 'created_at')
+    search_fields = ('report__title',)
+    date_hierarchy = 'created_at'
+
+
+@admin.register(ModerationAction)
+class ModerationActionAdmin(admin.ModelAdmin):
+    """Moderation action admin."""
+    list_display = ('report', 'moderator', 'action_type', 'created_at')
+    list_filter = ('action_type', 'created_at')
+    search_fields = ('report__title', 'moderator__username', 'reason')
+    readonly_fields = ('created_at',)
+    date_hierarchy = 'created_at'
+
+
+@admin.register(ModerationRule)
+class ModerationRuleAdmin(admin.ModelAdmin):
+    """Moderation rule admin."""
+    list_display = ('name', 'is_active', 'priority', 'updated_at')
+    list_filter = ('is_active',)
+    search_fields = ('name', 'description')
diff --git a/moderation/apps.py b/moderation/apps.py
new file mode 100644
index 0000000..5802ddd
--- /dev/null
+++ b/moderation/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class ModerationConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'moderation'
diff --git a/moderation/migrations/0001_initial.py b/moderation/migrations/0001_initial.py
new file mode 100644
index 0000000..8f445b4
--- /dev/null
+++ b/moderation/migrations/0001_initial.py
@@ -0,0 +1,77 @@
+# Generated by Django 5.2.8 on 2025-11-26 13:41
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('reports', '0001_initial'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='ModerationRule',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=100)),
+                ('description', models.TextField(blank=True)),
+                ('is_active', models.BooleanField(default=True)),
+                ('priority', models.IntegerField(default=0, help_text='Rule priority (higher = evaluated first)')),
+                ('conditions', models.JSONField(default=dict, help_text='Conditions that trigger this rule')),
+                ('actions', models.JSONField(default=dict, help_text='Actions to take when rule matches')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'Moderation Rule',
+                'verbose_name_plural': 'Moderation Rules',
+                'db_table': 'moderation_moderationrule',
+                'ordering': ['-priority', 'name'],
+            },
+        ),
+        migrations.CreateModel(
+            name='ModerationAction',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('action_type', models.CharField(choices=[('approve', 'Approve'), ('reject', 'Reject'), ('edit', 'Edit'), ('delete', 'Delete'), ('verify', 'Verify'), ('archive', 'Archive'), ('unarchive', 'Unarchive'), ('assign', 'Assign'), ('unassign', 'Unassign')], max_length=20)),
+                ('reason', models.CharField(blank=True, help_text='Reason for the action', max_length=200)),
+                ('notes', models.TextField(blank=True, help_text='Additional notes')),
+                ('previous_status', models.CharField(blank=True, max_length=20)),
+                ('new_status', models.CharField(blank=True, max_length=20)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('moderator', models.ForeignKey(limit_choices_to={'role__in': ['moderator', 'admin']}, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='moderation_actions', to=settings.AUTH_USER_MODEL)),
+                ('report', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='moderation_actions', to='reports.scamreport')),
+            ],
+            options={
+                'verbose_name': 'Moderation Action',
+                'verbose_name_plural': 'Moderation Actions',
+                'db_table': 'moderation_moderationaction',
+                'ordering': ['-created_at'],
+                'indexes': [models.Index(fields=['report', 'created_at'], name='moderation__report__971308_idx'), models.Index(fields=['moderator', 'created_at'], name='moderation__moderat_b59e8d_idx'), models.Index(fields=['action_type', 'created_at'], name='moderation__action__8d1226_idx')],
+            },
+        ),
+        migrations.CreateModel(
+            name='ModerationQueue',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('priority', models.CharField(choices=[('low', 'Low'), ('normal', 'Normal'), ('high', 'High'), ('urgent', 'Urgent')], default='normal', max_length=20)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('assigned_to', models.ForeignKey(blank=True, limit_choices_to={'role__in': ['moderator', 'admin']}, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='assigned_moderations', to=settings.AUTH_USER_MODEL)),
+                ('report', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='moderation_queue', to='reports.scamreport')),
+            ],
+            options={
+                'verbose_name': 'Moderation Queue',
+                'verbose_name_plural': 'Moderation Queues',
+                'db_table': 'moderation_moderationqueue',
+                'ordering': ['-priority', 'created_at'],
+                'indexes': [models.Index(fields=['priority', 'created_at'], name='moderation__priorit_02ba25_idx'), models.Index(fields=['assigned_to', 'created_at'], name='moderation__assigne_674975_idx')],
+            },
+        ),
+    ]
diff --git a/moderation/migrations/0002_alter_moderationaction_reason.py b/moderation/migrations/0002_alter_moderationaction_reason.py
new file mode 100644
index 0000000..c8fef47
--- /dev/null
+++ b/moderation/migrations/0002_alter_moderationaction_reason.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.2.8 on 2025-11-26 14:28
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('moderation', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='moderationaction',
+            name='reason',
+            field=models.TextField(blank=True, help_text='Reason for the action (visible to user for rejections)'),
+        ),
+    ]
diff --git a/moderation/migrations/__init__.py b/moderation/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/moderation/models.py b/moderation/models.py
new file mode 100644
index 0000000..3660a6d
--- /dev/null
+++ b/moderation/models.py
@@ -0,0 +1,145 @@
+"""
+Moderation system models.
+"""
+from django.db import models
+from django.contrib.auth import get_user_model
+from reports.models import ScamReport
+
+User = get_user_model()
+
+
+class ModerationQueue(models.Model):
+    """
+    Queue for reports awaiting moderation.
+    """
+    PRIORITY_CHOICES = [
+        ('low', 'Low'),
+        ('normal', 'Normal'),
+        ('high', 'High'),
+        ('urgent', 'Urgent'),
+    ]
+    
+    report = models.OneToOneField(
+        ScamReport,
+        on_delete=models.CASCADE,
+        related_name='moderation_queue'
+    )
+    priority = models.CharField(
+        max_length=20,
+        choices=PRIORITY_CHOICES,
+        default='normal'
+    )
+    assigned_to = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='assigned_moderations',
+        limit_choices_to={'role__in': ['moderator', 'admin']}
+    )
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'moderation_moderationqueue'
+        verbose_name = 'Moderation Queue'
+        verbose_name_plural = 'Moderation Queues'
+        ordering = ['-priority', 'created_at']
+        indexes = [
+            models.Index(fields=['priority', 'created_at']),
+            models.Index(fields=['assigned_to', 'created_at']),
+        ]
+    
+    def __str__(self):
+        return f"Queue entry for Report #{self.report.id} - {self.get_priority_display()}"
+
+
+class ModerationAction(models.Model):
+    """
+    Log of moderation actions taken.
+    """
+    ACTION_TYPE_CHOICES = [
+        ('approve', 'Approve'),
+        ('reject', 'Reject'),
+        ('edit', 'Edit'),
+        ('delete', 'Delete'),
+        ('verify', 'Verify'),
+        ('archive', 'Archive'),
+        ('unarchive', 'Unarchive'),
+        ('assign', 'Assign'),
+        ('unassign', 'Unassign'),
+    ]
+    
+    report = models.ForeignKey(
+        ScamReport,
+        on_delete=models.CASCADE,
+        related_name='moderation_actions'
+    )
+    moderator = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        related_name='moderation_actions',
+        limit_choices_to={'role__in': ['moderator', 'admin']}
+    )
+    action_type = models.CharField(
+        max_length=20,
+        choices=ACTION_TYPE_CHOICES
+    )
+    reason = models.TextField(
+        blank=True,
+        help_text='Reason for the action (visible to user for rejections)'
+    )
+    notes = models.TextField(
+        blank=True,
+        help_text='Additional notes'
+    )
+    previous_status = models.CharField(max_length=20, blank=True)
+    new_status = models.CharField(max_length=20, blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    
+    class Meta:
+        db_table = 'moderation_moderationaction'
+        verbose_name = 'Moderation Action'
+        verbose_name_plural = 'Moderation Actions'
+        ordering = ['-created_at']
+        indexes = [
+            models.Index(fields=['report', 'created_at']),
+            models.Index(fields=['moderator', 'created_at']),
+            models.Index(fields=['action_type', 'created_at']),
+        ]
+    
+    def __str__(self):
+        return f"{self.get_action_type_display()} on Report #{self.report.id} by {self.moderator}"
+
+
+class ModerationRule(models.Model):
+    """
+    Automated moderation rules.
+    """
+    name = models.CharField(max_length=100)
+    description = models.TextField(blank=True)
+    is_active = models.BooleanField(default=True)
+    priority = models.IntegerField(
+        default=0,
+        help_text='Rule priority (higher = evaluated first)'
+    )
+    conditions = models.JSONField(
+        default=dict,
+        help_text='Conditions that trigger this rule'
+    )
+    actions = models.JSONField(
+        default=dict,
+        help_text='Actions to take when rule matches'
+    )
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'moderation_moderationrule'
+        verbose_name = 'Moderation Rule'
+        verbose_name_plural = 'Moderation Rules'
+        ordering = ['-priority', 'name']
+    
+    def __str__(self):
+        return f"{self.name} ({'Active' if self.is_active else 'Inactive'})"
diff --git a/moderation/tests.py b/moderation/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/moderation/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/moderation/urls.py b/moderation/urls.py
new file mode 100644
index 0000000..2b6422c
--- /dev/null
+++ b/moderation/urls.py
@@ -0,0 +1,16 @@
+"""
+URL configuration for moderation app.
+"""
+from django.urls import path
+from . import views
+
+app_name = 'moderation'
+
+urlpatterns = [
+    path('', views.ModerationDashboardView.as_view(), name='dashboard'),
+    path('queue/', views.ModerationQueueView.as_view(), name='queue'),
+    path('report/<int:pk>/', views.ReportModerationView.as_view(), name='report_detail'),
+    path('report/<int:pk>/approve/', views.ApproveReportView.as_view(), name='approve'),
+    path('report/<int:pk>/reject/', views.RejectReportView.as_view(), name='reject'),
+]
+
diff --git a/moderation/views.py b/moderation/views.py
new file mode 100644
index 0000000..8ce498f
--- /dev/null
+++ b/moderation/views.py
@@ -0,0 +1,129 @@
+"""
+Views for moderation app.
+"""
+from django.shortcuts import get_object_or_404, redirect
+from django.views.generic import ListView, DetailView, UpdateView
+from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
+from django.contrib.messages.views import SuccessMessageMixin
+from django.urls import reverse_lazy
+from django.utils import timezone
+from reports.models import ScamReport
+from .models import ModerationQueue, ModerationAction
+
+
+class ModeratorRequiredMixin(UserPassesTestMixin):
+    """Mixin to require moderator role."""
+    def test_func(self):
+        return self.request.user.is_authenticated and self.request.user.is_moderator()
+
+
+class ModerationDashboardView(LoginRequiredMixin, ModeratorRequiredMixin, ListView):
+    """Moderation dashboard."""
+    template_name = 'moderation/dashboard.html'
+    context_object_name = 'reports'
+    
+    def get_queryset(self):
+        return ScamReport.objects.filter(
+            status__in=['pending', 'under_review']
+        ).order_by('-created_at')[:10]
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['pending_count'] = ScamReport.objects.filter(status='pending').count()
+        context['under_review_count'] = ScamReport.objects.filter(status='under_review').count()
+        context['verified_count'] = ScamReport.objects.filter(status='verified').count()
+        return context
+
+
+class ModerationQueueView(LoginRequiredMixin, ModeratorRequiredMixin, ListView):
+    """Moderation queue."""
+    model = ModerationQueue
+    template_name = 'moderation/queue.html'
+    context_object_name = 'queue_items'
+    paginate_by = 20
+    
+    def get_queryset(self):
+        return ModerationQueue.objects.select_related(
+            'report', 'assigned_to'
+        ).order_by('-priority', 'created_at')
+
+
+class ReportModerationView(LoginRequiredMixin, ModeratorRequiredMixin, DetailView):
+    """View report for moderation."""
+    model = ScamReport
+    template_name = 'moderation/report_detail.html'
+    context_object_name = 'report'
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['osint_results'] = self.object.osint_results.all()
+        context['verifications'] = self.object.verifications.all()
+        context['moderation_actions'] = self.object.moderation_actions.all()[:10]
+        return context
+
+
+class ApproveReportView(LoginRequiredMixin, ModeratorRequiredMixin, SuccessMessageMixin, UpdateView):
+    """Approve a report."""
+    model = ScamReport
+    fields = []
+    template_name = 'moderation/approve.html'
+    success_message = "Report approved successfully!"
+    
+    def form_valid(self, form):
+        previous_status = form.instance.status
+        form.instance.status = 'verified'
+        form.instance.verified_at = timezone.now()
+        response = super().form_valid(form)
+        
+        # Create moderation action
+        ModerationAction.objects.create(
+            report=form.instance,
+            moderator=self.request.user,
+            action_type='approve',
+            previous_status=previous_status,
+            new_status='verified'
+        )
+        
+        # Remove from queue
+        ModerationQueue.objects.filter(report=form.instance).delete()
+        
+        return response
+    
+    def get_success_url(self):
+        return reverse_lazy('moderation:queue')
+
+
+class RejectReportView(LoginRequiredMixin, ModeratorRequiredMixin, SuccessMessageMixin, UpdateView):
+    """Reject a report."""
+    model = ScamReport
+    fields = []
+    template_name = 'moderation/reject.html'
+    success_message = "Report rejected."
+    
+    def form_valid(self, form):
+        previous_status = form.instance.status
+        form.instance.status = 'rejected'
+        response = super().form_valid(form)
+        
+        # Get reason from form
+        reason = self.request.POST.get('reason', '').strip()
+        notes = self.request.POST.get('notes', '').strip()
+        
+        # Create moderation action
+        ModerationAction.objects.create(
+            report=form.instance,
+            moderator=self.request.user,
+            action_type='reject',
+            previous_status=previous_status,
+            new_status='rejected',
+            reason=reason,
+            notes=notes
+        )
+        
+        # Remove from queue
+        ModerationQueue.objects.filter(report=form.instance).delete()
+        
+        return response
+    
+    def get_success_url(self):
+        return reverse_lazy('moderation:queue')
diff --git a/osint/__init__.py b/osint/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/osint/admin.py b/osint/admin.py
new file mode 100644
index 0000000..d3c53f6
--- /dev/null
+++ b/osint/admin.py
@@ -0,0 +1,246 @@
+"""
+Admin configuration for osint app.
+"""
+from django.contrib import admin
+from django.utils.html import format_html
+from django.urls import reverse
+from django.utils import timezone
+from datetime import timedelta
+from .models import (
+    OSINTTask, OSINTResult, OSINTConfiguration,
+    SeedWebsite, OSINTKeyword, CrawledContent, AutoGeneratedReport
+)
+
+
+@admin.register(OSINTTask)
+class OSINTTaskAdmin(admin.ModelAdmin):
+    """OSINT task admin."""
+    list_display = ('report', 'task_type', 'status', 'created_at', 'completed_at')
+    list_filter = ('task_type', 'status', 'created_at')
+    search_fields = ('report__title', 'error_message')
+    readonly_fields = ('created_at', 'started_at', 'completed_at')
+    date_hierarchy = 'created_at'
+
+
+@admin.register(OSINTResult)
+class OSINTResultAdmin(admin.ModelAdmin):
+    """OSINT result admin."""
+    list_display = ('report', 'source', 'data_type', 'confidence_level', 'is_verified', 'collected_at')
+    list_filter = ('data_type', 'is_verified', 'collected_at')
+    search_fields = ('report__title', 'source')
+    readonly_fields = ('collected_at', 'updated_at')
+    date_hierarchy = 'collected_at'
+
+
+@admin.register(OSINTConfiguration)
+class OSINTConfigurationAdmin(admin.ModelAdmin):
+    """OSINT configuration admin."""
+    list_display = ('service_name', 'is_active', 'rate_limit', 'updated_at')
+    list_filter = ('is_active',)
+    search_fields = ('service_name',)
+
+
+@admin.register(SeedWebsite)
+class SeedWebsiteAdmin(admin.ModelAdmin):
+    """Seed website admin."""
+    list_display = ('name', 'url', 'is_active', 'priority', 'last_crawled_at', 'pages_crawled', 'matches_found', 'status_indicator')
+    list_filter = ('is_active', 'priority', 'created_at')
+    search_fields = ('name', 'url', 'description')
+    readonly_fields = ('last_crawled_at', 'pages_crawled', 'matches_found', 'created_at', 'updated_at')
+    fieldsets = (
+        ('Basic Information', {
+            'fields': ('name', 'url', 'description', 'is_active', 'priority', 'created_by')
+        }),
+        ('Crawling Configuration', {
+            'fields': ('crawl_depth', 'crawl_interval_hours', 'allowed_domains', 'user_agent')
+        }),
+        ('Statistics', {
+            'fields': ('last_crawled_at', 'pages_crawled', 'matches_found'),
+            'classes': ('collapse',)
+        }),
+        ('Timestamps', {
+            'fields': ('created_at', 'updated_at'),
+            'classes': ('collapse',)
+        }),
+    )
+    date_hierarchy = 'created_at'
+    
+    def status_indicator(self, obj):
+        """Show visual status indicator."""
+        if not obj.is_active:
+            return format_html('<span style="color: red;">●</span> Inactive')
+        if not obj.last_crawled_at:
+            return format_html('<span style="color: orange;">●</span> Never Crawled')
+        
+        hours_since = (timezone.now() - obj.last_crawled_at).total_seconds() / 3600
+        if hours_since > obj.crawl_interval_hours * 2:
+            return format_html('<span style="color: orange;">●</span> Overdue')
+        elif hours_since > obj.crawl_interval_hours:
+            return format_html('<span style="color: yellow;">●</span> Due Soon')
+        else:
+            return format_html('<span style="color: green;">●</span> Up to Date')
+    status_indicator.short_description = 'Status'
+    
+    def save_model(self, request, obj, form, change):
+        if not change:  # New object
+            obj.created_by = request.user
+        super().save_model(request, obj, form, change)
+
+
+@admin.register(OSINTKeyword)
+class OSINTKeywordAdmin(admin.ModelAdmin):
+    """OSINT keyword admin."""
+    list_display = ('name', 'keyword', 'keyword_type', 'is_active', 'confidence_score', 'auto_approve', 'match_count')
+    list_filter = ('is_active', 'keyword_type', 'auto_approve', 'created_at')
+    search_fields = ('name', 'keyword', 'description')
+    readonly_fields = ('created_at', 'updated_at', 'match_count')
+    fieldsets = (
+        ('Basic Information', {
+            'fields': ('name', 'keyword', 'description', 'keyword_type', 'is_active', 'created_by')
+        }),
+        ('Matching Configuration', {
+            'fields': ('case_sensitive', 'confidence_score', 'auto_approve')
+        }),
+        ('Statistics', {
+            'fields': ('match_count',),
+            'classes': ('collapse',)
+        }),
+        ('Timestamps', {
+            'fields': ('created_at', 'updated_at'),
+            'classes': ('collapse',)
+        }),
+    )
+    date_hierarchy = 'created_at'
+    
+    def match_count(self, obj):
+        """Count how many times this keyword has matched."""
+        return obj.matched_contents.count()
+    match_count.short_description = 'Total Matches'
+    
+    def save_model(self, request, obj, form, change):
+        if not change:  # New object
+            obj.created_by = request.user
+        super().save_model(request, obj, form, change)
+
+
+@admin.register(CrawledContent)
+class CrawledContentAdmin(admin.ModelAdmin):
+    """Crawled content admin."""
+    list_display = ('title', 'url', 'seed_website', 'match_count', 'confidence_score', 'has_potential_scam', 'crawled_at')
+    list_filter = ('has_potential_scam', 'seed_website', 'crawled_at', 'http_status')
+    search_fields = ('title', 'url', 'content')
+    readonly_fields = ('crawled_at', 'content_hash', 'http_status')
+    fieldsets = (
+        ('Content Information', {
+            'fields': ('seed_website', 'url', 'title', 'content', 'html_content')
+        }),
+        ('Analysis', {
+            'fields': ('matched_keywords', 'match_count', 'confidence_score', 'has_potential_scam')
+        }),
+        ('Metadata', {
+            'fields': ('http_status', 'content_hash', 'crawled_at'),
+            'classes': ('collapse',)
+        }),
+    )
+    date_hierarchy = 'crawled_at'
+    filter_horizontal = ('matched_keywords',)
+    
+    def get_queryset(self, request):
+        return super().get_queryset(request).select_related('seed_website').prefetch_related('matched_keywords')
+
+
+@admin.register(AutoGeneratedReport)
+class AutoGeneratedReportAdmin(admin.ModelAdmin):
+    """Auto-generated report admin."""
+    list_display = ('title', 'source_url', 'status', 'confidence_score', 'reviewed_by', 'reviewed_at', 'view_report_link')
+    list_filter = ('status', 'confidence_score', 'created_at', 'reviewed_at')
+    search_fields = ('title', 'description', 'source_url')
+    readonly_fields = ('crawled_content', 'created_at', 'updated_at', 'published_at')
+    fieldsets = (
+        ('Report Information', {
+            'fields': ('crawled_content', 'title', 'description', 'source_url')
+        }),
+        ('Analysis', {
+            'fields': ('matched_keywords', 'confidence_score')
+        }),
+        ('Review', {
+            'fields': ('status', 'review_notes', 'reviewed_by', 'reviewed_at', 'report')
+        }),
+        ('Publication', {
+            'fields': ('published_at',),
+            'classes': ('collapse',)
+        }),
+        ('Timestamps', {
+            'fields': ('created_at', 'updated_at'),
+            'classes': ('collapse',)
+        }),
+    )
+    date_hierarchy = 'created_at'
+    filter_horizontal = ('matched_keywords',)
+    actions = ['approve_reports', 'reject_reports', 'publish_reports']
+    
+    def view_report_link(self, obj):
+        """Link to the generated report if exists."""
+        if obj.report:
+            url = reverse('admin:reports_scamreport_change', args=[obj.report.pk])
+            return format_html('<a href="{}">View Report #{}</a>', url, obj.report.pk)
+        return '-'
+    view_report_link.short_description = 'Linked Report'
+    
+    def get_queryset(self, request):
+        return super().get_queryset(request).select_related(
+            'crawled_content', 'reviewed_by', 'report'
+        ).prefetch_related('matched_keywords')
+    
+    @admin.action(description='Approve selected reports')
+    def approve_reports(self, request, queryset):
+        """Approve selected auto-generated reports."""
+        from django.utils import timezone
+        updated = queryset.filter(status='pending').update(
+            status='approved',
+            reviewed_by=request.user,
+            reviewed_at=timezone.now()
+        )
+        self.message_user(request, f'{updated} reports approved.')
+    
+    @admin.action(description='Reject selected reports')
+    def reject_reports(self, request, queryset):
+        """Reject selected auto-generated reports."""
+        from django.utils import timezone
+        updated = queryset.filter(status='pending').update(
+            status='rejected',
+            reviewed_by=request.user,
+            reviewed_at=timezone.now()
+        )
+        self.message_user(request, f'{updated} reports rejected.')
+    
+    @admin.action(description='Publish selected reports')
+    def publish_reports(self, request, queryset):
+        """Publish approved reports."""
+        from django.utils import timezone
+        from reports.models import ScamReport
+        from reports.models import ScamTag
+        
+        published = 0
+        for auto_report in queryset.filter(status='approved'):
+            if not auto_report.report:
+                # Create the actual scam report
+                report = ScamReport.objects.create(
+                    title=auto_report.title,
+                    description=auto_report.description,
+                    reported_url=auto_report.source_url,
+                    scam_type='other',  # Default type
+                    status='verified',  # Auto-verified since reviewed
+                    verification_score=auto_report.confidence_score,
+                    is_public=True,
+                    is_anonymous=True,  # System-generated
+                    is_auto_discovered=True,  # Mark as auto-discovered
+                    reporter_ip=None,  # System-generated
+                )
+                auto_report.report = report
+                auto_report.status = 'published'
+                auto_report.published_at = timezone.now()
+                auto_report.save()
+                published += 1
+        
+        self.message_user(request, f'{published} reports published.')
diff --git a/osint/apps.py b/osint/apps.py
new file mode 100644
index 0000000..f6c09eb
--- /dev/null
+++ b/osint/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class OsintConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'osint'
diff --git a/osint/forms.py b/osint/forms.py
new file mode 100644
index 0000000..6862692
--- /dev/null
+++ b/osint/forms.py
@@ -0,0 +1,97 @@
+"""
+Forms for OSINT app.
+"""
+import json
+from django import forms
+from django.core.exceptions import ValidationError
+from .models import SeedWebsite, OSINTKeyword
+
+
+class SeedWebsiteForm(forms.ModelForm):
+    """Form for creating/editing seed websites."""
+    allowed_domains_text = forms.CharField(
+        required=False,
+        widget=forms.Textarea(attrs={
+            'class': 'form-control',
+            'rows': 3,
+            'placeholder': 'Enter domains separated by commas or as JSON array, e.g. example.com, subdomain.example.com\nOr: ["example.com", "subdomain.example.com"]'
+        }),
+        help_text='Enter domains separated by commas or as JSON array. Leave empty for same domain only.'
+    )
+    
+    class Meta:
+        model = SeedWebsite
+        fields = [
+            'name', 'url', 'description', 'is_active', 'priority',
+            'crawl_depth', 'crawl_interval_hours', 'user_agent'
+        ]
+        widgets = {
+            'name': forms.TextInput(attrs={'class': 'form-control'}),
+            'url': forms.URLInput(attrs={'class': 'form-control'}),
+            'description': forms.Textarea(attrs={'class': 'form-control', 'rows': 3}),
+            'is_active': forms.CheckboxInput(attrs={'class': 'form-check-input'}),
+            'priority': forms.Select(attrs={'class': 'form-control'}),
+            'crawl_depth': forms.NumberInput(attrs={'class': 'form-control', 'min': 0, 'max': 5}),
+            'crawl_interval_hours': forms.NumberInput(attrs={'class': 'form-control', 'min': 1}),
+            'user_agent': forms.TextInput(attrs={'class': 'form-control'}),
+        }
+    
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        if self.instance and self.instance.pk and self.instance.allowed_domains:
+            # Convert list to text representation
+            if isinstance(self.instance.allowed_domains, list):
+                self.fields['allowed_domains_text'].initial = ', '.join(self.instance.allowed_domains)
+            else:
+                self.fields['allowed_domains_text'].initial = str(self.instance.allowed_domains)
+    
+    def clean_allowed_domains_text(self):
+        text = self.cleaned_data.get('allowed_domains_text', '').strip()
+        if not text:
+            return []
+        
+        # Try to parse as JSON first
+        try:
+            domains = json.loads(text)
+            if isinstance(domains, list):
+                return [str(d).strip() for d in domains if d]
+        except (json.JSONDecodeError, ValueError):
+            pass
+        
+        # Otherwise, treat as comma-separated
+        domains = [d.strip() for d in text.split(',') if d.strip()]
+        return domains
+    
+    def save(self, commit=True):
+        instance = super().save(commit=False)
+        instance.allowed_domains = self.cleaned_data.get('allowed_domains_text', [])
+        if commit:
+            instance.save()
+        return instance
+
+
+class OSINTKeywordForm(forms.ModelForm):
+    """Form for creating/editing OSINT keywords."""
+    
+    class Meta:
+        model = OSINTKeyword
+        fields = [
+            'name', 'keyword', 'description', 'keyword_type', 'is_active',
+            'case_sensitive', 'confidence_score', 'auto_approve'
+        ]
+        widgets = {
+            'name': forms.TextInput(attrs={'class': 'form-control'}),
+            'keyword': forms.Textarea(attrs={'class': 'form-control', 'rows': 2}),
+            'description': forms.Textarea(attrs={'class': 'form-control', 'rows': 2}),
+            'keyword_type': forms.Select(attrs={'class': 'form-control'}),
+            'is_active': forms.CheckboxInput(attrs={'class': 'form-check-input'}),
+            'case_sensitive': forms.CheckboxInput(attrs={'class': 'form-check-input'}),
+            'confidence_score': forms.NumberInput(attrs={
+                'class': 'form-control',
+                'min': 0,
+                'max': 100,
+                'step': 1
+            }),
+            'auto_approve': forms.CheckboxInput(attrs={'class': 'form-check-input'}),
+        }
+
diff --git a/osint/management/__init__.py b/osint/management/__init__.py
new file mode 100644
index 0000000..5bd381b
--- /dev/null
+++ b/osint/management/__init__.py
@@ -0,0 +1,2 @@
+# Management package
+
diff --git a/osint/management/commands/__init__.py b/osint/management/commands/__init__.py
new file mode 100644
index 0000000..90764a9
--- /dev/null
+++ b/osint/management/commands/__init__.py
@@ -0,0 +1,2 @@
+# Management commands package
+
diff --git a/osint/management/commands/crawl_osint.py b/osint/management/commands/crawl_osint.py
new file mode 100644
index 0000000..1fd745d
--- /dev/null
+++ b/osint/management/commands/crawl_osint.py
@@ -0,0 +1,360 @@
+"""
+Management command for OSINT crawling from seed websites.
+"""
+import re
+import hashlib
+import time
+from urllib.parse import urljoin, urlparse
+from django.core.management.base import BaseCommand
+from django.utils import timezone
+from django.db import transaction, models
+from django.conf import settings
+import requests
+from bs4 import BeautifulSoup
+from osint.models import SeedWebsite, OSINTKeyword, CrawledContent, AutoGeneratedReport
+from reports.models import ScamReport
+
+
+class Command(BaseCommand):
+    help = 'Crawl seed websites and search for scam-related keywords'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            '--seed-id',
+            type=int,
+            help='Crawl specific seed website by ID',
+        )
+        parser.add_argument(
+            '--all',
+            action='store_true',
+            help='Crawl all active seed websites',
+        )
+        parser.add_argument(
+            '--force',
+            action='store_true',
+            help='Force crawl even if recently crawled',
+        )
+        parser.add_argument(
+            '--max-pages',
+            type=int,
+            default=50,
+            help='Maximum pages to crawl per seed website (default: 50)',
+        )
+        parser.add_argument(
+            '--delay',
+            type=float,
+            default=1.0,
+            help='Delay between requests in seconds (default: 1.0)',
+        )
+
+    def handle(self, *args, **options):
+        self.stdout.write(self.style.SUCCESS('Starting OSINT crawling...'))
+        
+        # Get seed websites to crawl
+        if options['seed_id']:
+            seeds = SeedWebsite.objects.filter(id=options['seed_id'], is_active=True)
+        elif options['all']:
+            seeds = SeedWebsite.objects.filter(is_active=True)
+        else:
+            # Default: crawl websites that are due
+            now = timezone.now()
+            seeds = SeedWebsite.objects.filter(
+                is_active=True
+            ).filter(
+                models.Q(last_crawled_at__isnull=True) |
+                models.Q(last_crawled_at__lt=now - timezone.timedelta(hours=models.F('crawl_interval_hours')))
+            )
+        
+        if not seeds.exists():
+            self.stdout.write(self.style.WARNING('No seed websites to crawl.'))
+            return
+        
+        # Get active keywords
+        keywords = OSINTKeyword.objects.filter(is_active=True)
+        if not keywords.exists():
+            self.stdout.write(self.style.WARNING('No active keywords configured.'))
+            return
+        
+        self.stdout.write(f'Found {seeds.count()} seed website(s) to crawl')
+        self.stdout.write(f'Found {keywords.count()} active keyword(s)')
+        
+        total_pages = 0
+        total_matches = 0
+        
+        for seed in seeds:
+            self.stdout.write(f'\nCrawling: {seed.name} ({seed.url})')
+            pages, matches = self.crawl_seed(seed, keywords, options)
+            total_pages += pages
+            total_matches += matches
+            
+            # Update seed website stats
+            seed.last_crawled_at = timezone.now()
+            seed.pages_crawled += pages
+            seed.matches_found += matches
+            seed.save()
+        
+        self.stdout.write(self.style.SUCCESS(
+            f'\nCrawling completed! Total pages: {total_pages}, Total matches: {total_matches}'
+        ))
+
+    def crawl_seed(self, seed, keywords, options):
+        """Crawl a single seed website."""
+        max_pages = options['max_pages']
+        delay = options['delay']
+        pages_crawled = 0
+        matches_found = 0
+        
+        # Parse base URL
+        parsed_base = urlparse(seed.url)
+        base_domain = f"{parsed_base.scheme}://{parsed_base.netloc}"
+        
+        # Determine allowed domains
+        allowed_domains = seed.allowed_domains if seed.allowed_domains else [parsed_base.netloc]
+        
+        # URLs to visit
+        visited_urls = set()
+        urls_to_visit = [(seed.url, 0)]  # (url, depth)
+        
+        session = requests.Session()
+        session.headers.update({
+            'User-Agent': seed.user_agent or 'Mozilla/5.0 (compatible; OSINTBot/1.0)'
+        })
+        
+        while urls_to_visit and pages_crawled < max_pages:
+            url, depth = urls_to_visit.pop(0)
+            
+            # Skip if already visited or too deep
+            if url in visited_urls or depth > seed.crawl_depth:
+                continue
+            
+            # Check domain
+            parsed = urlparse(url)
+            if parsed.netloc not in allowed_domains:
+                continue
+            
+            visited_urls.add(url)
+            
+            try:
+                # Fetch page
+                self.stdout.write(f'  Fetching: {url} (depth: {depth})')
+                response = session.get(url, timeout=10, allow_redirects=True)
+                response.raise_for_status()
+                
+                # Parse content
+                soup = BeautifulSoup(response.text, 'lxml')
+                
+                # Extract text content
+                # Remove script and style elements
+                for script in soup(["script", "style", "meta", "link"]):
+                    script.decompose()
+                
+                text_content = soup.get_text(separator=' ', strip=True)
+                title = soup.title.string if soup.title else ''
+                html_content = str(soup)
+                
+                # Calculate content hash
+                content_hash = hashlib.sha256(text_content.encode('utf-8')).hexdigest()
+                
+                # Check for duplicates
+                if CrawledContent.objects.filter(url=url, content_hash=content_hash).exists():
+                    self.stdout.write(f'    Skipping duplicate content')
+                    continue
+                
+                # Match keywords
+                matched_keywords = []
+                match_count = 0
+                
+                for keyword_obj in keywords:
+                    matches = self.match_keyword(keyword_obj, text_content, url, title)
+                    if matches:
+                        matched_keywords.append(keyword_obj)
+                        match_count += len(matches)
+                
+                # Calculate confidence score
+                confidence_score = self.calculate_confidence(matched_keywords, match_count)
+                has_potential_scam = confidence_score >= 30  # Threshold
+                
+                # Save crawled content
+                with transaction.atomic():
+                    crawled_content = CrawledContent.objects.create(
+                        seed_website=seed,
+                        url=url,
+                        title=title[:500],
+                        content=text_content[:10000],  # Limit content size
+                        html_content=html_content[:50000],  # Limit HTML size
+                        match_count=match_count,
+                        confidence_score=confidence_score,
+                        has_potential_scam=has_potential_scam,
+                        http_status=response.status_code,
+                        content_hash=content_hash
+                    )
+                    crawled_content.matched_keywords.set(matched_keywords)
+                
+                pages_crawled += 1
+                
+                if has_potential_scam:
+                    matches_found += 1
+                    self.stdout.write(self.style.WARNING(
+                        f'    ⚠ Potential scam detected! Confidence: {confidence_score}%'
+                    ))
+                    
+                    # Create auto-generated report
+                    self.create_auto_report(crawled_content, matched_keywords, confidence_score)
+                
+                # Extract links for further crawling
+                if depth < seed.crawl_depth:
+                    for link in soup.find_all('a', href=True):
+                        href = link['href']
+                        absolute_url = urljoin(url, href)
+                        parsed_link = urlparse(absolute_url)
+                        
+                        # Only follow same-domain links
+                        if parsed_link.netloc in allowed_domains:
+                            if absolute_url not in visited_urls:
+                                urls_to_visit.append((absolute_url, depth + 1))
+                
+                # Rate limiting
+                time.sleep(delay)
+                
+            except requests.RequestException as e:
+                self.stdout.write(self.style.ERROR(f'    Error fetching {url}: {e}'))
+                continue
+            except Exception as e:
+                self.stdout.write(self.style.ERROR(f'    Error processing {url}: {e}'))
+                continue
+        
+        return pages_crawled, matches_found
+
+    def match_keyword(self, keyword_obj, text, url, title):
+        """Match a keyword against text content."""
+        keyword = keyword_obj.keyword
+        flags = 0 if keyword_obj.case_sensitive else re.IGNORECASE
+        
+        matches = []
+        
+        if keyword_obj.keyword_type == 'exact':
+            if keyword_obj.case_sensitive:
+                if keyword in text or keyword in url or keyword in title:
+                    matches.append(keyword)
+            else:
+                if keyword.lower() in text.lower() or keyword.lower() in url.lower() or keyword.lower() in title.lower():
+                    matches.append(keyword)
+        
+        elif keyword_obj.keyword_type == 'regex':
+            try:
+                pattern = re.compile(keyword, flags)
+                matches = pattern.findall(text + ' ' + url + ' ' + title)
+            except re.error:
+                self.stdout.write(self.style.ERROR(f'    Invalid regex: {keyword}'))
+        
+        elif keyword_obj.keyword_type == 'phrase':
+            # Phrase matching (word boundaries)
+            pattern = re.compile(r'\b' + re.escape(keyword) + r'\b', flags)
+            matches = pattern.findall(text + ' ' + url + ' ' + title)
+        
+        elif keyword_obj.keyword_type == 'domain':
+            # Domain pattern matching
+            pattern = re.compile(keyword, flags)
+            matches = pattern.findall(url)
+        
+        elif keyword_obj.keyword_type == 'email':
+            # Email pattern
+            email_pattern = re.compile(r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b', flags)
+            found_emails = email_pattern.findall(text + ' ' + url)
+            # Check if any email matches the keyword pattern
+            pattern = re.compile(keyword, flags)
+            matches = [email for email in found_emails if pattern.search(email)]
+        
+        elif keyword_obj.keyword_type == 'phone':
+            # Phone pattern
+            phone_pattern = re.compile(r'[\+]?[(]?[0-9]{1,4}[)]?[-\s\.]?[(]?[0-9]{1,4}[)]?[-\s\.]?[0-9]{1,9}', flags)
+            found_phones = phone_pattern.findall(text)
+            # Check if any phone matches the keyword pattern
+            pattern = re.compile(keyword, flags)
+            matches = [phone for phone in found_phones if pattern.search(phone)]
+        
+        return matches
+
+    def calculate_confidence(self, matched_keywords, match_count):
+        """Calculate confidence score based on matched keywords."""
+        if not matched_keywords:
+            return 0
+        
+        # Base score from keyword confidence scores
+        base_score = sum(kw.confidence_score for kw in matched_keywords) / len(matched_keywords)
+        
+        # Boost for multiple matches
+        match_boost = min(match_count * 2, 30)  # Max 30 point boost
+        
+        # Boost for multiple different keywords
+        keyword_boost = min(len(matched_keywords) * 5, 20)  # Max 20 point boost
+        
+        total_score = base_score + match_boost + keyword_boost
+        return min(int(total_score), 100)  # Cap at 100
+
+    def create_auto_report(self, crawled_content, matched_keywords, confidence_score):
+        """Create an auto-generated report from crawled content."""
+        # Check if report already exists
+        if AutoGeneratedReport.objects.filter(crawled_content=crawled_content).exists():
+            return
+        
+        # Generate title
+        title = f"Potential Scam Detected: {crawled_content.title or crawled_content.url}"
+        if len(title) > 500:
+            title = title[:497] + '...'
+        
+        # Generate description
+        description = f"Automatically detected potential scam from OSINT crawling.\n\n"
+        description += f"Source URL: {crawled_content.url}\n"
+        description += f"Matched Keywords: {', '.join(kw.name for kw in matched_keywords)}\n"
+        description += f"Confidence Score: {confidence_score}%\n\n"
+        
+        # Extract relevant snippet
+        content_preview = crawled_content.content[:500] + '...' if len(crawled_content.content) > 500 else crawled_content.content
+        description += f"Content Preview:\n{content_preview}"
+        
+        # Determine if should auto-approve
+        status = 'pending'
+        if confidence_score >= 80 and any(kw.auto_approve for kw in matched_keywords):
+            status = 'approved'
+        
+        # Create auto-generated report
+        auto_report = AutoGeneratedReport.objects.create(
+            crawled_content=crawled_content,
+            title=title,
+            description=description,
+            source_url=crawled_content.url,
+            confidence_score=confidence_score,
+            status=status
+        )
+        auto_report.matched_keywords.set(matched_keywords)
+        
+        # If auto-approved, create the actual report
+        if status == 'approved':
+            self.create_scam_report(auto_report)
+
+    def create_scam_report(self, auto_report):
+        """Create actual scam report from auto-generated report."""
+        from reports.models import ScamReport
+        
+        report = ScamReport.objects.create(
+            title=auto_report.title,
+            description=auto_report.description,
+            reported_url=auto_report.source_url,
+            scam_type='other',  # Default type, can be updated by moderator
+            status='verified',  # Auto-verified since reviewed
+            verification_score=auto_report.confidence_score,
+            is_public=True,
+            is_anonymous=True,  # System-generated
+            is_auto_discovered=True,  # Mark as auto-discovered
+        )
+        
+        auto_report.report = report
+        auto_report.status = 'published'
+        auto_report.published_at = timezone.now()
+        auto_report.save()
+        
+        self.stdout.write(self.style.SUCCESS(
+            f'    ✓ Auto-approved and published report: {report.title}'
+        ))
+
diff --git a/osint/migrations/0001_initial.py b/osint/migrations/0001_initial.py
new file mode 100644
index 0000000..e076036
--- /dev/null
+++ b/osint/migrations/0001_initial.py
@@ -0,0 +1,80 @@
+# Generated by Django 5.2.8 on 2025-11-26 13:41
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('reports', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='OSINTConfiguration',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('service_name', models.CharField(max_length=100, unique=True)),
+                ('api_key', models.CharField(blank=True, help_text='Encrypted API key', max_length=255)),
+                ('api_url', models.URLField(blank=True)),
+                ('is_active', models.BooleanField(default=True)),
+                ('rate_limit', models.IntegerField(default=100, help_text='Requests per hour')),
+                ('configuration', models.JSONField(blank=True, default=dict, help_text='Additional configuration')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'OSINT Configuration',
+                'verbose_name_plural': 'OSINT Configurations',
+                'db_table': 'osint_osintconfiguration',
+            },
+        ),
+        migrations.CreateModel(
+            name='OSINTResult',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('source', models.CharField(help_text='OSINT source/service name', max_length=100)),
+                ('data_type', models.CharField(choices=[('whois', 'WHOIS Data'), ('dns', 'DNS Records'), ('ssl', 'SSL Certificate'), ('archive', 'Archive Data'), ('email', 'Email Data'), ('phone', 'Phone Data'), ('business', 'Business Registry Data'), ('social', 'Social Media Data'), ('reputation', 'Reputation Data')], max_length=50)),
+                ('raw_data', models.JSONField(default=dict, help_text='Raw data from OSINT source')),
+                ('processed_data', models.JSONField(blank=True, default=dict, help_text='Processed/cleaned data')),
+                ('confidence_level', models.IntegerField(default=0, help_text='Confidence level (0-100)')),
+                ('is_verified', models.BooleanField(default=False, help_text='Manually verified by moderator')),
+                ('collected_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('report', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='osint_results', to='reports.scamreport')),
+            ],
+            options={
+                'verbose_name': 'OSINT Result',
+                'verbose_name_plural': 'OSINT Results',
+                'db_table': 'osint_osintresult',
+                'ordering': ['-collected_at'],
+                'indexes': [models.Index(fields=['report', 'data_type'], name='osint_osint_report__4a95b0_idx'), models.Index(fields=['confidence_level', 'is_verified'], name='osint_osint_confide_47552d_idx')],
+            },
+        ),
+        migrations.CreateModel(
+            name='OSINTTask',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('task_type', models.CharField(choices=[('domain_analysis', 'Domain Analysis'), ('url_analysis', 'URL Analysis'), ('email_analysis', 'Email Analysis'), ('phone_analysis', 'Phone Analysis'), ('whois_lookup', 'WHOIS Lookup'), ('dns_lookup', 'DNS Lookup'), ('ssl_check', 'SSL Certificate Check'), ('archive_check', 'Archive Check'), ('business_registry', 'Business Registry Check'), ('social_media', 'Social Media Check')], max_length=50)),
+                ('status', models.CharField(choices=[('pending', 'Pending'), ('running', 'Running'), ('completed', 'Completed'), ('failed', 'Failed'), ('cancelled', 'Cancelled')], default='pending', max_length=20)),
+                ('parameters', models.JSONField(default=dict, help_text='Task parameters (e.g., URL, email, phone)')),
+                ('result', models.JSONField(blank=True, default=dict, help_text='Task result data')),
+                ('error_message', models.TextField(blank=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('started_at', models.DateTimeField(blank=True, null=True)),
+                ('completed_at', models.DateTimeField(blank=True, null=True)),
+                ('retry_count', models.IntegerField(default=0)),
+                ('report', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='osint_tasks', to='reports.scamreport')),
+            ],
+            options={
+                'verbose_name': 'OSINT Task',
+                'verbose_name_plural': 'OSINT Tasks',
+                'db_table': 'osint_osinttask',
+                'ordering': ['-created_at'],
+                'indexes': [models.Index(fields=['status', 'created_at'], name='osint_osint_status_290802_idx'), models.Index(fields=['report', 'task_type'], name='osint_osint_report__e7bd16_idx')],
+            },
+        ),
+    ]
diff --git a/osint/migrations/0002_osintkeyword_crawledcontent_autogeneratedreport_and_more.py b/osint/migrations/0002_osintkeyword_crawledcontent_autogeneratedreport_and_more.py
new file mode 100644
index 0000000..82e9a71
--- /dev/null
+++ b/osint/migrations/0002_osintkeyword_crawledcontent_autogeneratedreport_and_more.py
@@ -0,0 +1,157 @@
+# Generated by Django 5.2.8 on 2025-11-26 18:03
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('osint', '0001_initial'),
+        ('reports', '0002_scamreport_is_auto_discovered'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='OSINTKeyword',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('keyword', models.CharField(help_text='Keyword, phrase, or regex pattern to search for', max_length=500)),
+                ('name', models.CharField(help_text='Friendly name for this keyword', max_length=200)),
+                ('description', models.TextField(blank=True, help_text='Description of what this keyword detects')),
+                ('keyword_type', models.CharField(choices=[('exact', 'Exact Match'), ('regex', 'Regular Expression'), ('phrase', 'Phrase Match'), ('domain', 'Domain Pattern'), ('email', 'Email Pattern'), ('phone', 'Phone Pattern')], default='phrase', help_text='Type of matching to perform', max_length=20)),
+                ('is_active', models.BooleanField(default=True, help_text='Enable/disable this keyword')),
+                ('case_sensitive', models.BooleanField(default=False, help_text='Case sensitive matching')),
+                ('confidence_score', models.IntegerField(default=50, help_text='Default confidence score (0-100) when this keyword matches')),
+                ('auto_approve', models.BooleanField(default=False, help_text='Auto-approve reports matching this keyword (requires high confidence)')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('created_by', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='created_keywords', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'OSINT Keyword',
+                'verbose_name_plural': 'OSINT Keywords',
+                'db_table': 'osint_keyword',
+                'ordering': ['-is_active', 'name'],
+            },
+        ),
+        migrations.CreateModel(
+            name='CrawledContent',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('url', models.URLField(help_text='URL of the crawled page', max_length=1000)),
+                ('title', models.CharField(blank=True, help_text='Page title', max_length=500)),
+                ('content', models.TextField(help_text='Crawled page content')),
+                ('html_content', models.TextField(blank=True, help_text='Raw HTML content')),
+                ('match_count', models.IntegerField(default=0, help_text='Number of keyword matches found')),
+                ('confidence_score', models.IntegerField(default=0, help_text='Calculated confidence score based on matches')),
+                ('has_potential_scam', models.BooleanField(default=False, help_text='Flagged as potential scam based on keyword matches')),
+                ('crawled_at', models.DateTimeField(auto_now_add=True)),
+                ('http_status', models.IntegerField(blank=True, help_text='HTTP status code', null=True)),
+                ('content_hash', models.CharField(blank=True, help_text='SHA256 hash of content for deduplication', max_length=64)),
+                ('matched_keywords', models.ManyToManyField(blank=True, help_text='Keywords that matched this content', related_name='matched_contents', to='osint.osintkeyword')),
+            ],
+            options={
+                'verbose_name': 'Crawled Content',
+                'verbose_name_plural': 'Crawled Contents',
+                'db_table': 'osint_crawledcontent',
+                'ordering': ['-crawled_at', '-confidence_score'],
+            },
+        ),
+        migrations.CreateModel(
+            name='AutoGeneratedReport',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('title', models.CharField(help_text='Auto-generated report title', max_length=500)),
+                ('description', models.TextField(help_text='Auto-generated report description')),
+                ('source_url', models.URLField(help_text='Source URL where scam was found', max_length=1000)),
+                ('confidence_score', models.IntegerField(default=0, help_text='Confidence score (0-100)')),
+                ('status', models.CharField(choices=[('pending', 'Pending Review'), ('approved', 'Approved'), ('rejected', 'Rejected'), ('published', 'Published')], default='pending', help_text='Review status', max_length=20)),
+                ('review_notes', models.TextField(blank=True, help_text='Notes from moderator/admin review')),
+                ('reviewed_at', models.DateTimeField(blank=True, null=True)),
+                ('published_at', models.DateTimeField(blank=True, null=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('report', models.ForeignKey(blank=True, help_text='Linked scam report (created when approved)', null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='auto_generated_reports', to='reports.scamreport')),
+                ('reviewed_by', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='reviewed_auto_reports', to=settings.AUTH_USER_MODEL)),
+                ('crawled_content', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, related_name='auto_report', to='osint.crawledcontent')),
+                ('matched_keywords', models.ManyToManyField(related_name='generated_reports', to='osint.osintkeyword')),
+            ],
+            options={
+                'verbose_name': 'Auto-Generated Report',
+                'verbose_name_plural': 'Auto-Generated Reports',
+                'db_table': 'osint_autogeneratedreport',
+                'ordering': ['-created_at', '-confidence_score'],
+            },
+        ),
+        migrations.CreateModel(
+            name='SeedWebsite',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('url', models.URLField(help_text='Base URL to crawl', max_length=500)),
+                ('name', models.CharField(help_text='Friendly name for this seed website', max_length=200)),
+                ('description', models.TextField(blank=True, help_text='Description of the website')),
+                ('is_active', models.BooleanField(default=True, help_text='Enable/disable crawling for this website')),
+                ('priority', models.CharField(choices=[('high', 'High'), ('medium', 'Medium'), ('low', 'Low')], default='medium', help_text='Crawling priority', max_length=10)),
+                ('crawl_depth', models.IntegerField(default=2, help_text='Maximum depth to crawl (0 = only this page, 1 = this page + direct links, etc.)')),
+                ('crawl_interval_hours', models.IntegerField(default=24, help_text='Hours between crawls')),
+                ('allowed_domains', models.JSONField(blank=True, default=list, help_text='List of allowed domains to crawl (empty = same domain only)')),
+                ('user_agent', models.CharField(blank=True, default='Mozilla/5.0 (compatible; OSINTBot/1.0)', help_text='User agent string for requests', max_length=255)),
+                ('last_crawled_at', models.DateTimeField(blank=True, null=True)),
+                ('pages_crawled', models.IntegerField(default=0)),
+                ('matches_found', models.IntegerField(default=0)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('created_by', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='created_seed_websites', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'Seed Website',
+                'verbose_name_plural': 'Seed Websites',
+                'db_table': 'osint_seedwebsite',
+                'ordering': ['-priority', '-last_crawled_at'],
+            },
+        ),
+        migrations.AddField(
+            model_name='crawledcontent',
+            name='seed_website',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='crawled_contents', to='osint.seedwebsite'),
+        ),
+        migrations.AddIndex(
+            model_name='osintkeyword',
+            index=models.Index(fields=['is_active', 'keyword_type'], name='osint_keywo_is_acti_6f4814_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='autogeneratedreport',
+            index=models.Index(fields=['status', 'confidence_score'], name='osint_autog_status_a8a215_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='autogeneratedreport',
+            index=models.Index(fields=['created_at'], name='osint_autog_created_07e2b0_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='seedwebsite',
+            index=models.Index(fields=['is_active', 'priority'], name='osint_seedw_is_acti_411fa2_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='seedwebsite',
+            index=models.Index(fields=['last_crawled_at'], name='osint_seedw_last_cr_673111_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='crawledcontent',
+            index=models.Index(fields=['seed_website', 'crawled_at'], name='osint_crawl_seed_we_eb78f4_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='crawledcontent',
+            index=models.Index(fields=['has_potential_scam', 'confidence_score'], name='osint_crawl_has_pot_9317d0_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='crawledcontent',
+            index=models.Index(fields=['content_hash'], name='osint_crawl_content_17d05a_idx'),
+        ),
+        migrations.AlterUniqueTogether(
+            name='crawledcontent',
+            unique_together={('url', 'content_hash')},
+        ),
+    ]
diff --git a/osint/migrations/__init__.py b/osint/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/osint/models.py b/osint/models.py
new file mode 100644
index 0000000..cb8508d
--- /dev/null
+++ b/osint/models.py
@@ -0,0 +1,468 @@
+"""
+OSINT (Open Source Intelligence) integration models.
+"""
+from django.db import models
+from django.contrib.auth import get_user_model
+from reports.models import ScamReport
+
+User = get_user_model()
+
+
+class OSINTTask(models.Model):
+    """
+    Background tasks for OSINT data collection.
+    """
+    TASK_TYPE_CHOICES = [
+        ('domain_analysis', 'Domain Analysis'),
+        ('url_analysis', 'URL Analysis'),
+        ('email_analysis', 'Email Analysis'),
+        ('phone_analysis', 'Phone Analysis'),
+        ('whois_lookup', 'WHOIS Lookup'),
+        ('dns_lookup', 'DNS Lookup'),
+        ('ssl_check', 'SSL Certificate Check'),
+        ('archive_check', 'Archive Check'),
+        ('business_registry', 'Business Registry Check'),
+        ('social_media', 'Social Media Check'),
+    ]
+    
+    STATUS_CHOICES = [
+        ('pending', 'Pending'),
+        ('running', 'Running'),
+        ('completed', 'Completed'),
+        ('failed', 'Failed'),
+        ('cancelled', 'Cancelled'),
+    ]
+    
+    report = models.ForeignKey(
+        ScamReport,
+        on_delete=models.CASCADE,
+        related_name='osint_tasks'
+    )
+    task_type = models.CharField(
+        max_length=50,
+        choices=TASK_TYPE_CHOICES
+    )
+    status = models.CharField(
+        max_length=20,
+        choices=STATUS_CHOICES,
+        default='pending'
+    )
+    parameters = models.JSONField(
+        default=dict,
+        help_text='Task parameters (e.g., URL, email, phone)'
+    )
+    result = models.JSONField(
+        default=dict,
+        blank=True,
+        help_text='Task result data'
+    )
+    error_message = models.TextField(blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    started_at = models.DateTimeField(null=True, blank=True)
+    completed_at = models.DateTimeField(null=True, blank=True)
+    retry_count = models.IntegerField(default=0)
+    
+    class Meta:
+        db_table = 'osint_osinttask'
+        verbose_name = 'OSINT Task'
+        verbose_name_plural = 'OSINT Tasks'
+        ordering = ['-created_at']
+        indexes = [
+            models.Index(fields=['status', 'created_at']),
+            models.Index(fields=['report', 'task_type']),
+        ]
+    
+    def __str__(self):
+        return f"{self.get_task_type_display()} for Report #{self.report.id} - {self.get_status_display()}"
+
+
+class OSINTResult(models.Model):
+    """
+    OSINT investigation results.
+    """
+    DATA_TYPE_CHOICES = [
+        ('whois', 'WHOIS Data'),
+        ('dns', 'DNS Records'),
+        ('ssl', 'SSL Certificate'),
+        ('archive', 'Archive Data'),
+        ('email', 'Email Data'),
+        ('phone', 'Phone Data'),
+        ('business', 'Business Registry Data'),
+        ('social', 'Social Media Data'),
+        ('reputation', 'Reputation Data'),
+    ]
+    
+    report = models.ForeignKey(
+        ScamReport,
+        on_delete=models.CASCADE,
+        related_name='osint_results'
+    )
+    source = models.CharField(
+        max_length=100,
+        help_text='OSINT source/service name'
+    )
+    data_type = models.CharField(
+        max_length=50,
+        choices=DATA_TYPE_CHOICES
+    )
+    raw_data = models.JSONField(
+        default=dict,
+        help_text='Raw data from OSINT source'
+    )
+    processed_data = models.JSONField(
+        default=dict,
+        blank=True,
+        help_text='Processed/cleaned data'
+    )
+    confidence_level = models.IntegerField(
+        default=0,
+        help_text='Confidence level (0-100)'
+    )
+    is_verified = models.BooleanField(
+        default=False,
+        help_text='Manually verified by moderator'
+    )
+    collected_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'osint_osintresult'
+        verbose_name = 'OSINT Result'
+        verbose_name_plural = 'OSINT Results'
+        ordering = ['-collected_at']
+        indexes = [
+            models.Index(fields=['report', 'data_type']),
+            models.Index(fields=['confidence_level', 'is_verified']),
+        ]
+    
+    def __str__(self):
+        return f"{self.get_data_type_display()} from {self.source} for Report #{self.report.id}"
+
+
+class OSINTConfiguration(models.Model):
+    """
+    Configuration for OSINT services and APIs.
+    """
+    service_name = models.CharField(max_length=100, unique=True)
+    api_key = models.CharField(
+        max_length=255,
+        blank=True,
+        help_text='Encrypted API key'
+    )
+    api_url = models.URLField(blank=True)
+    is_active = models.BooleanField(default=True)
+    rate_limit = models.IntegerField(
+        default=100,
+        help_text='Requests per hour'
+    )
+    configuration = models.JSONField(
+        default=dict,
+        blank=True,
+        help_text='Additional configuration'
+    )
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'osint_osintconfiguration'
+        verbose_name = 'OSINT Configuration'
+        verbose_name_plural = 'OSINT Configurations'
+    
+    def __str__(self):
+        return f"{self.service_name} ({'Active' if self.is_active else 'Inactive'})"
+
+
+class SeedWebsite(models.Model):
+    """
+    Seed websites for OSINT crawling.
+    """
+    PRIORITY_CHOICES = [
+        ('high', 'High'),
+        ('medium', 'Medium'),
+        ('low', 'Low'),
+    ]
+    
+    url = models.URLField(
+        max_length=500,
+        help_text='Base URL to crawl'
+    )
+    name = models.CharField(
+        max_length=200,
+        help_text='Friendly name for this seed website'
+    )
+    description = models.TextField(
+        blank=True,
+        help_text='Description of the website'
+    )
+    is_active = models.BooleanField(
+        default=True,
+        help_text='Enable/disable crawling for this website'
+    )
+    priority = models.CharField(
+        max_length=10,
+        choices=PRIORITY_CHOICES,
+        default='medium',
+        help_text='Crawling priority'
+    )
+    crawl_depth = models.IntegerField(
+        default=2,
+        help_text='Maximum depth to crawl (0 = only this page, 1 = this page + direct links, etc.)'
+    )
+    crawl_interval_hours = models.IntegerField(
+        default=24,
+        help_text='Hours between crawls'
+    )
+    allowed_domains = models.JSONField(
+        default=list,
+        blank=True,
+        help_text='List of allowed domains to crawl (empty = same domain only)'
+    )
+    user_agent = models.CharField(
+        max_length=255,
+        blank=True,
+        default='Mozilla/5.0 (compatible; OSINTBot/1.0)',
+        help_text='User agent string for requests'
+    )
+    last_crawled_at = models.DateTimeField(null=True, blank=True)
+    pages_crawled = models.IntegerField(default=0)
+    matches_found = models.IntegerField(default=0)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    created_by = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        related_name='created_seed_websites'
+    )
+    
+    class Meta:
+        db_table = 'osint_seedwebsite'
+        verbose_name = 'Seed Website'
+        verbose_name_plural = 'Seed Websites'
+        ordering = ['-priority', '-last_crawled_at']
+        indexes = [
+            models.Index(fields=['is_active', 'priority']),
+            models.Index(fields=['last_crawled_at']),
+        ]
+    
+    def __str__(self):
+        return f"{self.name} ({self.url})"
+
+
+class OSINTKeyword(models.Model):
+    """
+    Keywords and patterns to search for during OSINT crawling.
+    """
+    TYPE_CHOICES = [
+        ('exact', 'Exact Match'),
+        ('regex', 'Regular Expression'),
+        ('phrase', 'Phrase Match'),
+        ('domain', 'Domain Pattern'),
+        ('email', 'Email Pattern'),
+        ('phone', 'Phone Pattern'),
+    ]
+    
+    keyword = models.CharField(
+        max_length=500,
+        help_text='Keyword, phrase, or regex pattern to search for'
+    )
+    name = models.CharField(
+        max_length=200,
+        help_text='Friendly name for this keyword'
+    )
+    description = models.TextField(
+        blank=True,
+        help_text='Description of what this keyword detects'
+    )
+    keyword_type = models.CharField(
+        max_length=20,
+        choices=TYPE_CHOICES,
+        default='phrase',
+        help_text='Type of matching to perform'
+    )
+    is_active = models.BooleanField(
+        default=True,
+        help_text='Enable/disable this keyword'
+    )
+    case_sensitive = models.BooleanField(
+        default=False,
+        help_text='Case sensitive matching'
+    )
+    confidence_score = models.IntegerField(
+        default=50,
+        help_text='Default confidence score (0-100) when this keyword matches'
+    )
+    auto_approve = models.BooleanField(
+        default=False,
+        help_text='Auto-approve reports matching this keyword (requires high confidence)'
+    )
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    created_by = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        related_name='created_keywords'
+    )
+    
+    class Meta:
+        db_table = 'osint_keyword'
+        verbose_name = 'OSINT Keyword'
+        verbose_name_plural = 'OSINT Keywords'
+        ordering = ['-is_active', 'name']
+        indexes = [
+            models.Index(fields=['is_active', 'keyword_type']),
+        ]
+    
+    def __str__(self):
+        return f"{self.name} ({self.keyword_type})"
+
+
+class CrawledContent(models.Model):
+    """
+    Content crawled from seed websites.
+    """
+    seed_website = models.ForeignKey(
+        SeedWebsite,
+        on_delete=models.CASCADE,
+        related_name='crawled_contents'
+    )
+    url = models.URLField(
+        max_length=1000,
+        help_text='URL of the crawled page'
+    )
+    title = models.CharField(
+        max_length=500,
+        blank=True,
+        help_text='Page title'
+    )
+    content = models.TextField(
+        help_text='Crawled page content'
+    )
+    html_content = models.TextField(
+        blank=True,
+        help_text='Raw HTML content'
+    )
+    matched_keywords = models.ManyToManyField(
+        OSINTKeyword,
+        blank=True,
+        related_name='matched_contents',
+        help_text='Keywords that matched this content'
+    )
+    match_count = models.IntegerField(
+        default=0,
+        help_text='Number of keyword matches found'
+    )
+    confidence_score = models.IntegerField(
+        default=0,
+        help_text='Calculated confidence score based on matches'
+    )
+    has_potential_scam = models.BooleanField(
+        default=False,
+        help_text='Flagged as potential scam based on keyword matches'
+    )
+    crawled_at = models.DateTimeField(auto_now_add=True)
+    http_status = models.IntegerField(
+        null=True,
+        blank=True,
+        help_text='HTTP status code'
+    )
+    content_hash = models.CharField(
+        max_length=64,
+        blank=True,
+        help_text='SHA256 hash of content for deduplication'
+    )
+    
+    class Meta:
+        db_table = 'osint_crawledcontent'
+        verbose_name = 'Crawled Content'
+        verbose_name_plural = 'Crawled Contents'
+        ordering = ['-crawled_at', '-confidence_score']
+        indexes = [
+            models.Index(fields=['seed_website', 'crawled_at']),
+            models.Index(fields=['has_potential_scam', 'confidence_score']),
+            models.Index(fields=['content_hash']),
+        ]
+        unique_together = [['url', 'content_hash']]
+    
+    def __str__(self):
+        return f"{self.title or self.url} - {self.match_count} matches"
+
+
+class AutoGeneratedReport(models.Model):
+    """
+    Automatically generated scam reports from OSINT crawling.
+    """
+    STATUS_CHOICES = [
+        ('pending', 'Pending Review'),
+        ('approved', 'Approved'),
+        ('rejected', 'Rejected'),
+        ('published', 'Published'),
+    ]
+    
+    crawled_content = models.OneToOneField(
+        CrawledContent,
+        on_delete=models.CASCADE,
+        related_name='auto_report'
+    )
+    report = models.ForeignKey(
+        ScamReport,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='auto_generated_reports',
+        help_text='Linked scam report (created when approved)'
+    )
+    title = models.CharField(
+        max_length=500,
+        help_text='Auto-generated report title'
+    )
+    description = models.TextField(
+        help_text='Auto-generated report description'
+    )
+    source_url = models.URLField(
+        max_length=1000,
+        help_text='Source URL where scam was found'
+    )
+    matched_keywords = models.ManyToManyField(
+        OSINTKeyword,
+        related_name='generated_reports'
+    )
+    confidence_score = models.IntegerField(
+        default=0,
+        help_text='Confidence score (0-100)'
+    )
+    status = models.CharField(
+        max_length=20,
+        choices=STATUS_CHOICES,
+        default='pending',
+        help_text='Review status'
+    )
+    review_notes = models.TextField(
+        blank=True,
+        help_text='Notes from moderator/admin review'
+    )
+    reviewed_by = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='reviewed_auto_reports'
+    )
+    reviewed_at = models.DateTimeField(null=True, blank=True)
+    published_at = models.DateTimeField(null=True, blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        db_table = 'osint_autogeneratedreport'
+        verbose_name = 'Auto-Generated Report'
+        verbose_name_plural = 'Auto-Generated Reports'
+        ordering = ['-created_at', '-confidence_score']
+        indexes = [
+            models.Index(fields=['status', 'confidence_score']),
+            models.Index(fields=['created_at']),
+        ]
+    
+    def __str__(self):
+        return f"{self.title} - {self.get_status_display()}"
diff --git a/osint/tasks.py b/osint/tasks.py
new file mode 100644
index 0000000..91a5dee
--- /dev/null
+++ b/osint/tasks.py
@@ -0,0 +1,75 @@
+"""
+Celery tasks for OSINT crawling.
+"""
+from celery import shared_task
+from django.core.management import call_command
+from django.utils import timezone
+from datetime import timedelta
+from .models import SeedWebsite, AutoGeneratedReport
+
+
+@shared_task
+def crawl_osint_seeds():
+    """
+    Periodic task to crawl all due seed websites.
+    This should be scheduled to run periodically (e.g., every hour).
+    """
+    try:
+        call_command('crawl_osint', '--all', verbosity=0)
+        return "OSINT crawling completed successfully"
+    except Exception as e:
+        return f"OSINT crawling failed: {str(e)}"
+
+
+@shared_task
+def crawl_specific_seed(seed_id):
+    """
+    Crawl a specific seed website.
+    """
+    try:
+        call_command('crawl_osint', '--seed-id', str(seed_id), verbosity=0)
+        return f"Seed website {seed_id} crawled successfully"
+    except Exception as e:
+        return f"Seed website {seed_id} crawling failed: {str(e)}"
+
+
+@shared_task
+def auto_approve_high_confidence_reports():
+    """
+    Auto-approve reports with very high confidence scores and auto-approve keywords.
+    """
+    from reports.models import ScamReport
+    
+    # Get auto-reports that should be auto-approved
+    auto_reports = AutoGeneratedReport.objects.filter(
+        status='pending',
+        confidence_score__gte=80
+    ).prefetch_related('matched_keywords')
+    
+    approved_count = 0
+    for auto_report in auto_reports:
+        # Check if any matched keyword has auto_approve enabled
+        if any(kw.auto_approve for kw in auto_report.matched_keywords.all()):
+            # Approve and publish
+            from osint.views import ApproveAutoReportView
+            # Create report directly
+            report = ScamReport.objects.create(
+                title=auto_report.title,
+                description=auto_report.description,
+                reported_url=auto_report.source_url,
+                scam_type='other',
+                status='verified',
+                verification_score=auto_report.confidence_score,
+                is_public=True,
+                is_anonymous=True,
+                is_auto_discovered=True,  # Mark as auto-discovered
+            )
+            
+            auto_report.report = report
+            auto_report.status = 'published'
+            auto_report.published_at = timezone.now()
+            auto_report.save()
+            approved_count += 1
+    
+    return f"Auto-approved {approved_count} reports"
+
diff --git a/osint/tests.py b/osint/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/osint/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/osint/urls.py b/osint/urls.py
new file mode 100644
index 0000000..12912e1
--- /dev/null
+++ b/osint/urls.py
@@ -0,0 +1,35 @@
+"""
+URL configuration for osint app.
+"""
+from django.urls import path
+from . import views
+
+app_name = 'osint'
+
+urlpatterns = [
+    # Admin Dashboard (Main OSINT Management)
+    path('admin-dashboard/', views.OSINTAdminDashboardView.as_view(), name='admin_dashboard'),
+    
+    # Seed Website Management
+    path('admin-dashboard/seeds/add/', views.SeedWebsiteCreateView.as_view(), name='seed_create'),
+    path('admin-dashboard/seeds/<int:pk>/edit/', views.SeedWebsiteUpdateView.as_view(), name='seed_edit'),
+    path('admin-dashboard/seeds/<int:pk>/delete/', views.SeedWebsiteDeleteView.as_view(), name='seed_delete'),
+    
+    # Keyword Management
+    path('admin-dashboard/keywords/add/', views.OSINTKeywordCreateView.as_view(), name='keyword_create'),
+    path('admin-dashboard/keywords/<int:pk>/edit/', views.OSINTKeywordUpdateView.as_view(), name='keyword_edit'),
+    path('admin-dashboard/keywords/<int:pk>/delete/', views.OSINTKeywordDeleteView.as_view(), name='keyword_delete'),
+    
+    # Crawling Control
+    path('admin-dashboard/start-crawling/', views.StartCrawlingView.as_view(), name='start_crawling'),
+    
+    # Legacy/Moderator Views
+    path('tasks/', views.OSINTTaskListView.as_view(), name='task_list'),
+    path('tasks/<int:pk>/', views.OSINTTaskDetailView.as_view(), name='task_detail'),
+    path('results/<int:report_id>/', views.OSINTResultListView.as_view(), name='result_list'),
+    path('auto-reports/', views.AutoReportListView.as_view(), name='auto_report_list'),
+    path('auto-reports/<int:pk>/', views.AutoReportDetailView.as_view(), name='auto_report_detail'),
+    path('auto-reports/<int:pk>/approve/', views.ApproveAutoReportView.as_view(), name='approve_auto_report'),
+    path('auto-reports/<int:pk>/reject/', views.RejectAutoReportView.as_view(), name='reject_auto_report'),
+]
+
diff --git a/osint/views.py b/osint/views.py
new file mode 100644
index 0000000..cead158
--- /dev/null
+++ b/osint/views.py
@@ -0,0 +1,346 @@
+"""
+Views for osint app.
+"""
+from django.shortcuts import get_object_or_404, redirect
+from django.views.generic import ListView, DetailView, UpdateView, TemplateView, CreateView, DeleteView
+from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
+from django.contrib.messages.views import SuccessMessageMixin
+from django.contrib import messages
+from django.urls import reverse_lazy
+from django.utils import timezone
+from django.db import transaction
+from django.db.models import Count, Q
+from django.http import JsonResponse
+from django.core.management import call_command
+from django.core.management.base import CommandError
+import subprocess
+import threading
+from reports.models import ScamReport
+from .models import OSINTTask, OSINTResult, AutoGeneratedReport, SeedWebsite, OSINTKeyword, CrawledContent
+from .forms import SeedWebsiteForm, OSINTKeywordForm
+
+
+class ModeratorRequiredMixin(UserPassesTestMixin):
+    """Mixin to require moderator role."""
+    def test_func(self):
+        return self.request.user.is_authenticated and self.request.user.is_moderator()
+
+
+class OSINTTaskListView(LoginRequiredMixin, ModeratorRequiredMixin, ListView):
+    """List OSINT tasks."""
+    model = OSINTTask
+    template_name = 'osint/task_list.html'
+    context_object_name = 'tasks'
+    paginate_by = 50
+    
+    def get_queryset(self):
+        status = self.request.GET.get('status', '')
+        queryset = OSINTTask.objects.select_related('report')
+        if status:
+            queryset = queryset.filter(status=status)
+        return queryset.order_by('-created_at')
+
+
+class OSINTTaskDetailView(LoginRequiredMixin, ModeratorRequiredMixin, DetailView):
+    """View OSINT task details."""
+    model = OSINTTask
+    template_name = 'osint/task_detail.html'
+    context_object_name = 'task'
+
+
+class OSINTResultListView(LoginRequiredMixin, ModeratorRequiredMixin, ListView):
+    """List OSINT results for a report."""
+    model = OSINTResult
+    template_name = 'osint/result_list.html'
+    context_object_name = 'results'
+    
+    def get_queryset(self):
+        report = get_object_or_404(ScamReport, pk=self.kwargs['report_id'])
+        return OSINTResult.objects.filter(report=report).order_by('-collected_at')
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['report'] = get_object_or_404(ScamReport, pk=self.kwargs['report_id'])
+        return context
+
+
+class AutoReportListView(LoginRequiredMixin, ModeratorRequiredMixin, ListView):
+    """List auto-generated reports for review."""
+    model = AutoGeneratedReport
+    template_name = 'osint/auto_report_list.html'
+    context_object_name = 'auto_reports'
+    paginate_by = 20
+    
+    def get_queryset(self):
+        status = self.request.GET.get('status', 'pending')
+        queryset = AutoGeneratedReport.objects.select_related(
+            'crawled_content', 'reviewed_by', 'report'
+        ).prefetch_related('matched_keywords')
+        
+        if status:
+            queryset = queryset.filter(status=status)
+        
+        return queryset.order_by('-confidence_score', '-created_at')
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['pending_count'] = AutoGeneratedReport.objects.filter(status='pending').count()
+        context['approved_count'] = AutoGeneratedReport.objects.filter(status='approved').count()
+        context['published_count'] = AutoGeneratedReport.objects.filter(status='published').count()
+        context['rejected_count'] = AutoGeneratedReport.objects.filter(status='rejected').count()
+        return context
+
+
+class AutoReportDetailView(LoginRequiredMixin, ModeratorRequiredMixin, DetailView):
+    """View auto-generated report details."""
+    model = AutoGeneratedReport
+    template_name = 'osint/auto_report_detail.html'
+    context_object_name = 'auto_report'
+    
+    def get_queryset(self):
+        return AutoGeneratedReport.objects.select_related(
+            'crawled_content', 'crawled_content__seed_website',
+            'reviewed_by', 'report'
+        ).prefetch_related('matched_keywords')
+
+
+class ApproveAutoReportView(LoginRequiredMixin, ModeratorRequiredMixin, SuccessMessageMixin, UpdateView):
+    """Approve an auto-generated report."""
+    model = AutoGeneratedReport
+    fields = []
+    template_name = 'osint/approve_auto_report.html'
+    success_message = "Auto-generated report approved successfully!"
+    
+    def form_valid(self, form):
+        auto_report = form.instance
+        
+        with transaction.atomic():
+            # Update auto report
+            auto_report.status = 'approved'
+            auto_report.reviewed_by = self.request.user
+            auto_report.reviewed_at = timezone.now()
+            auto_report.save()
+            
+            # Create the actual scam report
+            from reports.models import ScamReport
+            
+            report = ScamReport.objects.create(
+                title=auto_report.title,
+                description=auto_report.description,
+                reported_url=auto_report.source_url,
+                scam_type='other',  # Default, can be updated
+                status='verified',
+                verification_score=auto_report.confidence_score,
+                is_public=True,
+                is_anonymous=True,  # System-generated
+                is_auto_discovered=True,  # Mark as auto-discovered
+            )
+            
+            auto_report.report = report
+            auto_report.status = 'published'
+            auto_report.published_at = timezone.now()
+            auto_report.save()
+        
+        return super().form_valid(form)
+    
+    def get_success_url(self):
+        return reverse_lazy('osint:auto_report_list')
+
+
+class RejectAutoReportView(LoginRequiredMixin, ModeratorRequiredMixin, SuccessMessageMixin, UpdateView):
+    """Reject an auto-generated report."""
+    model = AutoGeneratedReport
+    fields = []
+    template_name = 'osint/reject_auto_report.html'
+    success_message = "Auto-generated report rejected."
+    
+    def form_valid(self, form):
+        auto_report = form.instance
+        auto_report.status = 'rejected'
+        auto_report.reviewed_by = self.request.user
+        auto_report.reviewed_at = timezone.now()
+        auto_report.review_notes = self.request.POST.get('review_notes', '').strip()
+        auto_report.save()
+        return super().form_valid(form)
+    
+    def get_success_url(self):
+        return reverse_lazy('osint:auto_report_list')
+
+
+class AdminRequiredMixin(UserPassesTestMixin):
+    """Mixin to require admin role."""
+    def test_func(self):
+        return self.request.user.is_authenticated and self.request.user.is_administrator()
+
+
+class OSINTAdminDashboardView(LoginRequiredMixin, AdminRequiredMixin, TemplateView):
+    """Comprehensive OSINT admin dashboard."""
+    template_name = 'osint/admin_dashboard.html'
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        now = timezone.now()
+        
+        # Seed Website Statistics
+        context['total_seeds'] = SeedWebsite.objects.count()
+        context['active_seeds'] = SeedWebsite.objects.filter(is_active=True).count()
+        context['seed_websites'] = SeedWebsite.objects.all().order_by('-priority', '-last_crawled_at')[:10]
+        
+        # Keyword Statistics
+        context['total_keywords'] = OSINTKeyword.objects.count()
+        context['active_keywords'] = OSINTKeyword.objects.filter(is_active=True).count()
+        context['keywords'] = OSINTKeyword.objects.all().order_by('-is_active', 'name')[:10]
+        
+        # Crawling Statistics
+        context['total_crawled'] = CrawledContent.objects.count()
+        context['potential_scams'] = CrawledContent.objects.filter(has_potential_scam=True).count()
+        context['recent_crawled'] = CrawledContent.objects.order_by('-crawled_at')[:5]
+        
+        # Auto-Report Statistics
+        context['pending_reports'] = AutoGeneratedReport.objects.filter(status='pending').count()
+        context['approved_reports'] = AutoGeneratedReport.objects.filter(status='approved').count()
+        context['published_reports'] = AutoGeneratedReport.objects.filter(status='published').count()
+        context['rejected_reports'] = AutoGeneratedReport.objects.filter(status='rejected').count()
+        context['recent_auto_reports'] = AutoGeneratedReport.objects.order_by('-created_at')[:5]
+        
+        # Overall Statistics
+        context['total_pages_crawled'] = SeedWebsite.objects.aggregate(
+            total=Count('pages_crawled')
+        )['total'] or 0
+        context['total_matches'] = SeedWebsite.objects.aggregate(
+            total=Count('matches_found')
+        )['total'] or 0
+        
+        # Seed websites due for crawling
+        due_seeds = []
+        for seed in SeedWebsite.objects.filter(is_active=True):
+            if not seed.last_crawled_at:
+                due_seeds.append(seed)
+            else:
+                hours_since = (now - seed.last_crawled_at).total_seconds() / 3600
+                if hours_since >= seed.crawl_interval_hours:
+                    due_seeds.append(seed)
+        context['due_for_crawling'] = due_seeds[:5]
+        
+        return context
+
+
+class SeedWebsiteCreateView(LoginRequiredMixin, AdminRequiredMixin, SuccessMessageMixin, CreateView):
+    """Create a new seed website."""
+    model = SeedWebsite
+    form_class = SeedWebsiteForm
+    template_name = 'osint/seed_website_form.html'
+    success_message = "Seed website created successfully!"
+    
+    def form_valid(self, form):
+        form.instance.created_by = self.request.user
+        return super().form_valid(form)
+    
+    def get_success_url(self):
+        return reverse_lazy('osint:admin_dashboard')
+
+
+class SeedWebsiteUpdateView(LoginRequiredMixin, AdminRequiredMixin, SuccessMessageMixin, UpdateView):
+    """Update a seed website."""
+    model = SeedWebsite
+    form_class = SeedWebsiteForm
+    template_name = 'osint/seed_website_form.html'
+    success_message = "Seed website updated successfully!"
+    
+    def get_success_url(self):
+        return reverse_lazy('osint:admin_dashboard')
+
+
+class SeedWebsiteDeleteView(LoginRequiredMixin, AdminRequiredMixin, SuccessMessageMixin, DeleteView):
+    """Delete a seed website."""
+    model = SeedWebsite
+    template_name = 'osint/seed_website_confirm_delete.html'
+    success_message = "Seed website deleted successfully!"
+    
+    def get_success_url(self):
+        return reverse_lazy('osint:admin_dashboard')
+
+
+class OSINTKeywordCreateView(LoginRequiredMixin, AdminRequiredMixin, SuccessMessageMixin, CreateView):
+    """Create a new OSINT keyword."""
+    model = OSINTKeyword
+    form_class = OSINTKeywordForm
+    template_name = 'osint/keyword_form.html'
+    success_message = "Keyword created successfully!"
+    
+    def form_valid(self, form):
+        form.instance.created_by = self.request.user
+        return super().form_valid(form)
+    
+    def get_success_url(self):
+        return reverse_lazy('osint:admin_dashboard')
+
+
+class OSINTKeywordUpdateView(LoginRequiredMixin, AdminRequiredMixin, SuccessMessageMixin, UpdateView):
+    """Update an OSINT keyword."""
+    model = OSINTKeyword
+    form_class = OSINTKeywordForm
+    template_name = 'osint/keyword_form.html'
+    success_message = "Keyword updated successfully!"
+    
+    def get_success_url(self):
+        return reverse_lazy('osint:admin_dashboard')
+
+
+class OSINTKeywordDeleteView(LoginRequiredMixin, AdminRequiredMixin, SuccessMessageMixin, DeleteView):
+    """Delete an OSINT keyword."""
+    model = OSINTKeyword
+    template_name = 'osint/keyword_confirm_delete.html'
+    success_message = "Keyword deleted successfully!"
+    
+    def get_success_url(self):
+        return reverse_lazy('osint:admin_dashboard')
+
+
+class StartCrawlingView(LoginRequiredMixin, AdminRequiredMixin, TemplateView):
+    """Start OSINT crawling."""
+    template_name = 'osint/start_crawling.html'
+    
+    def post(self, request, *args, **kwargs):
+        seed_id = request.POST.get('seed_id')
+        max_pages = request.POST.get('max_pages', 50)
+        delay = request.POST.get('delay', 1.0)
+        
+        def run_crawl():
+            import sys
+            import os
+            import django
+            from django.db import connections
+            
+            # Ensure Django is set up for this thread
+            django.setup()
+            
+            try:
+                if seed_id:
+                    call_command('crawl_osint', '--seed-id', str(seed_id), 
+                               '--max-pages', str(max_pages), '--delay', str(delay), verbosity=1)
+                else:
+                    call_command('crawl_osint', '--all', 
+                               '--max-pages', str(max_pages), '--delay', str(delay), verbosity=1)
+            except Exception as e:
+                # Log error to a file or database for debugging
+                import traceback
+                error_msg = f"Crawling error: {str(e)}\n{traceback.format_exc()}"
+                print(error_msg, file=sys.stderr)
+                # You could also log to a file or database here
+            finally:
+                # Close database connections
+                connections.close_all()
+        
+        # Run in background thread
+        thread = threading.Thread(target=run_crawl)
+        thread.daemon = True
+        thread.start()
+        
+        messages.success(request, f'Crawling started in background. Check results in a few minutes. (Max pages: {max_pages}, Delay: {delay}s)')
+        return redirect('osint:admin_dashboard')
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['seed_websites'] = SeedWebsite.objects.filter(is_active=True)
+        return context
diff --git a/reports/__init__.py b/reports/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/reports/admin.py b/reports/admin.py
new file mode 100644
index 0000000..b7a3a1c
--- /dev/null
+++ b/reports/admin.py
@@ -0,0 +1,247 @@
+"""
+Admin configuration for reports app.
+"""
+from django.contrib import admin
+from django.utils.html import format_html
+from django import forms
+from .models import ScamTag, ScamReport, ScamVerification, SiteSettings, TakedownRequest
+
+
+@admin.register(ScamTag)
+class ScamTagAdmin(admin.ModelAdmin):
+    """Scam tag admin."""
+    list_display = ('name', 'slug', 'color')
+    prepopulated_fields = {'slug': ('name',)}
+    search_fields = ('name',)
+
+
+@admin.register(ScamReport)
+class ScamReportAdmin(admin.ModelAdmin):
+    """Scam report admin."""
+    list_display = ('title', 'reporter', 'scam_type', 'status', 'verification_score', 'created_at')
+    list_filter = ('status', 'scam_type', 'is_public', 'created_at')
+    search_fields = ('title', 'description', 'reported_url', 'reported_email', 'reported_phone')
+    readonly_fields = ('created_at', 'updated_at', 'verified_at', 'reporter_ip')
+    filter_horizontal = ('tags',)
+    date_hierarchy = 'created_at'
+    
+    fieldsets = (
+        ('Report Information', {
+            'fields': ('title', 'description', 'scam_type', 'tags')
+        }),
+        ('Reported Entities', {
+            'fields': ('reported_url', 'reported_email', 'reported_phone', 'reported_company')
+        }),
+        ('Reporter', {
+            'fields': ('reporter', 'is_anonymous', 'reporter_ip')
+        }),
+        ('Status', {
+            'fields': ('status', 'verification_score', 'is_public', 'verified_at')
+        }),
+        ('Evidence', {
+            'fields': ('evidence_files',)
+        }),
+        ('Timestamps', {
+            'fields': ('created_at', 'updated_at')
+        }),
+    )
+
+
+@admin.register(ScamVerification)
+class ScamVerificationAdmin(admin.ModelAdmin):
+    """Scam verification admin."""
+    list_display = ('report', 'verification_method', 'confidence_score', 'verified_by', 'created_at')
+    list_filter = ('verification_method', 'created_at')
+    search_fields = ('report__title', 'notes')
+    readonly_fields = ('created_at',)
+
+
+@admin.register(SiteSettings)
+class SiteSettingsAdmin(admin.ModelAdmin):
+    """Site settings admin - singleton pattern."""
+    
+    def has_add_permission(self, request):
+        # Only allow one instance
+        return not SiteSettings.objects.exists()
+    
+    def has_delete_permission(self, request, obj=None):
+        # Prevent deletion
+        return False
+    
+    fieldsets = (
+        ('Контактна Информация', {
+            'fields': ('contact_email', 'contact_phone', 'contact_address'),
+            'description': 'Тези настройки се използват навсякъде в сайта - в подножието, страницата за контакти, структурираните данни и др.'
+        }),
+        ('Настройки на Имейл Сървър', {
+            'fields': (
+                'email_backend',
+                'email_host',
+                'email_port',
+                'email_use_tls',
+                'email_use_ssl',
+                'email_host_user',
+                'email_host_password',
+                'default_from_email',
+                'email_timeout',
+            ),
+            'description': 'Настройки за SMTP сървър. Използват се за всички имейли в платформата - контактни форми, нулиране на пароли, уведомления и др. Паролата се криптира автоматично.'
+        }),
+        ('Информация', {
+            'fields': ('updated_at',),
+            'classes': ('collapse',)
+        }),
+    )
+    
+    readonly_fields = ('updated_at',)
+    
+    def get_form(self, request, obj=None, **kwargs):
+        """Customize form to handle password field."""
+        form = super().get_form(request, obj, **kwargs)
+        
+        # Make password field a password input
+        form.base_fields['email_host_password'].widget = forms.PasswordInput(attrs={
+            'class': 'vTextField',
+            'autocomplete': 'new-password'
+        })
+        
+        # Add help text
+        form.base_fields['email_host_password'].help_text = 'Въведете нова парола или оставете празно, за да запазите текущата.'
+        
+        return form
+    
+    def save_model(self, request, obj, form, change):
+        """Handle password encryption and clear cache."""
+        # If password field is empty and we're editing, keep the old password
+        if change and not form.cleaned_data.get('email_host_password'):
+            old_obj = self.model.objects.get(pk=obj.pk)
+            obj.email_host_password = old_obj.email_host_password
+        
+        # Validate TLS/SSL are mutually exclusive
+        if obj.email_use_tls and obj.email_use_ssl:
+            from django.contrib import messages
+            messages.warning(request, 'TLS и SSL не могат да бъдат активирани едновременно. SSL е деактивиран, използва се TLS.')
+            obj.email_use_ssl = False
+        
+        # Save will encrypt the password if it's provided
+        super().save_model(request, obj, form, change)
+        # Clear email backend cache to reload settings
+        from django.core.cache import cache
+        cache.delete('site_settings')
+    
+    def changelist_view(self, request, extra_context=None):
+        # Redirect to the single instance if it exists
+        from django.shortcuts import redirect
+        from django.urls import reverse
+        
+        if SiteSettings.objects.exists():
+            obj = SiteSettings.objects.get(pk=1)
+            url = reverse('admin:reports_sitesettings_change', args=[str(obj.pk)])
+            return redirect(url)
+        return super().changelist_view(request, extra_context)
+    
+    def response_change(self, request, obj):
+        """Handle test email button."""
+        if "_test_email" in request.POST:
+            try:
+                from django.core.mail import send_mail
+                from django.contrib import messages
+                
+                test_email = request.POST.get('test_email_address', request.user.email)
+                if not test_email:
+                    messages.error(request, 'Моля, въведете имейл адрес за тест.')
+                    return super().response_change(request, obj)
+                
+                # Check if SMTP is configured
+                if obj.email_backend == 'django.core.mail.backends.smtp.EmailBackend' and not obj.email_host:
+                    messages.warning(request, 'SMTP сървърът не е конфигуриран. Моля, въведете Email Host преди изпращане на тестов имейл.')
+                    return super().response_change(request, obj)
+                
+                # Get the connection to check backend type
+                from django.core.mail import get_connection, EmailMessage
+                connection = get_connection()
+                backend_name = connection.__class__.__name__
+                import logging
+                logger = logging.getLogger(__name__)
+                logger.info(f"Using email backend: {backend_name}")
+                
+                # Check underlying backend
+                if hasattr(connection, '_backend') and connection._backend:
+                    underlying_backend = connection._backend.__class__.__name__
+                    logger.info(f"Underlying backend: {underlying_backend}")
+                
+                # Send email using EmailMessage for better error handling
+                email = EmailMessage(
+                    subject='Тестов Имейл от Портал за Докладване на Измами',
+                    body='Това е тестов имейл за проверка на настройките на имейл сървъра. Ако получавате този имейл, настройките са правилни.',
+                    from_email=obj.default_from_email,
+                    to=[test_email],
+                    connection=connection,
+                )
+                
+                result = email.send(fail_silently=False)
+                
+                logger.info(f"Email send result: {result} (1 = success, 0 = failed)")
+                
+                # Check which backend was actually used
+                if 'Console' in backend_name or 'console' in str(connection.__class__.__module__):
+                    messages.warning(request, f'Имейлът е изпратен чрез конзолен backend (за разработка). За реално изпращане, конфигурирайте SMTP настройките. Backend: {backend_name}')
+                else:
+                    messages.success(request, f'Тестов имейл изпратен успешно до {test_email}! Използван backend: {backend_name}')
+            except Exception as e:
+                import logging
+                logger = logging.getLogger(__name__)
+                logger.exception("Error sending test email")
+                error_msg = str(e)
+                if 'authentication failed' in error_msg.lower():
+                    messages.error(request, f'Грешка при удостоверяване: Проверете потребителското име и паролата.')
+                elif 'connection' in error_msg.lower() or 'timeout' in error_msg.lower():
+                    messages.error(request, f'Грешка при свързване: Проверете SMTP сървъра и порта.')
+                else:
+                    messages.error(request, f'Грешка при изпращане на тестов имейл: {error_msg}')
+        
+        return super().response_change(request, obj)
+    
+    def changeform_view(self, request, object_id=None, form_url='', extra_context=None):
+        extra_context = extra_context or {}
+        if object_id:
+            obj = self.get_object(request, object_id)
+            if obj:
+                extra_context['show_test_email'] = True
+        return super().changeform_view(request, object_id, form_url, extra_context)
+
+
+@admin.register(TakedownRequest)
+class TakedownRequestAdmin(admin.ModelAdmin):
+    """Takedown request admin."""
+    list_display = ('report', 'requester_name', 'requester_email', 'status', 'created_at', 'reviewed_by')
+    list_filter = ('status', 'created_at', 'reviewed_at')
+    search_fields = ('requester_name', 'requester_email', 'report__title', 'reason')
+    readonly_fields = ('created_at', 'updated_at', 'ip_address', 'user_agent')
+    date_hierarchy = 'created_at'
+    
+    fieldsets = (
+        ('Информация за Доклада', {
+            'fields': ('report',)
+        }),
+        ('Информация за Заявителя', {
+            'fields': ('requester_name', 'requester_email', 'requester_phone')
+        }),
+        ('Детайли на Заявката', {
+            'fields': ('reason', 'evidence')
+        }),
+        ('Статус и Преглед', {
+            'fields': ('status', 'reviewed_by', 'review_notes', 'reviewed_at')
+        }),
+        ('Техническа Информация', {
+            'fields': ('ip_address', 'user_agent', 'created_at', 'updated_at'),
+            'classes': ('collapse',)
+        }),
+    )
+    
+    def save_model(self, request, obj, form, change):
+        if change and 'status' in form.changed_data and obj.status in ['approved', 'rejected']:
+            from django.utils import timezone
+            obj.reviewed_by = request.user
+            obj.reviewed_at = timezone.now()
+        super().save_model(request, obj, form, change)
diff --git a/reports/apps.py b/reports/apps.py
new file mode 100644
index 0000000..8aa073c
--- /dev/null
+++ b/reports/apps.py
@@ -0,0 +1,15 @@
+"""
+App configuration for reports app.
+"""
+from django.apps import AppConfig
+
+
+class ReportsConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'reports'
+    
+    def ready(self):
+        """Set up signals and configure email settings."""
+        # Note: Email settings are loaded dynamically via the email backend
+        # No need to access database here to avoid warnings
+        pass
diff --git a/reports/email_backend.py b/reports/email_backend.py
new file mode 100644
index 0000000..d9440c4
--- /dev/null
+++ b/reports/email_backend.py
@@ -0,0 +1,123 @@
+"""
+Custom email backend that uses SiteSettings for configuration.
+"""
+from django.core.mail.backends.smtp import EmailBackend as SMTPEmailBackend
+from django.core.mail.backends.console import EmailBackend as ConsoleEmailBackend
+from django.core.mail.backends.base import BaseEmailBackend
+from django.conf import settings
+from .models import SiteSettings
+
+
+class SiteSettingsEmailBackend(BaseEmailBackend):
+    """
+    Email backend that dynamically loads settings from SiteSettings model.
+    Falls back to Django settings if SiteSettings are not configured.
+    """
+    
+    def __init__(self, fail_silently=False, **kwargs):
+        super().__init__(fail_silently=fail_silently)
+        self._backend = None
+        self._backend_instance = None
+        self._load_backend()
+    
+    def _load_backend(self):
+        """Load the appropriate email backend based on SiteSettings."""
+        import logging
+        logger = logging.getLogger(__name__)
+        
+        try:
+            site_settings = SiteSettings.get_settings()
+            backend_class = site_settings.email_backend
+            logger.info(f"Loading email backend: {backend_class}")
+            
+            # If using SMTP, configure it with SiteSettings
+            if backend_class == 'django.core.mail.backends.smtp.EmailBackend':
+                # Get decrypted password
+                email_password = site_settings.get_email_password() if hasattr(site_settings, 'get_email_password') else site_settings.email_host_password
+                
+                # Check if SMTP is properly configured
+                email_host = site_settings.email_host or getattr(settings, 'EMAIL_HOST', '')
+                
+                # If no host is configured, fall back to console backend
+                if not email_host:
+                    logger.warning("Email host not configured, using console backend")
+                    self._backend = ConsoleEmailBackend(fail_silently=self.fail_silently)
+                else:
+                    # Ensure TLS and SSL are mutually exclusive
+                    use_tls = site_settings.email_use_tls
+                    use_ssl = site_settings.email_use_ssl
+                    
+                    # If both are True, prioritize TLS (common case)
+                    if use_tls and use_ssl:
+                        use_ssl = False
+                        logger.warning("Both TLS and SSL were enabled. Disabling SSL and using TLS only.")
+                    
+                    logger.info(f"Configuring SMTP: host={email_host}, port={site_settings.email_port}, user={site_settings.email_host_user}, tls={use_tls}, ssl={use_ssl}")
+                    
+                    self._backend = SMTPEmailBackend(
+                        host=email_host,
+                        port=site_settings.email_port or getattr(settings, 'EMAIL_PORT', 587),
+                        username=site_settings.email_host_user or getattr(settings, 'EMAIL_HOST_USER', ''),
+                        password=email_password or getattr(settings, 'EMAIL_HOST_PASSWORD', ''),
+                        use_tls=use_tls,
+                        use_ssl=use_ssl,
+                        timeout=site_settings.email_timeout or getattr(settings, 'EMAIL_TIMEOUT', 10),
+                        fail_silently=self.fail_silently,
+                    )
+                    logger.info("SMTP backend configured successfully")
+            elif backend_class == 'django.core.mail.backends.console.EmailBackend':
+                logger.info("Using console email backend")
+                self._backend = ConsoleEmailBackend(fail_silently=self.fail_silently)
+            else:
+                # For other backends, try to import and instantiate
+                from django.utils.module_loading import import_string
+                backend_class_obj = import_string(backend_class)
+                self._backend = backend_class_obj(fail_silently=self.fail_silently)
+                logger.info(f"Loaded custom backend: {backend_class}")
+        except Exception as e:
+            # Fallback to console backend if there's an error
+            logger.exception(f"Error loading email backend from SiteSettings: {e}. Using console backend.")
+            self._backend = ConsoleEmailBackend(fail_silently=self.fail_silently)
+    
+    def open(self):
+        """Open a network connection."""
+        if self._backend:
+            return self._backend.open()
+        return False
+    
+    def close(self):
+        """Close the network connection."""
+        if self._backend:
+            return self._backend.close()
+    
+    def send_messages(self, email_messages):
+        """Send one or more EmailMessage objects and return the number sent."""
+        import logging
+        logger = logging.getLogger(__name__)
+        
+        # Reload backend before sending to get latest settings
+        # This ensures settings changes take effect immediately
+        self._load_backend()
+        if self._backend:
+            try:
+                # Log email details for debugging
+                for msg in email_messages:
+                    logger.info(f"Sending email: To={msg.to}, Subject={msg.subject}, From={msg.from_email}")
+                
+                result = self._backend.send_messages(email_messages)
+                logger.info(f"Successfully sent {result} email message(s)")
+                return result
+            except Exception as e:
+                error_msg = str(e)
+                logger.exception(f"Error sending email messages: {error_msg}")
+                
+                # Log more details about the error
+                if hasattr(self._backend, 'host'):
+                    logger.error(f"SMTP Host: {self._backend.host}, Port: {getattr(self._backend, 'port', 'N/A')}")
+                
+                if not self.fail_silently:
+                    raise
+                return 0
+        logger.warning("No email backend available, cannot send messages")
+        return 0
+
diff --git a/reports/forms.py b/reports/forms.py
new file mode 100644
index 0000000..74e6410
--- /dev/null
+++ b/reports/forms.py
@@ -0,0 +1,124 @@
+"""
+Forms for reports app.
+"""
+from django import forms
+from accounts.form_mixins import BotProtectionMixin, BrowserFingerprintMixin, RateLimitMixin
+from .models import ScamReport, TakedownRequest
+
+
+class ScamReportForm(RateLimitMixin, forms.ModelForm):
+    """Form for creating/editing scam reports."""
+    class Meta:
+        model = ScamReport
+        fields = [
+            'title', 'description', 'scam_type',
+            'reported_url', 'reported_email', 'reported_phone', 'reported_company',
+            'tags', 'is_anonymous'
+        ]
+        widgets = {
+            'title': forms.TextInput(attrs={'class': 'form-control'}),
+            'description': forms.Textarea(attrs={'class': 'form-control', 'rows': 8}),
+            'scam_type': forms.Select(attrs={'class': 'form-control'}),
+            'reported_url': forms.URLInput(attrs={'class': 'form-control'}),
+            'reported_email': forms.EmailInput(attrs={'class': 'form-control'}),
+            'reported_phone': forms.TextInput(attrs={'class': 'form-control'}),
+            'reported_company': forms.TextInput(attrs={'class': 'form-control'}),
+            'tags': forms.SelectMultiple(attrs={'class': 'form-control'}),
+            'is_anonymous': forms.CheckboxInput(attrs={'class': 'form-check-input'}),
+        }
+
+
+class ContactForm(BotProtectionMixin, BrowserFingerprintMixin, forms.Form):
+    """Contact form for users to reach out."""
+    name = forms.CharField(
+        max_length=200,
+        required=True,
+        widget=forms.TextInput(attrs={
+            'class': 'form-control',
+            'placeholder': 'Вашето име'
+        }),
+        label='Име *'
+    )
+    email = forms.EmailField(
+        required=True,
+        widget=forms.EmailInput(attrs={
+            'class': 'form-control',
+            'placeholder': 'your.email@example.com'
+        }),
+        label='Имейл *'
+    )
+    subject = forms.CharField(
+        max_length=200,
+        required=True,
+        widget=forms.TextInput(attrs={
+            'class': 'form-control',
+            'placeholder': 'Тема на съобщението'
+        }),
+        label='Тема *'
+    )
+    message = forms.CharField(
+        required=True,
+        widget=forms.Textarea(attrs={
+            'class': 'form-control',
+            'rows': 8,
+            'placeholder': 'Вашето съобщение...'
+        }),
+        label='Съобщение *'
+    )
+    inquiry_type = forms.ChoiceField(
+        choices=[
+            ('general', 'Общ въпрос'),
+            ('report_issue', 'Проблем с доклад'),
+            ('technical', 'Техническа поддръжка'),
+            ('feedback', 'Обратна връзка'),
+            ('other', 'Друго'),
+        ],
+        required=True,
+        widget=forms.Select(attrs={
+            'class': 'form-control'
+        }),
+        label='Тип заявка *'
+    )
+
+
+class TakedownRequestForm(BotProtectionMixin, BrowserFingerprintMixin, forms.ModelForm):
+    """Form for requesting takedown of a scam report."""
+    
+    class Meta:
+        model = TakedownRequest
+        fields = ['requester_name', 'requester_email', 'requester_phone', 'reason', 'evidence']
+        widgets = {
+            'requester_name': forms.TextInput(attrs={
+                'class': 'form-control',
+                'placeholder': 'Вашето име'
+            }),
+            'requester_email': forms.EmailInput(attrs={
+                'class': 'form-control',
+                'placeholder': 'your.email@example.com'
+            }),
+            'requester_phone': forms.TextInput(attrs={
+                'class': 'form-control',
+                'placeholder': '+359 XXX XXX XXX (незадължително)'
+            }),
+            'reason': forms.Textarea(attrs={
+                'class': 'form-control',
+                'rows': 6,
+                'placeholder': 'Обяснете защо смятате, че докладът трябва да бъде премахнат...'
+            }),
+            'evidence': forms.Textarea(attrs={
+                'class': 'form-control',
+                'rows': 6,
+                'placeholder': 'Предоставете доказателства или допълнителна информация (незадължително)...'
+            }),
+        }
+        labels = {
+            'requester_name': 'Име *',
+            'requester_email': 'Имейл *',
+            'requester_phone': 'Телефон',
+            'reason': 'Причина за заявката *',
+            'evidence': 'Доказателства / Допълнителна информация',
+        }
+        help_texts = {
+            'reason': 'Моля, обяснете подробно защо смятате, че информацията в доклада е невярна или несправедлива.',
+            'evidence': 'Ако имате документи, снимки или друга информация, която подкрепя вашата заявка, моля опишете я тук.',
+        }
diff --git a/reports/migrations/0001_initial.py b/reports/migrations/0001_initial.py
new file mode 100644
index 0000000..af34d5b
--- /dev/null
+++ b/reports/migrations/0001_initial.py
@@ -0,0 +1,103 @@
+# Generated by Django 5.2.8 on 2025-11-26 13:41
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='ScamTag',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=100, unique=True)),
+                ('slug', models.SlugField(blank=True, max_length=100, unique=True)),
+                ('description', models.TextField(blank=True)),
+                ('color', models.CharField(default='#007bff', help_text='Hex color code for display', max_length=7)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+            ],
+            options={
+                'verbose_name': 'Scam Tag',
+                'verbose_name_plural': 'Scam Tags',
+                'db_table': 'reports_scamtag',
+                'ordering': ['name'],
+            },
+        ),
+        migrations.CreateModel(
+            name='ScamReport',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('is_anonymous', models.BooleanField(default=False, help_text='Report submitted anonymously')),
+                ('title', models.CharField(max_length=200)),
+                ('description', models.TextField()),
+                ('scam_type', models.CharField(choices=[('phishing', 'Phishing'), ('fake_website', 'Fake Website'), ('romance_scam', 'Romance Scam'), ('investment_scam', 'Investment Scam'), ('tech_support_scam', 'Tech Support Scam'), ('identity_theft', 'Identity Theft'), ('fake_product', 'Fake Product'), ('advance_fee', 'Advance Fee Fraud'), ('other', 'Other')], default='other', max_length=50)),
+                ('reported_url', models.URLField(blank=True, max_length=500, null=True)),
+                ('reported_email', models.EmailField(blank=True, max_length=254, null=True)),
+                ('reported_phone', models.CharField(blank=True, max_length=20, null=True)),
+                ('reported_company', models.CharField(blank=True, max_length=200, null=True)),
+                ('evidence_files', models.JSONField(blank=True, default=list, help_text='List of file paths for evidence')),
+                ('status', models.CharField(choices=[('pending', 'Pending Review'), ('under_review', 'Under Review'), ('verified', 'Verified'), ('rejected', 'Rejected'), ('archived', 'Archived')], default='pending', max_length=20)),
+                ('verification_score', models.IntegerField(default=0, help_text='OSINT verification confidence score (0-100)')),
+                ('is_public', models.BooleanField(default=True, help_text='Visible in public database')),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('verified_at', models.DateTimeField(blank=True, null=True)),
+                ('reporter_ip', models.GenericIPAddressField(blank=True, null=True)),
+                ('reporter', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='reports', to=settings.AUTH_USER_MODEL)),
+                ('tags', models.ManyToManyField(blank=True, related_name='reports', to='reports.scamtag')),
+            ],
+            options={
+                'verbose_name': 'Scam Report',
+                'verbose_name_plural': 'Scam Reports',
+                'db_table': 'reports_scamreport',
+                'ordering': ['-created_at'],
+            },
+        ),
+        migrations.CreateModel(
+            name='ScamVerification',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('verification_method', models.CharField(choices=[('whois', 'WHOIS Lookup'), ('dns', 'DNS Records'), ('ssl', 'SSL Certificate'), ('archive', 'Wayback Machine'), ('email_check', 'Email Validation'), ('phone_check', 'Phone Validation'), ('business_registry', 'Business Registry'), ('social_media', 'Social Media'), ('manual', 'Manual Review')], max_length=50)),
+                ('verification_data', models.JSONField(default=dict, help_text='Raw verification data')),
+                ('confidence_score', models.IntegerField(default=0, help_text='Confidence score for this verification (0-100)')),
+                ('notes', models.TextField(blank=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('report', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='verifications', to='reports.scamreport')),
+                ('verified_by', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='verifications', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'Scam Verification',
+                'verbose_name_plural': 'Scam Verifications',
+                'db_table': 'reports_scamverification',
+                'ordering': ['-created_at'],
+            },
+        ),
+        migrations.AddIndex(
+            model_name='scamreport',
+            index=models.Index(fields=['status', 'created_at'], name='reports_sca_status_91c8ad_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='scamreport',
+            index=models.Index(fields=['scam_type', 'status'], name='reports_sca_scam_ty_fd12f9_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='scamreport',
+            index=models.Index(fields=['reported_url'], name='reports_sca_reporte_ebc596_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='scamreport',
+            index=models.Index(fields=['reported_email'], name='reports_sca_reporte_c31241_idx'),
+        ),
+        migrations.AddIndex(
+            model_name='scamreport',
+            index=models.Index(fields=['reported_phone'], name='reports_sca_reporte_33869d_idx'),
+        ),
+    ]
diff --git a/reports/migrations/0002_scamreport_is_auto_discovered.py b/reports/migrations/0002_scamreport_is_auto_discovered.py
new file mode 100644
index 0000000..621448d
--- /dev/null
+++ b/reports/migrations/0002_scamreport_is_auto_discovered.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.2.8 on 2025-11-26 18:03
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('reports', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='scamreport',
+            name='is_auto_discovered',
+            field=models.BooleanField(default=False, help_text='Automatically discovered by OSINT system'),
+        ),
+    ]
diff --git a/reports/migrations/0003_sitesettings.py b/reports/migrations/0003_sitesettings.py
new file mode 100644
index 0000000..267826f
--- /dev/null
+++ b/reports/migrations/0003_sitesettings.py
@@ -0,0 +1,29 @@
+# Generated manually
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('reports', '0002_scamreport_is_auto_discovered'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='SiteSettings',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('contact_email', models.EmailField(default='support@fraudplatform.bg', help_text='Основен имейл за контакти и поддръжка', max_length=254)),
+                ('contact_phone', models.CharField(default='+359 2 XXX XXXX', help_text='Телефонен номер за контакти', max_length=50)),
+                ('contact_address', models.CharField(blank=True, default='София, България', help_text='Адрес за контакти', max_length=200)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+            ],
+            options={
+                'verbose_name': 'Настройки на Сайта',
+                'verbose_name_plural': 'Настройки на Сайта',
+                'db_table': 'reports_sitesettings',
+            },
+        ),
+    ]
+
diff --git a/reports/migrations/0004_alter_sitesettings_contact_address_and_more.py b/reports/migrations/0004_alter_sitesettings_contact_address_and_more.py
new file mode 100644
index 0000000..d7be58c
--- /dev/null
+++ b/reports/migrations/0004_alter_sitesettings_contact_address_and_more.py
@@ -0,0 +1,23 @@
+# Generated by Django 5.2.8 on 2025-11-26 19:43
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('reports', '0003_sitesettings'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='sitesettings',
+            name='contact_address',
+            field=models.CharField(blank=True, default='', help_text='Адрес за контакти (незадължително)', max_length=200),
+        ),
+        migrations.AlterField(
+            model_name='sitesettings',
+            name='contact_phone',
+            field=models.CharField(blank=True, default='', help_text='Телефонен номер за контакти (незадължително)', max_length=50),
+        ),
+    ]
diff --git a/reports/migrations/0005_takedownrequest.py b/reports/migrations/0005_takedownrequest.py
new file mode 100644
index 0000000..d660d1b
--- /dev/null
+++ b/reports/migrations/0005_takedownrequest.py
@@ -0,0 +1,43 @@
+# Generated by Django 5.2.8 on 2025-11-26 19:46
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('reports', '0004_alter_sitesettings_contact_address_and_more'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='TakedownRequest',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('requester_name', models.CharField(help_text='Име на заявителя', max_length=200)),
+                ('requester_email', models.EmailField(help_text='Имейл на заявителя', max_length=254)),
+                ('requester_phone', models.CharField(blank=True, help_text='Телефон на заявителя (незадължително)', max_length=50)),
+                ('reason', models.TextField(help_text='Причина за заявката за премахване')),
+                ('evidence', models.TextField(blank=True, help_text='Доказателства или допълнителна информация')),
+                ('status', models.CharField(choices=[('pending', 'Pending Review'), ('under_review', 'Under Review'), ('approved', 'Approved'), ('rejected', 'Rejected')], default='pending', max_length=20)),
+                ('review_notes', models.TextField(blank=True, help_text='Бележки от модератора')),
+                ('ip_address', models.GenericIPAddressField(blank=True, null=True)),
+                ('user_agent', models.TextField(blank=True)),
+                ('created_at', models.DateTimeField(auto_now_add=True)),
+                ('updated_at', models.DateTimeField(auto_now=True)),
+                ('reviewed_at', models.DateTimeField(blank=True, null=True)),
+                ('report', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='takedown_requests', to='reports.scamreport')),
+                ('reviewed_by', models.ForeignKey(blank=True, limit_choices_to={'role__in': ['moderator', 'admin']}, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='reviewed_takedown_requests', to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'verbose_name': 'Заявка за Премахване',
+                'verbose_name_plural': 'Заявки за Премахване',
+                'db_table': 'reports_takedownrequest',
+                'ordering': ['-created_at'],
+                'indexes': [models.Index(fields=['report', 'status'], name='reports_tak_report__a40ed0_idx'), models.Index(fields=['status', 'created_at'], name='reports_tak_status_049c16_idx')],
+            },
+        ),
+    ]
diff --git a/reports/migrations/0006_sitesettings_default_from_email_and_more.py b/reports/migrations/0006_sitesettings_default_from_email_and_more.py
new file mode 100644
index 0000000..cc73ccc
--- /dev/null
+++ b/reports/migrations/0006_sitesettings_default_from_email_and_more.py
@@ -0,0 +1,58 @@
+# Generated by Django 5.2.8 on 2025-11-26 19:51
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('reports', '0005_takedownrequest'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='sitesettings',
+            name='default_from_email',
+            field=models.EmailField(default='noreply@fraudplatform.bg', help_text='Имейл адрес по подразбиране за изпращане', max_length=254),
+        ),
+        migrations.AddField(
+            model_name='sitesettings',
+            name='email_backend',
+            field=models.CharField(choices=[('django.core.mail.backends.smtp.EmailBackend', 'SMTP'), ('django.core.mail.backends.console.EmailBackend', 'Console (Development)'), ('django.core.mail.backends.filebased.EmailBackend', 'File Based')], default='django.core.mail.backends.smtp.EmailBackend', help_text='Тип на имейл сървъра', max_length=100),
+        ),
+        migrations.AddField(
+            model_name='sitesettings',
+            name='email_host',
+            field=models.CharField(blank=True, default='', help_text='SMTP сървър (напр. smtp.gmail.com)', max_length=255),
+        ),
+        migrations.AddField(
+            model_name='sitesettings',
+            name='email_host_password',
+            field=models.CharField(blank=True, default='', help_text='SMTP парола (ще бъде криптирана)', max_length=255),
+        ),
+        migrations.AddField(
+            model_name='sitesettings',
+            name='email_host_user',
+            field=models.CharField(blank=True, default='', help_text='SMTP потребителско име / имейл', max_length=255),
+        ),
+        migrations.AddField(
+            model_name='sitesettings',
+            name='email_port',
+            field=models.IntegerField(default=587, help_text='SMTP порт (обикновено 587 за TLS или 465 за SSL)'),
+        ),
+        migrations.AddField(
+            model_name='sitesettings',
+            name='email_timeout',
+            field=models.IntegerField(default=10, help_text='Таймаут за имейл връзка (секунди)'),
+        ),
+        migrations.AddField(
+            model_name='sitesettings',
+            name='email_use_ssl',
+            field=models.BooleanField(default=False, help_text='Използване на SSL (за порт 465)'),
+        ),
+        migrations.AddField(
+            model_name='sitesettings',
+            name='email_use_tls',
+            field=models.BooleanField(default=True, help_text='Използване на TLS (за порт 587)'),
+        ),
+    ]
diff --git a/reports/migrations/__init__.py b/reports/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/reports/models.py b/reports/models.py
new file mode 100644
index 0000000..f33a705
--- /dev/null
+++ b/reports/models.py
@@ -0,0 +1,411 @@
+"""
+Scam and fraud report models.
+"""
+from django.db import models
+from django.contrib.auth import get_user_model
+from django.urls import reverse
+from django.utils.text import slugify
+from django.core.cache import cache
+from accounts.security import DataEncryption
+
+User = get_user_model()
+
+
+class SiteSettings(models.Model):
+    """
+    Site-wide settings that can be managed from admin.
+    Uses singleton pattern - only one instance should exist.
+    """
+    contact_email = models.EmailField(
+        default='support@fraudplatform.bg',
+        help_text='Основен имейл за контакти и поддръжка'
+    )
+    contact_phone = models.CharField(
+        max_length=50,
+        blank=True,
+        default='',
+        help_text='Телефонен номер за контакти (незадължително)'
+    )
+    contact_address = models.CharField(
+        max_length=200,
+        blank=True,
+        default='',
+        help_text='Адрес за контакти (незадължително)'
+    )
+    
+    # Email Server Settings
+    email_backend = models.CharField(
+        max_length=100,
+        default='django.core.mail.backends.smtp.EmailBackend',
+        choices=[
+            ('django.core.mail.backends.smtp.EmailBackend', 'SMTP'),
+            ('django.core.mail.backends.console.EmailBackend', 'Console (Development)'),
+            ('django.core.mail.backends.filebased.EmailBackend', 'File Based'),
+        ],
+        help_text='Тип на имейл сървъра'
+    )
+    email_host = models.CharField(
+        max_length=255,
+        blank=True,
+        default='',
+        help_text='SMTP сървър (напр. smtp.gmail.com)'
+    )
+    email_port = models.IntegerField(
+        default=587,
+        help_text='SMTP порт (обикновено 587 за TLS или 465 за SSL)'
+    )
+    email_use_tls = models.BooleanField(
+        default=True,
+        help_text='Използване на TLS (за порт 587)'
+    )
+    email_use_ssl = models.BooleanField(
+        default=False,
+        help_text='Използване на SSL (за порт 465)'
+    )
+    email_host_user = models.CharField(
+        max_length=255,
+        blank=True,
+        default='',
+        help_text='SMTP потребителско име / имейл'
+    )
+    email_host_password = models.CharField(
+        max_length=255,
+        blank=True,
+        default='',
+        help_text='SMTP парола (ще бъде криптирана)'
+    )
+    default_from_email = models.EmailField(
+        default='noreply@fraudplatform.bg',
+        help_text='Имейл адрес по подразбиране за изпращане'
+    )
+    email_timeout = models.IntegerField(
+        default=10,
+        help_text='Таймаут за имейл връзка (секунди)'
+    )
+    
+    updated_at = models.DateTimeField(auto_now=True)
+    
+    class Meta:
+        verbose_name = 'Настройки на Сайта'
+        verbose_name_plural = 'Настройки на Сайта'
+        db_table = 'reports_sitesettings'
+    
+    def __str__(self):
+        return 'Настройки на Сайта'
+    
+    def save(self, *args, **kwargs):
+        # Ensure only one instance exists
+        self.pk = 1
+        
+        # Encrypt email password if it's provided and not already encrypted
+        if self.email_host_password:
+            # Check if it's already encrypted by trying to decrypt it
+            # If decryption succeeds, it's already encrypted, so keep original
+            # If decryption fails, it's plain text, so encrypt it
+            is_encrypted = False
+            try:
+                # Try to decrypt - if it succeeds, it's already encrypted
+                DataEncryption.decrypt(self.email_host_password)
+                is_encrypted = True
+            except (Exception, ValueError, TypeError):
+                # Decryption failed, so it's plain text
+                is_encrypted = False
+            
+            # Only encrypt if it's not already encrypted
+            if not is_encrypted:
+                self.email_host_password = DataEncryption.encrypt(self.email_host_password)
+        
+        super().save(*args, **kwargs)
+        # Clear cache when settings are updated
+        cache.delete('site_settings')
+    
+    def get_email_password(self):
+        """Get decrypted email password."""
+        if not self.email_host_password:
+            return ''
+        try:
+            return DataEncryption.decrypt(self.email_host_password)
+        except:
+            # If decryption fails, return as-is (might be plain text from migration)
+            return self.email_host_password
+    
+    def delete(self, *args, **kwargs):
+        # Prevent deletion - settings should always exist
+        pass
+    
+    @classmethod
+    def get_settings(cls):
+        """Get site settings with caching."""
+        settings = cache.get('site_settings')
+        if settings is None:
+            settings, created = cls.objects.get_or_create(pk=1)
+            cache.set('site_settings', settings, 3600)  # Cache for 1 hour
+        return settings
+
+
+class ScamTag(models.Model):
+    """
+    Tags for categorizing scam reports.
+    """
+    name = models.CharField(max_length=100, unique=True)
+    slug = models.SlugField(max_length=100, unique=True, blank=True)
+    description = models.TextField(blank=True)
+    color = models.CharField(
+        max_length=7,
+        default='#007bff',
+        help_text='Hex color code for display'
+    )
+    created_at = models.DateTimeField(auto_now_add=True)
+    
+    class Meta:
+        db_table = 'reports_scamtag'
+        verbose_name = 'Scam Tag'
+        verbose_name_plural = 'Scam Tags'
+        ordering = ['name']
+    
+    def save(self, *args, **kwargs):
+        if not self.slug:
+            self.slug = slugify(self.name)
+        super().save(*args, **kwargs)
+    
+    def __str__(self):
+        return self.name
+
+
+class ScamReport(models.Model):
+    """
+    Main scam/fraud report model.
+    """
+    SCAM_TYPE_CHOICES = [
+        ('phishing', 'Phishing'),
+        ('fake_website', 'Fake Website'),
+        ('romance_scam', 'Romance Scam'),
+        ('investment_scam', 'Investment Scam'),
+        ('tech_support_scam', 'Tech Support Scam'),
+        ('identity_theft', 'Identity Theft'),
+        ('fake_product', 'Fake Product'),
+        ('advance_fee', 'Advance Fee Fraud'),
+        ('other', 'Other'),
+    ]
+    
+    STATUS_CHOICES = [
+        ('pending', 'Pending Review'),
+        ('under_review', 'Under Review'),
+        ('verified', 'Verified'),
+        ('rejected', 'Rejected'),
+        ('archived', 'Archived'),
+    ]
+    
+    # Reporter information
+    reporter = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='reports'
+    )
+    is_anonymous = models.BooleanField(
+        default=False,
+        help_text='Report submitted anonymously'
+    )
+    
+    # Report details
+    title = models.CharField(max_length=200)
+    description = models.TextField()
+    scam_type = models.CharField(
+        max_length=50,
+        choices=SCAM_TYPE_CHOICES,
+        default='other'
+    )
+    
+    # Reported entities
+    reported_url = models.URLField(blank=True, null=True, max_length=500)
+    reported_email = models.EmailField(blank=True, null=True)
+    reported_phone = models.CharField(max_length=20, blank=True, null=True)
+    reported_company = models.CharField(max_length=200, blank=True, null=True)
+    
+    # Evidence
+    evidence_files = models.JSONField(
+        default=list,
+        blank=True,
+        help_text='List of file paths for evidence'
+    )
+    
+    # Status and verification
+    status = models.CharField(
+        max_length=20,
+        choices=STATUS_CHOICES,
+        default='pending'
+    )
+    verification_score = models.IntegerField(
+        default=0,
+        help_text='OSINT verification confidence score (0-100)'
+    )
+    
+    # Visibility
+    is_public = models.BooleanField(
+        default=True,
+        help_text='Visible in public database'
+    )
+    is_auto_discovered = models.BooleanField(
+        default=False,
+        help_text='Automatically discovered by OSINT system'
+    )
+    
+    # Metadata
+    tags = models.ManyToManyField(ScamTag, blank=True, related_name='reports')
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    verified_at = models.DateTimeField(null=True, blank=True)
+    
+    # IP tracking for anonymous reports
+    reporter_ip = models.GenericIPAddressField(null=True, blank=True)
+    
+    class Meta:
+        db_table = 'reports_scamreport'
+        verbose_name = 'Scam Report'
+        verbose_name_plural = 'Scam Reports'
+        ordering = ['-created_at']
+        indexes = [
+            models.Index(fields=['status', 'created_at']),
+            models.Index(fields=['scam_type', 'status']),
+            models.Index(fields=['reported_url']),
+            models.Index(fields=['reported_email']),
+            models.Index(fields=['reported_phone']),
+        ]
+    
+    def __str__(self):
+        return f"{self.title} - {self.get_status_display()}"
+    
+    def get_absolute_url(self):
+        return reverse('reports:detail', kwargs={'pk': self.pk})
+    
+    def get_reporter_display(self):
+        if self.is_anonymous:
+            return "Anonymous"
+        return self.reporter.username if self.reporter else "Unknown"
+
+
+class ScamVerification(models.Model):
+    """
+    OSINT verification data for scam reports.
+    """
+    VERIFICATION_METHOD_CHOICES = [
+        ('whois', 'WHOIS Lookup'),
+        ('dns', 'DNS Records'),
+        ('ssl', 'SSL Certificate'),
+        ('archive', 'Wayback Machine'),
+        ('email_check', 'Email Validation'),
+        ('phone_check', 'Phone Validation'),
+        ('business_registry', 'Business Registry'),
+        ('social_media', 'Social Media'),
+        ('manual', 'Manual Review'),
+    ]
+    
+    report = models.ForeignKey(
+        ScamReport,
+        on_delete=models.CASCADE,
+        related_name='verifications'
+    )
+    verification_method = models.CharField(
+        max_length=50,
+        choices=VERIFICATION_METHOD_CHOICES
+    )
+    verification_data = models.JSONField(
+        default=dict,
+        help_text='Raw verification data'
+    )
+    confidence_score = models.IntegerField(
+        default=0,
+        help_text='Confidence score for this verification (0-100)'
+    )
+    verified_by = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='verifications'
+    )
+    notes = models.TextField(blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    
+    class Meta:
+        db_table = 'reports_scamverification'
+        verbose_name = 'Scam Verification'
+        verbose_name_plural = 'Scam Verifications'
+        ordering = ['-created_at']
+    
+    def __str__(self):
+        return f"Verification for {self.report.title} via {self.get_verification_method_display()}"
+
+
+class TakedownRequest(models.Model):
+    """
+    Request to take down a scam report by the accused party.
+    """
+    STATUS_CHOICES = [
+        ('pending', 'Pending Review'),
+        ('under_review', 'Under Review'),
+        ('approved', 'Approved'),
+        ('rejected', 'Rejected'),
+    ]
+    
+    report = models.ForeignKey(
+        ScamReport,
+        on_delete=models.CASCADE,
+        related_name='takedown_requests'
+    )
+    requester_name = models.CharField(
+        max_length=200,
+        help_text='Име на заявителя'
+    )
+    requester_email = models.EmailField(
+        help_text='Имейл на заявителя'
+    )
+    requester_phone = models.CharField(
+        max_length=50,
+        blank=True,
+        help_text='Телефон на заявителя (незадължително)'
+    )
+    reason = models.TextField(
+        help_text='Причина за заявката за премахване'
+    )
+    evidence = models.TextField(
+        blank=True,
+        help_text='Доказателства или допълнителна информация'
+    )
+    status = models.CharField(
+        max_length=20,
+        choices=STATUS_CHOICES,
+        default='pending'
+    )
+    reviewed_by = models.ForeignKey(
+        User,
+        on_delete=models.SET_NULL,
+        null=True,
+        blank=True,
+        related_name='reviewed_takedown_requests',
+        limit_choices_to={'role__in': ['moderator', 'admin']}
+    )
+    review_notes = models.TextField(
+        blank=True,
+        help_text='Бележки от модератора'
+    )
+    ip_address = models.GenericIPAddressField(null=True, blank=True)
+    user_agent = models.TextField(blank=True)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+    reviewed_at = models.DateTimeField(null=True, blank=True)
+    
+    class Meta:
+        db_table = 'reports_takedownrequest'
+        verbose_name = 'Заявка за Премахване'
+        verbose_name_plural = 'Заявки за Премахване'
+        ordering = ['-created_at']
+        indexes = [
+            models.Index(fields=['report', 'status']),
+            models.Index(fields=['status', 'created_at']),
+        ]
+    
+    def __str__(self):
+        return f"Takedown request for {self.report.title} by {self.requester_name}"
diff --git a/reports/tests.py b/reports/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/reports/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/reports/urls.py b/reports/urls.py
new file mode 100644
index 0000000..5510849
--- /dev/null
+++ b/reports/urls.py
@@ -0,0 +1,33 @@
+"""
+URL configuration for reports app.
+"""
+from django.urls import path
+from django.views.generic import TemplateView
+from . import views
+
+app_name = 'reports'
+
+urlpatterns = [
+    # Home page
+    path('', views.HomeView.as_view(), name='home'),
+    
+    # Public views
+    path('reports/', views.ReportListView.as_view(), name='list'),
+    path('reports/<int:pk>/', views.ReportDetailView.as_view(), name='detail'),
+    path('create/', views.ReportCreateView.as_view(), name='create'),
+    
+    # User views
+    path('my-reports/', views.MyReportsView.as_view(), name='my_reports'),
+    path('reports/<int:pk>/edit/', views.ReportEditView.as_view(), name='edit'),
+    path('reports/<int:pk>/delete/', views.ReportDeleteView.as_view(), name='delete'),
+    
+    # Search
+    path('search/', views.ReportSearchView.as_view(), name='search'),
+    
+    # Contact
+    path('contact/', views.ContactView.as_view(), name='contact'),
+    
+    # Takedown request
+    path('reports/<int:report_pk>/takedown/', views.TakedownRequestView.as_view(), name='takedown_request'),
+]
+
diff --git a/reports/views.py b/reports/views.py
new file mode 100644
index 0000000..ffc3e54
--- /dev/null
+++ b/reports/views.py
@@ -0,0 +1,454 @@
+"""
+Views for reports app.
+"""
+from django.shortcuts import render, get_object_or_404, redirect
+from django.views.generic import TemplateView, ListView, DetailView, CreateView, UpdateView, DeleteView, FormView
+from django.contrib.auth.mixins import LoginRequiredMixin
+from django.contrib.messages.views import SuccessMessageMixin
+from django.urls import reverse_lazy
+from django.db.models import Q, Count
+from django.core.exceptions import ValidationError
+from accounts.security import InputSanitizer
+from .models import ScamReport, ScamTag, TakedownRequest
+from .forms import ScamReportForm, ContactForm, TakedownRequestForm
+from django.contrib import messages
+from django.core.mail import send_mail
+from django.conf import settings
+
+# Bulgarian translations for scam types
+SCAM_TYPE_BG = {
+    'phishing': 'Фишинг',
+    'fake_website': 'Фалшив Уебсайт',
+    'romance_scam': 'Романтична Измама',
+    'investment_scam': 'Инвестиционна Измама',
+    'tech_support_scam': 'Техническа Поддръжка Измама',
+    'identity_theft': 'Кражба на Личност',
+    'fake_product': 'Фалшив Продукт',
+    'advance_fee': 'Авансово Плащане',
+    'other': 'Друго',
+}
+
+
+class HomeView(TemplateView):
+    """Home page view."""
+    template_name = 'reports/home.html'
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['total_reports'] = ScamReport.objects.filter(status='verified').count()
+        context['recent_reports'] = ScamReport.objects.filter(
+            is_public=True,
+            status='verified'
+        ).order_by('-created_at')[:5]
+        
+        # Get scam types with display names - ALL types, not just top 5
+        scam_types_data = ScamReport.objects.filter(
+            status='verified'
+        ).values('scam_type').annotate(
+            count=Count('id')
+        ).order_by('-count')
+        
+        # Add display names with Bulgarian translations
+        scam_types_list = []
+        total_verified = context['total_reports'] or 1  # Avoid division by zero
+        for item in scam_types_data:
+            scam_type_key = item['scam_type']
+            display_name = SCAM_TYPE_BG.get(scam_type_key, dict(ScamReport.SCAM_TYPE_CHOICES).get(scam_type_key, scam_type_key))
+            percentage = (item['count'] / total_verified * 100) if total_verified > 0 else 0
+            scam_types_list.append({
+                'scam_type': scam_type_key,
+                'display_name': display_name,
+                'count': item['count'],
+                'percentage': round(percentage, 1)
+            })
+        
+        context['scam_types'] = scam_types_list
+        
+        # SEO metadata
+        self.request.seo_title = 'Портал за Докладване на Измами - България'
+        self.request.seo_description = f'Портал за докладване на измами. Над {context["total_reports"]} верифицирани доклада. Защита на гражданите от онлайн измами, фишинг, фалшиви уебсайтове и киберпрестъпления.'
+        self.request.seo_keywords = 'измами, докладване измами, киберпрестъпления, фишинг, фалшив уебсайт, защита потребители, България, портал за докладване на измами, анти-измами'
+        self.request.canonical_url = self.request.build_absolute_uri('/')
+        
+        return context
+
+
+class ReportListView(ListView):
+    """List all public verified reports."""
+    model = ScamReport
+    template_name = 'reports/list.html'
+    context_object_name = 'reports'
+    paginate_by = 20
+    
+    def get_queryset(self):
+        return ScamReport.objects.filter(
+            is_public=True,
+            status='verified'
+        ).select_related('reporter').prefetch_related('tags')
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        # SEO metadata
+        self.request.seo_title = 'Всички Доклади за Измами - Портал за Докладване на Измами'
+        self.request.seo_description = 'Прегледайте всички верифицирани доклади за измами в България. Търсете по вид измама, дата и ключови думи.'
+        self.request.seo_keywords = 'доклади измами, списък измами, верифицирани доклади, измами България'
+        self.request.canonical_url = self.request.build_absolute_uri('/reports/')
+        return context
+
+
+class ReportDetailView(DetailView):
+    """View a single report."""
+    model = ScamReport
+    template_name = 'reports/detail.html'
+    context_object_name = 'report'
+    
+    def get_queryset(self):
+        # Allow viewing if public or user is owner/moderator
+        queryset = ScamReport.objects.all()
+        if not self.request.user.is_authenticated:
+            queryset = queryset.filter(is_public=True, status='verified')
+        elif not self.request.user.is_moderator():
+            queryset = queryset.filter(
+                Q(is_public=True, status='verified') | Q(reporter=self.request.user)
+            )
+        return queryset.select_related('reporter').prefetch_related('tags', 'verifications', 'moderation_actions')
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        report = context['report']
+        
+        # SEO metadata
+        scam_type_display = SCAM_TYPE_BG.get(report.scam_type, report.get_scam_type_display())
+        self.request.seo_title = f'{report.title} - Доклад за Измама'
+        self.request.seo_description = f'Доклад за {scam_type_display.lower()}: {report.description[:150]}...' if len(report.description) > 150 else report.description
+        self.request.seo_keywords = f'измама, {scam_type_display.lower()}, доклад, {", ".join([tag.name for tag in report.tags.all()[:5]])}'
+        self.request.seo_type = 'article'
+        self.request.canonical_url = self.request.build_absolute_uri(report.get_absolute_url())
+        
+        return context
+
+
+class ReportCreateView(LoginRequiredMixin, SuccessMessageMixin, CreateView):
+    """Create a new scam report."""
+    model = ScamReport
+    form_class = ScamReportForm
+    template_name = 'reports/create.html'
+    success_url = reverse_lazy('reports:my_reports')
+    success_message = "Report submitted successfully! It will be reviewed by moderators."
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        # SEO metadata
+        self.request.seo_title = 'Докладване на Измама - Портал за Докладване на Измами'
+        self.request.seo_description = 'Докладвайте измама. Помогнете да защитим другите граждани от онлайн измами и киберпрестъпления.'
+        self.request.seo_keywords = 'докладване измама, сигнализиране измама, докладване онлайн измама'
+        self.request.canonical_url = self.request.build_absolute_uri('/create/')
+        self.request.meta_robots = 'noindex, nofollow'  # Don't index form pages
+        return context
+    
+    def get_form_kwargs(self):
+        """Pass request to form for rate limiting."""
+        kwargs = super().get_form_kwargs()
+        kwargs['request'] = self.request
+        return kwargs
+    
+    def form_valid(self, form):
+        # Sanitize user input
+        if form.cleaned_data.get('title'):
+            form.cleaned_data['title'] = InputSanitizer.sanitize_html(form.cleaned_data['title'])
+        if form.cleaned_data.get('description'):
+            form.cleaned_data['description'] = InputSanitizer.sanitize_html(form.cleaned_data['description'])
+        
+        # Validate URLs
+        if form.cleaned_data.get('reported_url'):
+            if not InputSanitizer.validate_url(form.cleaned_data['reported_url']):
+                form.add_error('reported_url', 'Invalid URL format')
+                return self.form_invalid(form)
+        
+        # Validate email
+        if form.cleaned_data.get('reported_email'):
+            if not InputSanitizer.validate_email(form.cleaned_data['reported_email']):
+                form.add_error('reported_email', 'Invalid email format')
+                return self.form_invalid(form)
+        
+        form.instance.reporter = self.request.user
+        form.instance.reporter_ip = self.get_client_ip()
+        response = super().form_valid(form)
+        return response
+    
+    def get_client_ip(self):
+        x_forwarded_for = self.request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip = x_forwarded_for.split(',')[0]
+        else:
+            ip = self.request.META.get('REMOTE_ADDR')
+        return ip
+
+
+class MyReportsView(LoginRequiredMixin, ListView):
+    """List user's own reports."""
+    model = ScamReport
+    template_name = 'reports/my_reports.html'
+    context_object_name = 'reports'
+    paginate_by = 20
+    
+    def get_queryset(self):
+        return ScamReport.objects.filter(
+            reporter=self.request.user
+        ).prefetch_related('moderation_actions').order_by('-created_at')
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        # Get the first rejection action for each report
+        for report in context['reports']:
+            rejection_action = report.moderation_actions.filter(action_type='reject').first()
+            report.rejection_reason = rejection_action.reason if rejection_action else None
+            report.rejection_action = rejection_action
+        return context
+
+
+class ReportEditView(LoginRequiredMixin, SuccessMessageMixin, UpdateView):
+    """Edit own report (only if pending or rejected)."""
+    model = ScamReport
+    form_class = ScamReportForm
+    template_name = 'reports/edit.html'
+    success_url = reverse_lazy('reports:my_reports')
+    success_message = "Report updated successfully!"
+    
+    def get_form_kwargs(self):
+        """Pass request to form for rate limiting."""
+        kwargs = super().get_form_kwargs()
+        kwargs['request'] = self.request
+        return kwargs
+    
+    def get_queryset(self):
+        # Allow editing pending or rejected reports
+        return ScamReport.objects.filter(
+            reporter=self.request.user,
+            status__in=['pending', 'rejected']
+        )
+    
+    def form_valid(self, form):
+        # If editing a rejected report, change status back to pending for re-review
+        if form.instance.status == 'rejected':
+            form.instance.status = 'pending'
+            self.success_message = "Report updated and resubmitted for review!"
+        return super().form_valid(form)
+
+
+class ReportDeleteView(LoginRequiredMixin, SuccessMessageMixin, DeleteView):
+    """Delete own report (only if pending or rejected)."""
+    model = ScamReport
+    template_name = 'reports/delete.html'
+    success_url = reverse_lazy('reports:my_reports')
+    success_message = "Report deleted successfully!"
+    
+    def get_queryset(self):
+        # Allow deleting pending or rejected reports
+        return ScamReport.objects.filter(
+            reporter=self.request.user,
+            status__in=['pending', 'rejected']
+        )
+
+
+class ReportSearchView(ListView):
+    """Search reports."""
+    model = ScamReport
+    template_name = 'reports/search.html'
+    context_object_name = 'reports'
+    paginate_by = 20
+    
+    def get_queryset(self):
+        query = self.request.GET.get('q', '')
+        scam_type = self.request.GET.get('type', '')
+        
+        queryset = ScamReport.objects.filter(
+            is_public=True,
+            status='verified'
+        )
+        
+        if query:
+            queryset = queryset.filter(
+                Q(title__icontains=query) |
+                Q(description__icontains=query) |
+                Q(reported_url__icontains=query) |
+                Q(reported_email__icontains=query)
+            )
+        
+        if scam_type:
+            queryset = queryset.filter(scam_type=scam_type)
+        
+        return queryset.select_related('reporter').prefetch_related('tags')
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['scam_type_choices'] = ScamReport.SCAM_TYPE_CHOICES
+        
+        # SEO metadata
+        query = self.request.GET.get('q', '')
+        if query:
+            self.request.seo_title = f'Търсене: {query} - Доклади за Измами'
+            self.request.seo_description = f'Резултати от търсенето за "{query}" в базата данни с доклади за измами.'
+        else:
+            self.request.seo_title = 'Търсене на Доклади - Официален Портал'
+            self.request.seo_description = 'Търсете в базата данни с верифицирани доклади за измами в България.'
+        self.request.seo_keywords = 'търсене измами, доклади, база данни измами'
+        self.request.canonical_url = self.request.build_absolute_uri('/search/')
+        
+        return context
+
+
+class ContactView(SuccessMessageMixin, FormView):
+    """Contact us page."""
+    form_class = ContactForm
+    template_name = 'reports/contact.html'
+    success_url = reverse_lazy('reports:contact')
+    success_message = "Благодарим ви! Вашето съобщение е изпратено успешно. Ще се свържем с вас скоро."
+    
+    def get_form_kwargs(self):
+        """Pass request to form for rate limiting."""
+        kwargs = super().get_form_kwargs()
+        kwargs['request'] = self.request
+        return kwargs
+    
+    def form_valid(self, form):
+        # Send email notification (if email is configured)
+        try:
+            subject = f"[Контакт] {form.cleaned_data['subject']}"
+            message = f"""
+Име: {form.cleaned_data['name']}
+Имейл: {form.cleaned_data['email']}
+Тип заявка: {form.cleaned_data['inquiry_type']}
+
+Съобщение:
+{form.cleaned_data['message']}
+"""
+            from .models import SiteSettings
+            site_settings = SiteSettings.get_settings()
+            from_email = site_settings.default_from_email
+            recipient_list = [site_settings.contact_email]
+            
+            send_mail(
+                subject,
+                message,
+                from_email,
+                recipient_list,
+                fail_silently=True,  # Don't fail if email is not configured
+            )
+        except Exception:
+            pass  # Email sending is optional
+        
+        messages.success(self.request, self.success_message)
+        return super().form_valid(form)
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        # Add contact information from SiteSettings (already in context via context processor)
+        # But we can add it explicitly if needed for backward compatibility
+        from .models import SiteSettings
+        site_settings = SiteSettings.get_settings()
+        context['contact_email'] = site_settings.contact_email
+        context['contact_phone'] = site_settings.contact_phone
+        context['contact_address'] = site_settings.contact_address
+        
+        # SEO metadata
+        self.request.seo_title = 'Контакти - Официален Портал за Докладване на Измами'
+        self.request.seo_description = 'Свържете се с нас за въпроси, обратна връзка или техническа поддръжка. Портал за докладване на измами в България.'
+        self.request.seo_keywords = 'контакти, поддръжка, обратна връзка, свържете се, официален портал'
+        self.request.canonical_url = self.request.build_absolute_uri('/contact/')
+        
+        return context
+
+
+class TakedownRequestView(SuccessMessageMixin, FormView):
+    """View for requesting takedown of a scam report."""
+    form_class = TakedownRequestForm
+    template_name = 'reports/takedown_request.html'
+    success_message = "Вашата заявка за премахване е изпратена успешно. Ще бъде прегледана от нашия екип в рамките на 2-5 работни дни."
+    
+    def dispatch(self, request, *args, **kwargs):
+        # Get the report
+        self.report = get_object_or_404(
+            ScamReport.objects.filter(is_public=True, status='verified'),
+            pk=kwargs['report_pk']
+        )
+        return super().dispatch(request, *args, **kwargs)
+    
+    def get_form_kwargs(self):
+        """Pass request to form for rate limiting."""
+        kwargs = super().get_form_kwargs()
+        kwargs['request'] = self.request
+        return kwargs
+    
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['report'] = self.report
+        
+        # SEO metadata
+        self.request.seo_title = f'Заявка за Премахване - {self.report.title}'
+        self.request.seo_description = 'Заявка за премахване на доклад за измама'
+        self.request.canonical_url = self.request.build_absolute_uri()
+        self.request.meta_robots = 'noindex, nofollow'
+        
+        return context
+    
+    def form_valid(self, form):
+        # Get client IP
+        x_forwarded_for = self.request.META.get('HTTP_X_FORWARDED_FOR')
+        if x_forwarded_for:
+            ip_address = x_forwarded_for.split(',')[0]
+        else:
+            ip_address = self.request.META.get('REMOTE_ADDR')
+        
+        # Create takedown request
+        takedown_request = form.save(commit=False)
+        takedown_request.report = self.report
+        takedown_request.ip_address = ip_address
+        takedown_request.user_agent = self.request.META.get('HTTP_USER_AGENT', '')
+        takedown_request.save()
+        
+        # Send email notification (if email is configured)
+        try:
+            from .models import SiteSettings
+            
+            site_settings = SiteSettings.get_settings()
+            subject = f"[Заявка за Премахване] Доклад: {self.report.title}"
+            message = f"""
+Нова заявка за премахване на доклад:
+
+Доклад: {self.report.title} (ID: {self.report.pk})
+URL: {self.request.build_absolute_uri(self.report.get_absolute_url())}
+
+Заявител:
+Име: {form.cleaned_data['requester_name']}
+Имейл: {form.cleaned_data['requester_email']}
+Телефон: {form.cleaned_data.get('requester_phone', 'Не е предоставен')}
+
+Причина:
+{form.cleaned_data['reason']}
+
+Доказателства:
+{form.cleaned_data.get('evidence', 'Не са предоставени')}
+
+---
+IP адрес: {ip_address}
+Дата: {takedown_request.created_at}
+"""
+            from_email = site_settings.default_from_email
+            recipient_list = [site_settings.contact_email]
+            
+            send_mail(
+                subject,
+                message,
+                from_email,
+                recipient_list,
+                fail_silently=True,
+            )
+        except Exception:
+            pass  # Email sending is optional
+        
+        messages.success(self.request, self.success_message)
+        return super().form_valid(form)
+    
+    def get_success_url(self):
+        return reverse_lazy('reports:detail', kwargs={'pk': self.report.pk})
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..03ab9b4
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,43 @@
+# Django and Core
+Django>=5.2.8
+psycopg2-binary>=2.9.11
+python-decouple>=3.8
+django-environ>=0.12.0
+
+# MFA/OTP
+django-otp>=1.2.7
+qrcode>=7.4.2
+Pillow>=10.2.0
+
+# Security
+django-cors-headers>=4.3.1
+django-ratelimit>=4.1.0
+cryptography>=41.0.0
+argon2-cffi>=23.1.0
+
+# File handling
+Pillow>=10.2.0
+
+# Task queue (for OSINT)
+celery>=5.3.4
+redis>=5.0.1
+
+# API clients (for OSINT)
+requests>=2.31.0
+python-whois>=0.8.0
+dnspython>=2.4.2
+beautifulsoup4>=4.12.2
+lxml>=4.9.3
+urllib3>=2.0.7
+
+# Utilities
+python-dateutil>=2.8.2
+
+# Development
+django-extensions>=3.2.3
+ipython>=8.18.1
+
+# Production (optional)
+gunicorn>=21.2.0
+whitenoise>=6.6.0
+
diff --git a/templates/404.html b/templates/404.html
new file mode 100644
index 0000000..6b3c82c
--- /dev/null
+++ b/templates/404.html
@@ -0,0 +1,292 @@
+{% extends 'base.html' %}
+{% load static %}
+
+{% block title %}Страницата не е намерена - 404{% endblock %}
+
+{% block extra_css %}
+<style>
+    .error-404-container {
+        min-height: 70vh;
+        display: flex;
+        align-items: center;
+        justify-content: center;
+        padding: 3rem 1rem;
+    }
+
+    .error-404-content {
+        text-align: center;
+        max-width: 700px;
+        width: 100%;
+        animation: fadeInUp 0.6s ease-out;
+    }
+
+    @keyframes fadeInUp {
+        from {
+            opacity: 0;
+            transform: translateY(30px);
+        }
+        to {
+            opacity: 1;
+            transform: translateY(0);
+        }
+    }
+
+    .error-404-number {
+        font-family: 'Roboto Slab', serif;
+        font-size: 12rem;
+        font-weight: 700;
+        background: linear-gradient(135deg, var(--gov-primary) 0%, var(--gov-secondary) 50%, var(--gov-accent) 100%);
+        -webkit-background-clip: text;
+        -webkit-text-fill-color: transparent;
+        background-clip: text;
+        line-height: 1;
+        margin-bottom: 1rem;
+        text-shadow: 0 4px 20px rgba(0, 51, 102, 0.2);
+        animation: pulse 2s ease-in-out infinite;
+        position: relative;
+    }
+
+    @keyframes pulse {
+        0%, 100% {
+            transform: scale(1);
+        }
+        50% {
+            transform: scale(1.02);
+        }
+    }
+
+    .error-404-number::after {
+        content: '';
+        position: absolute;
+        top: 50%;
+        left: 50%;
+        transform: translate(-50%, -50%);
+        width: 200px;
+        height: 200px;
+        background: radial-gradient(circle, rgba(0, 102, 204, 0.1) 0%, transparent 70%);
+        border-radius: 50%;
+        z-index: -1;
+        animation: ripple 3s ease-out infinite;
+    }
+
+    @keyframes ripple {
+        0% {
+            transform: translate(-50%, -50%) scale(0.8);
+            opacity: 1;
+        }
+        100% {
+            transform: translate(-50%, -50%) scale(1.5);
+            opacity: 0;
+        }
+    }
+
+    .error-404-title {
+        font-family: 'Roboto Slab', serif;
+        font-size: 2.5rem;
+        color: var(--gov-primary);
+        margin-bottom: 1rem;
+        font-weight: 700;
+    }
+
+    .error-404-message {
+        font-size: 1.2rem;
+        color: var(--gov-gray);
+        margin-bottom: 2.5rem;
+        line-height: 1.8;
+    }
+
+    .error-404-illustration {
+        margin: 2rem 0;
+        opacity: 0.8;
+    }
+
+    .error-404-illustration svg {
+        max-width: 300px;
+        width: 100%;
+        height: auto;
+        animation: float 3s ease-in-out infinite;
+    }
+
+    @keyframes float {
+        0%, 100% {
+            transform: translateY(0);
+        }
+        50% {
+            transform: translateY(-20px);
+        }
+    }
+
+    .error-404-actions {
+        display: flex;
+        gap: 1rem;
+        justify-content: center;
+        flex-wrap: wrap;
+        margin-top: 2.5rem;
+    }
+
+    .error-404-actions .btn {
+        min-width: 180px;
+    }
+
+    .error-404-helpful-links {
+        margin-top: 3rem;
+        padding-top: 2rem;
+        border-top: 2px solid var(--gov-gray-light);
+    }
+
+    .error-404-helpful-links h3 {
+        font-family: 'Roboto Slab', serif;
+        color: var(--gov-primary);
+        font-size: 1.3rem;
+        margin-bottom: 1.5rem;
+    }
+
+    .helpful-links-grid {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
+        gap: 1rem;
+        margin-top: 1rem;
+    }
+
+    .helpful-link {
+        display: block;
+        padding: 1rem;
+        background: linear-gradient(135deg, var(--gov-light) 0%, var(--gov-white) 100%);
+        border-radius: 8px;
+        text-decoration: none;
+        color: var(--gov-primary);
+        font-weight: 500;
+        transition: all 0.3s ease;
+        border: 2px solid transparent;
+        box-shadow: 0 2px 8px var(--gov-shadow);
+    }
+
+    .helpful-link:hover {
+        transform: translateY(-3px);
+        box-shadow: 0 4px 16px var(--gov-shadow-lg);
+        border-color: var(--gov-secondary);
+        color: var(--gov-secondary);
+    }
+
+    .helpful-link-icon {
+        font-size: 1.5rem;
+        display: block;
+        margin-bottom: 0.5rem;
+    }
+
+    @media (max-width: 768px) {
+        .error-404-number {
+            font-size: 8rem;
+        }
+
+        .error-404-title {
+            font-size: 1.75rem;
+        }
+
+        .error-404-message {
+            font-size: 1rem;
+        }
+
+        .error-404-actions {
+            flex-direction: column;
+        }
+
+        .error-404-actions .btn {
+            width: 100%;
+        }
+
+        .helpful-links-grid {
+            grid-template-columns: 1fr;
+        }
+    }
+
+    @media (max-width: 480px) {
+        .error-404-number {
+            font-size: 6rem;
+        }
+
+        .error-404-title {
+            font-size: 1.5rem;
+        }
+
+        .error-404-illustration svg {
+            max-width: 200px;
+        }
+    }
+</style>
+{% endblock %}
+
+{% block content %}
+<div class="error-404-container">
+    <div class="error-404-content">
+        <div class="error-404-number">404</div>
+        
+        <div class="error-404-illustration">
+            <svg viewBox="0 0 200 200" xmlns="http://www.w3.org/2000/svg">
+                <defs>
+                    <linearGradient id="grad1" x1="0%" y1="0%" x2="100%" y2="100%">
+                        <stop offset="0%" style="stop-color:#003366;stop-opacity:1" />
+                        <stop offset="50%" style="stop-color:#0066cc;stop-opacity:1" />
+                        <stop offset="100%" style="stop-color:#ffd700;stop-opacity:1" />
+                    </linearGradient>
+                </defs>
+                <!-- Magnifying glass -->
+                <circle cx="80" cy="80" r="50" fill="none" stroke="url(#grad1)" stroke-width="4" opacity="0.6"/>
+                <line x1="120" y1="120" x2="160" y2="160" stroke="url(#grad1)" stroke-width="4" stroke-linecap="round" opacity="0.6"/>
+                <!-- Question mark -->
+                <path d="M 100 50 Q 100 40 110 40 Q 120 40 120 50 Q 120 60 110 60 L 110 80 Q 110 90 100 90" 
+                      fill="none" stroke="url(#grad1)" stroke-width="4" stroke-linecap="round" opacity="0.8"/>
+                <circle cx="100" cy="110" r="3" fill="url(#grad1)" opacity="0.8"/>
+            </svg>
+        </div>
+
+        <h1 class="error-404-title">Страницата не е намерена</h1>
+        
+        <p class="error-404-message">
+            Съжаляваме, но страницата, която търсите, не съществува или е преместена. 
+            Моля, проверете адреса или използвайте навигацията по-долу, за да намерите това, което търсите.
+        </p>
+
+        <div class="error-404-actions">
+            <a href="{% url 'reports:home' %}" class="btn btn-primary">
+                <span style="margin-right: 0.5rem;">🏠</span>
+                Начална страница
+            </a>
+            <a href="javascript:history.back()" class="btn btn-secondary">
+                <span style="margin-right: 0.5rem;">←</span>
+                Назад
+            </a>
+        </div>
+
+        <div class="error-404-helpful-links">
+            <h3>Полезни връзки</h3>
+            <div class="helpful-links-grid">
+                <a href="{% url 'reports:list' %}" class="helpful-link">
+                    <span class="helpful-link-icon">📋</span>
+                    Всички доклади
+                </a>
+                <a href="{% url 'reports:create' %}" class="helpful-link">
+                    <span class="helpful-link-icon">➕</span>
+                    Докладване на измама
+                </a>
+                <a href="{% url 'reports:search' %}" class="helpful-link">
+                    <span class="helpful-link-icon">🔍</span>
+                    Търсене
+                </a>
+                {% if user.is_authenticated %}
+                <a href="{% url 'accounts:profile' %}" class="helpful-link">
+                    <span class="helpful-link-icon">👤</span>
+                    Моят профил
+                </a>
+                {% else %}
+                <a href="{% url 'accounts:login' %}" class="helpful-link">
+                    <span class="helpful-link-icon">🔐</span>
+                    Вход в системата
+                </a>
+                {% endif %}
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/login.html b/templates/accounts/login.html
new file mode 100644
index 0000000..be00f13
--- /dev/null
+++ b/templates/accounts/login.html
@@ -0,0 +1,29 @@
+{% extends 'base.html' %}
+
+{% block title %}Вход - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <h2>Вход в Системата</h2>
+        <form method="post">
+            {% csrf_token %}
+            <div class="form-group">
+                <label for="id_username">Потребителско Име</label>
+                <input type="text" name="username" id="id_username" class="form-control" required autofocus>
+            </div>
+            <div class="form-group">
+                <label for="id_password">Парола</label>
+                <input type="password" name="password" id="id_password" class="form-control" required>
+            </div>
+            <button type="submit" class="btn btn-primary btn-block">Вход</button>
+        </form>
+        <div class="auth-links">
+            <a href="{% url 'accounts:password_reset' %}">Забравена парола?</a>
+            <span>|</span>
+            <a href="{% url 'accounts:register' %}">Създаване на акаунт</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/mfa_disable.html b/templates/accounts/mfa_disable.html
new file mode 100644
index 0000000..43ccaed
--- /dev/null
+++ b/templates/accounts/mfa_disable.html
@@ -0,0 +1,25 @@
+{% extends 'base.html' %}
+
+{% block title %}Деактивиране на Двуфакторна Автентификация - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Деактивиране на Двуфакторна Автентификация</h2>
+    <div class="gov-alert gov-alert-warning">
+        <div class="alert-icon">⚠</div>
+        <div class="alert-content">
+            <p><strong>Внимание:</strong> Деактивирането на ДА ще намали сигурността на вашия акаунт.</p>
+            <p>Сигурни ли сте, че искате да деактивирате двуфакторната автентификация?</p>
+        </div>
+    </div>
+    
+    <form method="post" data-loading>
+        {% csrf_token %}
+        <div class="form-actions">
+            <button type="submit" class="btn btn-danger" data-tooltip="Това ще деактивира двуфакторната автентификация">Да, Деактивирам ДА</button>
+            <a href="{% url 'accounts:profile' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/mfa_enable.html b/templates/accounts/mfa_enable.html
new file mode 100644
index 0000000..f3d29e7
--- /dev/null
+++ b/templates/accounts/mfa_enable.html
@@ -0,0 +1,41 @@
+{% extends 'base.html' %}
+
+{% block title %}Активиране на Двуфакторна Автентификация - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <h2>Активиране на Двуфакторна Автентификация</h2>
+        <p>Въведете кода за потвърждение от вашето приложение за автентификация, за да активирате ДА.</p>
+        
+        <form method="post" data-loading>
+            {% csrf_token %}
+            <div class="mfa-form-group">
+                <label for="id_token">Код за Потвърждение</label>
+                <input type="text" 
+                       name="token" 
+                       id="id_token" 
+                       class="mfa-token-input" 
+                       placeholder="000000" 
+                       maxlength="6" 
+                       pattern="[0-9]{6}"
+                       autofocus 
+                       required
+                       inputmode="numeric">
+                {% if form.token.errors %}
+                    <div class="error-message">{{ form.token.errors }}</div>
+                {% endif %}
+                <small class="mfa-help-text">Въведете 6-цифрения код от вашето приложение за автентификация</small>
+            </div>
+            <button type="submit" class="btn btn-primary btn-block">Активиране на ДА</button>
+        </form>
+        
+        <div class="auth-links">
+            <a href="{% url 'accounts:mfa_setup' %}">Обратно към Настройка</a>
+            <span>|</span>
+            <a href="{% url 'accounts:profile' %}">Отказ</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/mfa_setup.html b/templates/accounts/mfa_setup.html
new file mode 100644
index 0000000..a497da6
--- /dev/null
+++ b/templates/accounts/mfa_setup.html
@@ -0,0 +1,81 @@
+{% extends 'base.html' %}
+
+{% block title %}Настройка на Двуфакторна Автентификация - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Настройка на Двуфакторна Автентификация</h2>
+    
+    {% if mfa_enabled %}
+    <div class="gov-alert gov-alert-info">
+        <div class="alert-icon">ℹ</div>
+        <div class="alert-content">
+            <p>Двуфакторната автентификация вече е активирана за вашия акаунт.</p>
+            <a href="{% url 'accounts:mfa_disable' %}" class="btn btn-danger" style="margin-top: 1rem;">Деактивиране</a>
+        </div>
+    </div>
+    {% else %}
+    <div class="mfa-setup-steps">
+        <div class="step">
+            <h3>Стъпка 1: Инсталиране на Приложение за Автентификация</h3>
+            <p>Ако все още нямате такова, инсталирайте приложение за автентификация на вашето мобилно устройство:</p>
+            <ul>
+                <li><strong>Google Authenticator</strong> (iOS, Android)</li>
+                <li><strong>Microsoft Authenticator</strong> (iOS, Android)</li>
+                <li><strong>Authy</strong> (iOS, Android)</li>
+                <li><strong>1Password</strong> (iOS, Android, Desktop)</li>
+            </ul>
+        </div>
+        
+        <div class="step">
+            <h3>Стъпка 2: Сканиране на QR Код</h3>
+            <p>Отворете вашето приложение за автентификация и сканирайте този QR код:</p>
+            {% if qr_code %}
+            <div class="qr-code-container">
+                <img src="{{ qr_code }}" alt="QR Code" class="qr-code">
+            </div>
+            <div class="secret-key">
+                <p><strong>Или въведете този ключ ръчно:</strong></p>
+                <div class="secret-code">{{ secret_key }}</div>
+                <button type="button" class="btn btn-sm btn-secondary" onclick="copySecretKey('{{ secret_key }}')" style="margin-top: 1rem;" data-tooltip="Копиране на секретния ключ">
+                    Копиране на Ключ
+                </button>
+            </div>
+            {% else %}
+            <p>Генериране на QR код...</p>
+            {% endif %}
+        </div>
+        
+        <div class="step">
+            <h3>Стъпка 3: Потвърждаване на Настройката</h3>
+            <p>Въведете 6-цифрения код от вашето приложение за автентификация, за да потвърдите настройката:</p>
+            <div style="text-align: center; margin-top: 1.5rem;">
+                <a href="{% url 'accounts:mfa_enable' %}" class="btn btn-primary" data-tooltip="Продължете към страницата за потвърждаване">Продължи към Потвърждаване</a>
+            </div>
+        </div>
+    </div>
+    {% endif %}
+    
+    <div class="form-actions">
+        <a href="{% url 'accounts:profile' %}" class="btn btn-secondary">Обратно към Профил</a>
+    </div>
+</div>
+
+<script>
+function copySecretKey(key) {
+    navigator.clipboard.writeText(key).then(function() {
+        if (typeof Toast !== 'undefined') {
+            Toast.success('Секретният ключ е копиран в клипборда!');
+        } else {
+            alert('Секретният ключ е копиран в клипборда!');
+        }
+    }, function(err) {
+        console.error('Failed to copy: ', err);
+        if (typeof Toast !== 'undefined') {
+            Toast.error('Неуспешно копиране. Моля, копирайте ръчно.');
+        }
+    });
+}
+</script>
+{% endblock %}
+
diff --git a/templates/accounts/mfa_verify.html b/templates/accounts/mfa_verify.html
new file mode 100644
index 0000000..2281f9d
--- /dev/null
+++ b/templates/accounts/mfa_verify.html
@@ -0,0 +1,39 @@
+{% extends 'base.html' %}
+
+{% block title %}Двуфакторна Автентификация - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <h2>Двуфакторна Автентификация</h2>
+        <p>Моля, въведете кода за потвърждение от вашето приложение за автентификация, за да завършите входа.</p>
+        
+        <form method="post" data-loading>
+            {% csrf_token %}
+            <div class="mfa-form-group">
+                <label for="id_token">Код за Потвърждение</label>
+                <input type="text" 
+                       name="token" 
+                       id="id_token" 
+                       class="mfa-token-input" 
+                       placeholder="000000" 
+                       maxlength="6" 
+                       pattern="[0-9]{6}"
+                       autofocus 
+                       required
+                       inputmode="numeric">
+                {% if form.token.errors %}
+                    <div class="error-message">{{ form.token.errors }}</div>
+                {% endif %}
+                <small class="mfa-help-text">Въведете 6-цифрения код от вашето приложение за автентификация</small>
+            </div>
+            <button type="submit" class="btn btn-primary btn-block">Потвърждаване</button>
+        </form>
+        
+        <div class="auth-links">
+            <a href="{% url 'accounts:login' %}">Обратно към Вход</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/password_change.html b/templates/accounts/password_change.html
new file mode 100644
index 0000000..bb9feaa
--- /dev/null
+++ b/templates/accounts/password_change.html
@@ -0,0 +1,39 @@
+{% extends 'base.html' %}
+
+{% block title %}Смяна на Парола - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Смяна на Парола</h2>
+    <form method="post">
+        {% csrf_token %}
+        <div class="form-group">
+            <label for="id_old_password">Текуща Парола</label>
+            <input type="password" name="old_password" id="id_old_password" class="form-control" required autofocus>
+            {% if form.old_password.errors %}
+                <div class="error-message">{{ form.old_password.errors }}</div>
+            {% endif %}
+        </div>
+        <div class="form-group">
+            <label for="id_new_password1">Нова Парола</label>
+            <input type="password" name="new_password1" id="id_new_password1" class="form-control" required>
+            {% if form.new_password1.errors %}
+                <div class="error-message">{{ form.new_password1.errors }}</div>
+            {% endif %}
+            <small class="form-text">Минимум 12 символа</small>
+        </div>
+        <div class="form-group">
+            <label for="id_new_password2">Потвърждение на Новата Парола</label>
+            <input type="password" name="new_password2" id="id_new_password2" class="form-control" required>
+            {% if form.new_password2.errors %}
+                <div class="error-message">{{ form.new_password2.errors }}</div>
+            {% endif %}
+        </div>
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary">Смяна на Парола</button>
+            <a href="{% url 'accounts:profile' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/password_reset.html b/templates/accounts/password_reset.html
new file mode 100644
index 0000000..551bfaa
--- /dev/null
+++ b/templates/accounts/password_reset.html
@@ -0,0 +1,27 @@
+{% extends 'base.html' %}
+
+{% block title %}Възстановяване на Парола - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <h2>Възстановяване на Парола</h2>
+        <p>Въведете вашия имейл адрес и ще ви изпратим връзка за възстановяване на паролата.</p>
+        <form method="post">
+            {% csrf_token %}
+            <div class="form-group">
+                <label for="id_email">Имейл</label>
+                <input type="email" name="email" id="id_email" class="form-control" required autofocus>
+                {% if form.email.errors %}
+                    <div class="error-message">{{ form.email.errors }}</div>
+                {% endif %}
+            </div>
+            <button type="submit" class="btn btn-primary btn-block">Изпращане на Връзка</button>
+        </form>
+        <div class="auth-links">
+            <a href="{% url 'accounts:login' %}">Обратно към Вход</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/password_reset_complete.html b/templates/accounts/password_reset_complete.html
new file mode 100644
index 0000000..43f78fb
--- /dev/null
+++ b/templates/accounts/password_reset_complete.html
@@ -0,0 +1,16 @@
+{% extends 'base.html' %}
+
+{% block title %}Възстановяване на Парола Завършено - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <h2>Възстановяване на Парола Завършено</h2>
+        <p>Вашата парола е зададена. Можете да влезете в системата сега.</p>
+        <div class="auth-links">
+            <a href="{% url 'accounts:login' %}" class="btn btn-primary btn-block">Вход</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/password_reset_confirm.html b/templates/accounts/password_reset_confirm.html
new file mode 100644
index 0000000..8afc487
--- /dev/null
+++ b/templates/accounts/password_reset_confirm.html
@@ -0,0 +1,41 @@
+{% extends 'base.html' %}
+
+{% block title %}Задаване на Нова Парола - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <h2>Задаване на Нова Парола</h2>
+        {% if validlink %}
+        <form method="post">
+            {% csrf_token %}
+            <div class="form-group">
+                <label for="id_new_password1">Нова Парола</label>
+                <input type="password" name="new_password1" id="id_new_password1" class="form-control" required autofocus>
+                {% if form.new_password1.errors %}
+                    <div class="error-message">{{ form.new_password1.errors }}</div>
+                {% endif %}
+                <small class="form-text">Минимум 12 символа</small>
+            </div>
+            <div class="form-group">
+                <label for="id_new_password2">Потвърждение на Новата Парола</label>
+                <input type="password" name="new_password2" id="id_new_password2" class="form-control" required>
+                {% if form.new_password2.errors %}
+                    <div class="error-message">{{ form.new_password2.errors }}</div>
+                {% endif %}
+            </div>
+            <button type="submit" class="btn btn-primary btn-block">Смяна на Парола</button>
+        </form>
+        {% else %}
+        <div class="gov-alert gov-alert-error">
+            <div class="alert-icon">✕</div>
+            <div class="alert-content">
+                <p>Връзката за възстановяване на парола е невалидна или е изтекла. Моля, заявете нова.</p>
+                <a href="{% url 'accounts:password_reset' %}" class="btn btn-primary" style="margin-top: 1rem;">Заявка за Нова Връзка</a>
+            </div>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/password_reset_done.html b/templates/accounts/password_reset_done.html
new file mode 100644
index 0000000..b4e7151
--- /dev/null
+++ b/templates/accounts/password_reset_done.html
@@ -0,0 +1,17 @@
+{% extends 'base.html' %}
+
+{% block title %}Имейл за Възстановяване Изпратен - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <h2>Имейл за Възстановяване Изпратен</h2>
+        <p>Изпратихме ви инструкции за задаване на вашата парола. Ако съществува акаунт с въведения имейл, трябва да ги получите скоро.</p>
+        <p>Ако не получите имейл, моля, уверете се, че сте въвели адреса, с който сте се регистрирали, и проверете папката за спам.</p>
+        <div class="auth-links">
+            <a href="{% url 'accounts:login' %}">Обратно към Вход</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/password_reset_email.html b/templates/accounts/password_reset_email.html
new file mode 100644
index 0000000..bc96dfa
--- /dev/null
+++ b/templates/accounts/password_reset_email.html
@@ -0,0 +1,22 @@
+{% load i18n %}{% autoescape off %}
+Здравейте,
+
+Получихте този имейл, защото заявихте възстановяване на парола за вашия акаунт в {{ site_name|default:"Портал за Докладване на Измами" }}.
+
+Моля, кликнете на следната връзка, за да зададете нова парола:
+
+{{ protocol }}://{{ domain }}{% url 'accounts:password_reset_confirm' uidb64=uid token=token %}
+
+Ако връзката не работи, копирайте и поставете адреса в браузъра си.
+
+Ако не сте заявили възстановяване на парола, моля, игнорирайте този имейл. Вашата парола няма да бъде променена.
+
+Тази връзка е валидна за ограничен период от време за вашата сигурност.
+
+С уважение,
+Екипът на {{ site_name|default:"Портал за Докладване на Измами" }}
+
+---
+Това е автоматично генериран имейл. Моля, не отговаряйте на този имейл.
+{% endautoescape %}
+
diff --git a/templates/accounts/password_reset_email_subject.txt b/templates/accounts/password_reset_email_subject.txt
new file mode 100644
index 0000000..950c844
--- /dev/null
+++ b/templates/accounts/password_reset_email_subject.txt
@@ -0,0 +1,2 @@
+Възстановяване на Парола - {{ site_name|default:"Портал за Докладване на Измами" }}
+
diff --git a/templates/accounts/profile.html b/templates/accounts/profile.html
new file mode 100644
index 0000000..333be5a
--- /dev/null
+++ b/templates/accounts/profile.html
@@ -0,0 +1,96 @@
+{% extends 'base.html' %}
+
+{% block title %}Моят Профил - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="profile-container">
+    <div class="gov-card">
+        <div class="gov-card-header">
+            <h2>Моят Профил</h2>
+            <a href="{% url 'accounts:profile_edit' %}" class="btn btn-primary">Редактиране на Профил</a>
+        </div>
+        <div class="gov-card-body">
+            <div class="info-section">
+                <h3>Информация за Акаунта</h3>
+                <div class="profile-info">
+                    <div class="info-row">
+                        <strong>Потребителско Име:</strong>
+                        <span>{{ user_obj.username }}</span>
+                    </div>
+                    <div class="info-row">
+                        <strong>Имейл:</strong>
+                        <span>{{ user_obj.email }}</span>
+                    </div>
+                    <div class="info-row">
+                        <strong>Роля:</strong>
+                        <span class="badge badge-{{ user_obj.role }}">{{ user_obj.get_role_display }}</span>
+                    </div>
+                    <div class="info-row">
+                        <strong>Потвърден Имейл:</strong>
+                        <span>{% if user_obj.is_verified %}Да{% else %}Не{% endif %}</span>
+                    </div>
+                    <div class="info-row">
+                        <strong>Двуфакторна Автентификация:</strong>
+                        <span>{% if user_obj.mfa_enabled %}Активирана{% else %}Деактивирана{% endif %}</span>
+                        {% if user_obj.mfa_enabled %}
+                            <a href="{% url 'accounts:mfa_disable' %}" 
+                               class="btn btn-sm btn-danger"
+                               data-confirm="Сигурни ли сте, че искате да деактивирате двуфакторната автентификация? Това ще намали сигурността на вашия акаунт."
+                               data-confirm-title="Деактивиране на MFA"
+                               data-tooltip="Деактивиране на двуфакторна автентификация">Деактивиране</a>
+                        {% else %}
+                            <a href="{% url 'accounts:mfa_setup' %}" 
+                               class="btn btn-sm btn-primary"
+                               data-tooltip="Активиране на двуфакторна автентификация за по-голяма сигурност">Активиране</a>
+                        {% endif %}
+                    </div>
+                    <div class="info-row">
+                        <strong>Член от:</strong>
+                        <span>{{ user_obj.created_at|date:"d F Y" }}</span>
+                    </div>
+                </div>
+            </div>
+
+            {% if user_obj.profile %}
+            <div class="info-section">
+                <h3>Лична Информация</h3>
+                <div class="profile-info">
+                    {% if user_obj.profile.first_name %}
+                    <div class="info-row">
+                        <strong>Име:</strong>
+                        <span>{{ user_obj.profile.first_name }}</span>
+                    </div>
+                    {% endif %}
+                    {% if user_obj.profile.last_name %}
+                    <div class="info-row">
+                        <strong>Фамилия:</strong>
+                        <span>{{ user_obj.profile.last_name }}</span>
+                    </div>
+                    {% endif %}
+                    {% if user_obj.profile.phone %}
+                    <div class="info-row">
+                        <strong>Телефон:</strong>
+                        <span>{{ user_obj.profile.phone }}</span>
+                    </div>
+                    {% endif %}
+                    <div class="info-row">
+                        <strong>Предпочитан Език:</strong>
+                        <span>{{ user_obj.profile.get_preferred_language_display }}</span>
+                    </div>
+                </div>
+            </div>
+            {% endif %}
+        </div>
+    </div>
+
+    <div class="gov-card">
+        <div class="gov-card-body">
+            <div class="profile-actions">
+                <a href="{% url 'accounts:password_change' %}" class="btn btn-secondary">Смяна на Парола</a>
+                <a href="{% url 'legal:data_request' %}" class="btn btn-secondary">Заявка за Данни</a>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/profile_edit.html b/templates/accounts/profile_edit.html
new file mode 100644
index 0000000..c8c5ee7
--- /dev/null
+++ b/templates/accounts/profile_edit.html
@@ -0,0 +1,37 @@
+{% extends 'base.html' %}
+
+{% block title %}Редактиране на Профил - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Редактиране на Профил</h2>
+    <form method="post" data-loading>
+        {% csrf_token %}
+        <div class="form-group">
+            <label for="id_first_name">Име</label>
+            <input type="text" name="first_name" id="id_first_name" class="form-control" value="{{ form.first_name.value|default:'' }}" data-tooltip="Вашето първо име">
+        </div>
+        <div class="form-group">
+            <label for="id_last_name">Фамилия</label>
+            <input type="text" name="last_name" id="id_last_name" class="form-control" value="{{ form.last_name.value|default:'' }}" data-tooltip="Вашата фамилия">
+        </div>
+        <div class="form-group">
+            <label for="id_phone">Телефон</label>
+            <input type="text" name="phone" id="id_phone" class="form-control" value="{{ form.phone.value|default:'' }}" placeholder="+359..." data-tooltip="Телефонен номер в международен формат">
+        </div>
+        <div class="form-group">
+            <label for="id_preferred_language">Предпочитан Език</label>
+            <select name="preferred_language" id="id_preferred_language" class="form-control" data-tooltip="Изберете предпочитания език за интерфейса">
+                {% for value, label in form.preferred_language.field.choices %}
+                    <option value="{{ value }}" {% if form.preferred_language.value == value %}selected{% endif %}>{{ label }}</option>
+                {% endfor %}
+            </select>
+        </div>
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary" data-tooltip="Промените ще бъдат запазени">Запазване на Промените</button>
+            <a href="{% url 'accounts:profile' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/accounts/register.html b/templates/accounts/register.html
new file mode 100644
index 0000000..865e177
--- /dev/null
+++ b/templates/accounts/register.html
@@ -0,0 +1,57 @@
+{% extends 'base.html' %}
+
+{% block title %}Регистрация - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="auth-container">
+    <div class="auth-card">
+        <h2>Създаване на Акаунт</h2>
+        <form method="post">
+            {% csrf_token %}
+            <div class="form-group">
+                <label for="id_username">Потребителско Име</label>
+                <input type="text" name="username" id="id_username" class="form-control" required autofocus>
+                {% if form.username.errors %}
+                    <div class="error-message">{{ form.username.errors }}</div>
+                {% endif %}
+            </div>
+            <div class="form-group">
+                <label for="id_email">Имейл</label>
+                <input type="email" name="email" id="id_email" class="form-control" required>
+                {% if form.email.errors %}
+                    <div class="error-message">{{ form.email.errors }}</div>
+                {% endif %}
+            </div>
+            <div class="form-group">
+                <label for="id_password1">Парола</label>
+                <input type="password" name="password1" id="id_password1" class="form-control" required>
+                {% if form.password1.errors %}
+                    <div class="error-message">{{ form.password1.errors }}</div>
+                {% endif %}
+                <small class="form-text">Минимум 12 символа</small>
+            </div>
+            <div class="form-group">
+                <label for="id_password2">Потвърждение на Парола</label>
+                <input type="password" name="password2" id="id_password2" class="form-control" required>
+                {% if form.password2.errors %}
+                    <div class="error-message">{{ form.password2.errors }}</div>
+                {% endif %}
+            </div>
+            <div class="form-group">
+                <label class="checkbox-label">
+                    <input type="checkbox" name="consent_given" id="id_consent_given" required>
+                    Съгласен съм с <a href="{% url 'legal:privacy' %}" target="_blank">Политиката за Поверителност</a> и <a href="{% url 'legal:terms' %}" target="_blank">Условията за Ползване</a>
+                </label>
+                {% if form.consent_given.errors %}
+                    <div class="error-message">{{ form.consent_given.errors }}</div>
+                {% endif %}
+            </div>
+            <button type="submit" class="btn btn-primary btn-block">Регистрация</button>
+        </form>
+        <div class="auth-links">
+            <a href="{% url 'accounts:login' %}">Вече имате акаунт? Вход</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/admin/reports/sitesettings/change_form.html b/templates/admin/reports/sitesettings/change_form.html
new file mode 100644
index 0000000..c51015c
--- /dev/null
+++ b/templates/admin/reports/sitesettings/change_form.html
@@ -0,0 +1,90 @@
+{% extends "admin/change_form.html" %}
+{% load static %}
+
+{% block submit_buttons_bottom %}
+{{ block.super }}
+
+{% if show_test_email %}
+<div style="margin-top: 20px; padding: 15px; background: #f8f9fa; border: 1px solid #dee2e6; border-radius: 4px;">
+    <h3 style="margin-top: 0;">Тест на Имейл Сървър</h3>
+    <p>Изпратете тестов имейл, за да проверите дали настройките на имейл сървъра са правилни.</p>
+    <form method="post" style="display: flex; gap: 10px; align-items: flex-end;">
+        {% csrf_token %}
+        <div style="flex: 1;">
+            <label for="test_email_address" style="display: block; margin-bottom: 5px; font-weight: 600;">Имейл адрес за тест:</label>
+            <input type="email" 
+                   id="test_email_address" 
+                   name="test_email_address" 
+                   value="{{ user.email }}" 
+                   class="vTextField" 
+                   style="width: 100%; padding: 8px;"
+                   placeholder="test@example.com"
+                   required>
+        </div>
+        <div>
+            <button type="submit" 
+                    name="_test_email" 
+                    class="default" 
+                    style="padding: 10px 20px; background: #417690; color: white; border: none; border-radius: 4px; cursor: pointer;">
+                📧 Изпрати Тестов Имейл
+            </button>
+        </div>
+    </form>
+    <p style="margin-top: 10px; font-size: 12px; color: #666;">
+        <strong>Забележка:</strong> Уверете се, че сте запазили промените преди изпращане на тестов имейл.
+    </p>
+    {% if original.email_backend == 'django.core.mail.backends.smtp.EmailBackend' and not original.email_host %}
+    <div style="margin-top: 15px; padding: 12px; background: #fff3cd; border: 1px solid #ffc107; border-radius: 4px;">
+        <strong style="color: #856404;">⚠️ Внимание:</strong>
+        <p style="margin: 5px 0 0 0; color: #856404;">
+            SMTP сървърът не е конфигуриран. Моля, попълнете полето "Email Host" и запазете настройките преди изпращане на тестов имейл. 
+            Без конфигуриран SMTP сървър, имейлите ще се изпращат само в конзолата (за разработка).
+        </p>
+    </div>
+    {% endif %}
+    {% if original.email_use_tls and original.email_use_ssl %}
+    <div style="margin-top: 15px; padding: 12px; background: #f8d7da; border: 1px solid #dc3545; border-radius: 4px;">
+        <strong style="color: #721c24;">❌ Грешка:</strong>
+        <p style="margin: 5px 0 0 0; color: #721c24;">
+            TLS и SSL не могат да бъдат активирани едновременно! Моля, изберете само едно от двете. 
+            Обикновено използвайте TLS за порт 587 или SSL за порт 465.
+        </p>
+    </div>
+    {% endif %}
+</div>
+{% endif %}
+{% endblock %}
+
+{% block admin_change_form_document_ready %}
+{{ block.super }}
+<script>
+(function($) {
+    // Make TLS and SSL mutually exclusive
+    var tlsField = $('#id_email_use_tls');
+    var sslField = $('#id_email_use_ssl');
+    
+    function updateMutualExclusivity() {
+        if (tlsField.is(':checked') && sslField.is(':checked')) {
+            // If both are checked, uncheck SSL (TLS is more common)
+            sslField.prop('checked', false);
+        }
+    }
+    
+    tlsField.on('change', function() {
+        if ($(this).is(':checked')) {
+            sslField.prop('checked', false);
+        }
+    });
+    
+    sslField.on('change', function() {
+        if ($(this).is(':checked')) {
+            tlsField.prop('checked', false);
+        }
+    });
+    
+    // Check on page load
+    updateMutualExclusivity();
+})(django.jQuery);
+</script>
+{% endblock %}
+
diff --git a/templates/analytics/dashboard.html b/templates/analytics/dashboard.html
new file mode 100644
index 0000000..a7b6705
--- /dev/null
+++ b/templates/analytics/dashboard.html
@@ -0,0 +1,80 @@
+{% extends 'base.html' %}
+
+{% block title %}Табло за Аналитика - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Табло за Аналитика</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="stats-grid">
+            <div class="stat-card">
+                <h3>{{ total_reports|default:0 }}</h3>
+                <p>Общо Доклади</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ pending_reports|default:0 }}</h3>
+                <p>Чакащи</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ verified_reports|default:0 }}</h3>
+                <p>Потвърдени</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ rejected_reports|default:0 }}</h3>
+                <p>Отхвърлени</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ total_users|default:0 }}</h3>
+                <p>Общо Потребители</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ moderators|default:0 }}</h3>
+                <p>Модератори</p>
+            </div>
+        </div>
+    </div>
+</div>
+
+{% if scam_types %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Разпределение по Видове Измами</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="scam-types-grid">
+            {% for type in scam_types %}
+            <div class="scam-type-card">
+                <div class="scam-type-header">
+                    <span class="badge badge-{{ type.scam_type }}" style="font-size: 0.9rem; padding: 0.5rem 1rem;">
+                        {{ type.display_name }}
+                    </span>
+                    <div class="scam-type-count">
+                        <span class="count-number">{{ type.count }}</span>
+                        <span class="count-label">доклад{{ type.count|pluralize:"а,а" }}</span>
+                    </div>
+                </div>
+                <div class="scam-type-bar">
+                    <div class="scam-type-bar-fill" style="width: {{ type.percentage }}%"></div>
+                </div>
+                <div class="scam-type-percentage">
+                    {{ type.percentage }}% от общия брой
+                </div>
+            </div>
+            {% endfor %}
+        </div>
+    </div>
+</div>
+{% endif %}
+
+<div class="gov-card">
+    <div class="gov-card-body">
+        <div class="analytics-links">
+            <a href="{% url 'analytics:reports' %}" class="btn btn-secondary">Аналитика на Докладите</a>
+            <a href="{% url 'analytics:users' %}" class="btn btn-secondary">Аналитика на Потребителите</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/analytics/reports.html b/templates/analytics/reports.html
new file mode 100644
index 0000000..c66f092
--- /dev/null
+++ b/templates/analytics/reports.html
@@ -0,0 +1,283 @@
+{% extends 'base.html' %}
+
+{% block title %}Аналитика на Докладите - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="page-header">
+    <h1>Аналитика на Докладите</h1>
+    <p class="lead">Подробна статистика и аналитика за докладите за измами</p>
+</div>
+
+<!-- Overall Statistics -->
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Обща Статистика</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="stats-grid">
+            <div class="stat-card">
+                <h3>{{ total_reports|default:0 }}</h3>
+                <p>Общо Доклади</p>
+            </div>
+            <div class="stat-card stat-pending">
+                <h3>{{ pending_reports|default:0 }}</h3>
+                <p>В Очакване</p>
+            </div>
+            <div class="stat-card stat-verified">
+                <h3>{{ verified_reports|default:0 }}</h3>
+                <p>Потвърдени</p>
+            </div>
+            <div class="stat-card stat-rejected">
+                <h3>{{ rejected_reports|default:0 }}</h3>
+                <p>Отхвърлени</p>
+            </div>
+            <div class="stat-card stat-review">
+                <h3>{{ under_review_reports|default:0 }}</h3>
+                <p>В Преглед</p>
+            </div>
+        </div>
+    </div>
+</div>
+
+<!-- Time-based Statistics -->
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Статистика по Период</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="stats-grid">
+            <div class="stat-card">
+                <h3>{{ reports_last_7_days|default:0 }}</h3>
+                <p>Последните 7 Дни</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ reports_last_30_days|default:0 }}</h3>
+                <p>Последните 30 Дни</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ reports_last_90_days|default:0 }}</h3>
+                <p>Последните 90 Дни</p>
+            </div>
+        </div>
+    </div>
+</div>
+
+<!-- Scam Type Distribution -->
+{% if scam_types %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Разпределение по Видове Измами</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="scam-types-grid">
+            {% for type in scam_types %}
+            <div class="scam-type-card">
+                <div class="scam-type-header">
+                    <span class="badge badge-{{ type.scam_type }}" style="font-size: 0.9rem; padding: 0.5rem 1rem;">
+                        {{ type.display_name }}
+                    </span>
+                    <div class="scam-type-count">
+                        <span class="count-number">{{ type.count }}</span>
+                        <span class="count-label">доклад{{ type.count|pluralize:"а,а" }}</span>
+                    </div>
+                </div>
+                <div class="scam-type-bar">
+                    <div class="scam-type-bar-fill" style="width: {{ type.percentage }}%"></div>
+                </div>
+                <div class="scam-type-percentage">
+                    {{ type.percentage }}% от общия брой
+                </div>
+            </div>
+            {% endfor %}
+        </div>
+    </div>
+</div>
+{% endif %}
+
+<!-- Moderation Statistics -->
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Статистика на Модерация</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="stats-grid">
+            <div class="stat-card">
+                <h3>{{ total_moderations|default:0 }}</h3>
+                <p>Общо Модерации</p>
+            </div>
+            <div class="stat-card stat-verified">
+                <h3>{{ approvals|default:0 }}</h3>
+                <p>Одобрени</p>
+            </div>
+            <div class="stat-card stat-rejected">
+                <h3>{{ rejections|default:0 }}</h3>
+                <p>Отхвърлени</p>
+            </div>
+        </div>
+        {% if avg_moderation_time_hours %}
+        <div style="margin-top: 2rem; padding-top: 2rem; border-top: 1px solid #e0e0e0;">
+            <h3>Време за Модерация</h3>
+            <div class="stats-grid" style="margin-top: 1rem;">
+                <div class="stat-card">
+                    <h3>{{ avg_moderation_time_hours }}ч</h3>
+                    <p>Средно Време</p>
+                </div>
+                <div class="stat-card">
+                    <h3>{{ min_moderation_time_hours }}ч</h3>
+                    <p>Минимално Време</p>
+                </div>
+                <div class="stat-card">
+                    <h3>{{ max_moderation_time_hours }}ч</h3>
+                    <p>Максимално Време</p>
+                </div>
+            </div>
+        </div>
+        {% endif %}
+    </div>
+</div>
+
+<!-- Top Reporters -->
+{% if top_reporters %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Най-Активни Докладващи</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="table-responsive">
+            <table class="gov-table">
+                <thead>
+                    <tr>
+                        <th>Позиция</th>
+                        <th>Потребител</th>
+                        <th>Брой Доклади</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for reporter in top_reporters %}
+                    <tr>
+                        <td>{{ forloop.counter }}</td>
+                        <td>{{ reporter.reporter__username|default:"Анонимен" }}</td>
+                        <td><strong>{{ reporter.report_count }}</strong></td>
+                    </tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+    </div>
+</div>
+{% endif %}
+
+<!-- Daily Reports Chart -->
+{% if daily_reports %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Дневна Статистика (Последните 30 Дни)</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="chart-container">
+            <canvas id="dailyReportsChart" style="max-height: 400px;"></canvas>
+        </div>
+    </div>
+</div>
+{% endif %}
+
+<!-- Status Over Time -->
+{% if status_over_time %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Статуси по Време (Последните 7 Дни)</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="chart-container">
+            <canvas id="statusChart" style="max-height: 400px;"></canvas>
+        </div>
+    </div>
+</div>
+{% endif %}
+
+<div style="margin-top: 2rem;">
+    <a href="{% url 'analytics:dashboard' %}" class="btn btn-secondary">Обратно към Таблото</a>
+</div>
+
+{% if daily_reports %}
+<script src="https://cdn.jsdelivr.net/npm/chart.js@3.9.1/dist/chart.min.js"></script>
+<script>
+    // Daily Reports Chart
+    const dailyCtx = document.getElementById('dailyReportsChart');
+    if (dailyCtx) {
+        const dailyData = {{ daily_reports }};
+        new Chart(dailyCtx, {
+            type: 'line',
+            data: {
+                labels: dailyData.map(d => new Date(d.date).toLocaleDateString('bg-BG')),
+                datasets: [{
+                    label: 'Доклади',
+                    data: dailyData.map(d => d.count),
+                    borderColor: '#1e3a8a',
+                    backgroundColor: 'rgba(30, 58, 138, 0.1)',
+                    tension: 0.4
+                }]
+            },
+            options: {
+                responsive: true,
+                maintainAspectRatio: true,
+                plugins: {
+                    legend: {
+                        display: true
+                    }
+                },
+                scales: {
+                    y: {
+                        beginAtZero: true
+                    }
+                }
+            }
+        });
+    }
+    
+    // Status Over Time Chart
+    const statusCtx = document.getElementById('statusChart');
+    if (statusCtx) {
+        const statusData = {{ status_over_time }};
+        new Chart(statusCtx, {
+            type: 'bar',
+            data: {
+                labels: statusData.map(d => new Date(d.date).toLocaleDateString('bg-BG')),
+                datasets: [
+                    {
+                        label: 'В Очакване',
+                        data: statusData.map(d => d.pending),
+                        backgroundColor: '#f59e0b'
+                    },
+                    {
+                        label: 'Потвърдени',
+                        data: statusData.map(d => d.verified),
+                        backgroundColor: '#10b981'
+                    },
+                    {
+                        label: 'Отхвърлени',
+                        data: statusData.map(d => d.rejected),
+                        backgroundColor: '#ef4444'
+                    }
+                ]
+            },
+            options: {
+                responsive: true,
+                maintainAspectRatio: true,
+                plugins: {
+                    legend: {
+                        display: true
+                    }
+                },
+                scales: {
+                    y: {
+                        beginAtZero: true,
+                        stacked: false
+                    }
+                }
+            }
+        });
+    }
+</script>
+{% endif %}
+{% endblock %}
diff --git a/templates/analytics/users.html b/templates/analytics/users.html
new file mode 100644
index 0000000..fa8f107
--- /dev/null
+++ b/templates/analytics/users.html
@@ -0,0 +1,18 @@
+{% extends 'base.html' %}
+
+{% block title %}Аналитика на Потребителите - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Аналитика на Потребителите</h2>
+    </div>
+    <div class="gov-card-body">
+        <p>Подробна аналитика на потребителите ще бъде показана тук.</p>
+        <div style="margin-top: 2rem;">
+            <a href="{% url 'analytics:dashboard' %}" class="btn btn-secondary">Обратно към Таблото</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/base.html b/templates/base.html
new file mode 100644
index 0000000..908ee99
--- /dev/null
+++ b/templates/base.html
@@ -0,0 +1,291 @@
+<!DOCTYPE html>
+<html lang="bg" prefix="og: http://ogp.me/ns#">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="csrf-token" content="{{ csrf_token }}">
+    
+    <!-- Primary Meta Tags -->
+    <title>{% block title %}{{ seo.full_title|default:"Портал за Докладване на Измами - България" }}{% endblock %}</title>
+    <meta name="title" content="{% block meta_title %}{{ seo.full_title|default:"Официален Портал за Докладване на Измами - България" }}{% endblock %}">
+    <meta name="description" content="{% block meta_description %}{{ seo.page_description|default:seo.site_description }}{% endblock %}">
+    <meta name="keywords" content="{% block meta_keywords %}{{ seo.page_keywords|default:seo.site_keywords }}{% endblock %}">
+    <meta name="author" content="{{ seo.site_author }}">
+    <meta name="language" content="{{ seo.site_language }}">
+    <meta name="robots" content="{% block meta_robots %}{{ request.meta_robots|default:"index, follow" }}{% endblock %}">
+    <meta name="googlebot" content="index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1">
+    <meta name="bingbot" content="index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1">
+    
+    <!-- Canonical URL -->
+    <link rel="canonical" href="{% block canonical_url %}{{ seo.canonical_url }}{% endblock %}">
+    
+    <!-- Open Graph / Facebook -->
+    <meta property="og:type" content="{% block og_type %}{{ seo.page_type|default:"website" }}{% endblock %}">
+    <meta property="og:url" content="{% block og_url %}{{ seo.canonical_url }}{% endblock %}">
+    <meta property="og:title" content="{% block og_title %}{{ seo.full_title }}{% endblock %}">
+    <meta property="og:description" content="{% block og_description %}{{ seo.page_description|default:seo.site_description }}{% endblock %}">
+    <meta property="og:image" content="{% block og_image %}{{ seo.og_image }}{% endblock %}">
+    <meta property="og:image:width" content="1200">
+    <meta property="og:image:height" content="630">
+    <meta property="og:image:alt" content="{% block og_image_alt %}{{ seo.site_name }}{% endblock %}">
+    <meta property="og:site_name" content="{{ seo.site_name }}">
+    <meta property="og:locale" content="bg_BG">
+    
+    <!-- Twitter Card -->
+    <meta name="twitter:card" content="summary_large_image">
+    <meta name="twitter:url" content="{% block twitter_url %}{{ seo.canonical_url }}{% endblock %}">
+    <meta name="twitter:title" content="{% block twitter_title %}{{ seo.full_title }}{% endblock %}">
+    <meta name="twitter:description" content="{% block twitter_description %}{{ seo.page_description|default:seo.site_description }}{% endblock %}">
+    <meta name="twitter:image" content="{% block twitter_image %}{{ seo.og_image }}{% endblock %}">
+    <meta name="twitter:image:alt" content="{% block twitter_image_alt %}{{ seo.site_name }}{% endblock %}">
+    {% if seo.twitter_site %}<meta name="twitter:site" content="{{ seo.twitter_site }}">{% endif %}
+    {% if seo.twitter_creator %}<meta name="twitter:creator" content="{{ seo.twitter_creator }}">{% endif %}
+    
+    <!-- Additional Meta Tags -->
+    <meta name="theme-color" content="#003366">
+    <meta name="msapplication-TileColor" content="#003366">
+    <meta name="application-name" content="{{ seo.site_name }}">
+    
+    {% load static %}
+    <!-- Favicon -->
+    <link rel="icon" type="image/svg+xml" href="{% static 'images/favicon.svg' %}">
+    <link rel="icon" type="image/x-icon" href="{% static 'favicon.ico' %}">
+    <link rel="shortcut icon" href="{% static 'favicon.ico' %}">
+    <link rel="apple-touch-icon" href="{% static 'images/logo-icon.svg' %}">
+    
+    <!-- Stylesheets -->
+    <link rel="stylesheet" href="{% static 'css/style.css' %}">
+    <link rel="preconnect" href="https://fonts.googleapis.com">
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+    <link href="https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&family=Roboto+Slab:wght@400;700&display=swap" rel="stylesheet">
+    
+    <!-- Structured Data (JSON-LD) -->
+    <script type="application/ld+json">
+    {
+        "@context": "https://schema.org",
+        "@type": "{% block schema_type %}GovernmentOrganization{% endblock %}",
+        "name": "{{ seo.site_name }}",
+        "url": "{{ seo.site_url }}",
+        "logo": "{{ seo.site_image }}",
+        "description": "{{ seo.site_description }}",
+        "address": {
+            "@type": "PostalAddress",
+            "addressCountry": "BG",
+            "addressLocality": "София",
+            "addressRegion": "София"
+        },
+        "contactPoint": {
+            "@type": "ContactPoint",
+            "email": "{{ site_settings.contact_email }}",
+            {% if site_settings.contact_phone %}"telephone": "{{ site_settings.contact_phone }}",{% endif %}
+            "contactType": "customer service",
+            "availableLanguage": "bg"
+        },
+        "sameAs": [
+            "{{ seo.site_url }}"
+        ],
+        "inLanguage": "bg"
+    }
+    </script>
+    
+    {% block extra_head %}{% endblock %}
+    {% block extra_css %}{% endblock %}
+</head>
+<body>
+    <!-- Government Header -->
+    <header class="gov-header">
+        <div class="gov-header-top">
+            <div class="container">
+                <div class="gov-header-content">
+                    <div class="gov-logo-section">
+                        <a href="{% url 'reports:home' %}" class="gov-logo-link">
+                            <div class="gov-logo">
+                                <img src="{% static 'images/logo-icon.svg' %}" alt="Анти-Измами Лого" class="logo-icon">
+                            </div>
+                            <div class="gov-title">
+                                <h1>Официален Портал</h1>
+                                <p class="gov-subtitle">за Докладване на Измами</p>
+                            </div>
+                        </a>
+                    </div>
+                    <div class="gov-badge">
+                        <span class="badge-text">Официален</span>
+                        <span class="badge-subtext">Портал</span>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <nav class="gov-navbar">
+            <div class="container">
+                <button class="mobile-menu-toggle" aria-label="Toggle menu" id="mobileMenuToggle">
+                    <span></span>
+                    <span></span>
+                    <span></span>
+                </button>
+                <ul class="gov-nav" id="mainNav">
+                    <li class="nav-main-item"><a href="{% url 'reports:home' %}" class="{% if request.resolver_match.url_name == 'home' %}active{% endif %}">🏠 Начало</a></li>
+                    <li class="nav-main-item"><a href="{% url 'reports:list' %}" class="{% if 'reports' in request.path and 'list' in request.path %}active{% endif %}">📋 Доклади</a></li>
+                    <li class="nav-main-item"><a href="{% url 'reports:create' %}" class="{% if 'create' in request.path %}active{% endif %}">➕ Докладване</a></li>
+                    <li class="nav-main-item"><a href="{% url 'reports:contact' %}" class="{% if 'contact' in request.path %}active{% endif %}">📞 Контакти</a></li>
+                    {% if user.is_authenticated %}
+                        <li class="nav-main-item"><a href="{% url 'reports:my_reports' %}" class="{% if 'my-reports' in request.path %}active{% endif %}">📝 Моите Доклади</a></li>
+                        {% if user.is_moderator %}
+                            <li class="nav-main-item"><a href="{% url 'moderation:dashboard' %}" class="{% if 'moderation' in request.path %}active{% endif %}">⚖️ Модерация</a></li>
+                        {% endif %}
+                        {% if user.is_administrator %}
+                            <li class="nav-main-item"><a href="{% url 'analytics:dashboard' %}" class="{% if 'analytics' in request.path %}active{% endif %}">📊 Аналитика</a></li>
+                            <li class="nav-main-item"><a href="{% url 'osint:admin_dashboard' %}" class="{% if 'osint/admin-dashboard' in request.path %}active{% endif %}">🤖 OSINT Админ</a></li>
+                        {% endif %}
+                    {% endif %}
+                    <li class="nav-spacer"></li>
+                    {% if user.is_authenticated %}
+                        <li class="nav-auth-item nav-user">
+                            <a href="{% url 'accounts:profile' %}" class="user-link">
+                                <span class="user-icon">👤</span>
+                                <span>{{ user.username }}</span>
+                            </a>
+                        </li>
+                        <li class="nav-auth-item"><a href="{% url 'accounts:logout' %}" 
+                               class="logout-link"
+                               data-confirm="Сигурни ли сте, че искате да излезете?"
+                               data-confirm-title="Изход от системата">🚪 Изход</a></li>
+                    {% else %}
+                        <li class="nav-auth-item"><a href="{% url 'accounts:login' %}" class="login-link">🔐 Вход</a></li>
+                        <li class="nav-auth-item"><a href="{% url 'accounts:register' %}" class="register-link">📝 Регистрация</a></li>
+                    {% endif %}
+                </ul>
+            </div>
+        </nav>
+    </header>
+
+    <!-- Main Content -->
+    <main class="gov-main">
+        <div class="container">
+            {% if messages %}
+                <div class="gov-messages">
+                    {% for message in messages %}
+                        <div class="gov-alert gov-alert-{{ message.tags }}">
+                            <div class="alert-icon">
+                                {% if message.tags == 'success' %}✓{% elif message.tags == 'error' %}✕{% else %}ℹ{% endif %}
+                            </div>
+                            <div class="alert-content">
+                                <strong>{{ message.tags|title }}:</strong> {{ message }}
+                            </div>
+                        </div>
+                    {% endfor %}
+                </div>
+            {% endif %}
+
+            {% block content %}{% endblock %}
+        </div>
+    </main>
+
+    <!-- Government Footer -->
+    <footer class="gov-footer">
+        <div class="container">
+            <div class="footer-content">
+                <div class="footer-section">
+                    <a href="{% url 'reports:home' %}" class="footer-logo-link-small">
+                        <img src="{% static 'images/logo.svg' %}" alt="Анти-Измами Лого" class="footer-logo-small">
+                    </a>
+                    <p style="margin-top: 1rem;">За защита на гражданите от измами в българското интернет пространство</p>
+                </div>
+                <div class="footer-section">
+                    <h4>Бързи Връзки</h4>
+                    <ul>
+                        <li><a href="{% url 'reports:home' %}">Начало</a></li>
+                        <li><a href="{% url 'reports:list' %}">Доклади</a></li>
+                        <li><a href="{% url 'reports:create' %}">Докладване</a></li>
+                        <li><a href="{% url 'reports:search' %}">Търсене</a></li>
+                    </ul>
+                </div>
+                <div class="footer-section">
+                    <h4>Правна Информация</h4>
+                    <ul>
+                        <li><a href="{% url 'legal:privacy' %}">Политика за Поверителност</a></li>
+                        <li><a href="{% url 'legal:terms' %}">Условия за Ползване</a></li>
+                        <li><a href="{% url 'legal:data_request' %}">Заявка за Данни</a></li>
+                    </ul>
+                </div>
+                <div class="footer-section">
+                    <h4>Контакти</h4>
+                    <p>Email: <a href="mailto:{{ site_settings.contact_email }}">{{ site_settings.contact_email }}</a></p>
+                    {% if site_settings.contact_phone %}
+                    <p>Телефон: <a href="tel:{{ site_settings.contact_phone }}">{{ site_settings.contact_phone }}</a></p>
+                    {% endif %}
+                    {% if site_settings.contact_address %}
+                    <p>Адрес: {{ site_settings.contact_address }}</p>
+                    {% endif %}
+                    <p style="margin-top: 1rem;"><a href="{% url 'reports:contact' %}" style="color: var(--gov-accent); font-weight: 600;">Свържете се с нас</a></p>
+                </div>
+            </div>
+            <div class="footer-bottom">
+                <div class="footer-seal">
+                    <a href="{% url 'reports:home' %}" class="footer-logo-link">
+                        <img src="{% static 'images/logo.svg' %}" alt="Анти-Измами Лого" class="footer-logo">
+                    </a>
+                    <div class="seal-text">
+                        <strong>Официален Портал</strong>
+                        <span>Република България</span>
+                    </div>
+                </div>
+                <p class="copyright">&copy; 2024 Официален Портал за Докладване на Измами. Всички права запазени.</p>
+            </div>
+        </div>
+    </footer>
+
+    <!-- Cookie Consent Banner -->
+    <div id="cookie-consent-banner" role="dialog" aria-labelledby="cookie-consent-title" aria-live="polite">
+        <div class="cookie-consent-container">
+            <div class="cookie-consent-content">
+                <h3 id="cookie-consent-title" class="cookie-consent-title">Управление на Бисквитки</h3>
+                <p class="cookie-consent-text">
+                    Използваме <strong>само функционални бисквитки</strong>, необходими за правилната работа на платформата. 
+                    Не събираме данни за проследяване, реклами или аналитика. 
+                    Бисквитките се използват изключително за запазване на вашите настройки и сигурност на сесията. 
+                    За повече информация вижте нашата <a href="{% url 'legal:privacy' %}" target="_blank">Политика за Поверителност</a>.
+                </p>
+                <div class="cookie-consent-info">
+                    Всички функционални бисквитки са необходими за работата на платформата и не могат да бъдат деактивирани.
+                </div>
+            </div>
+            <div class="cookie-consent-actions">
+                <button type="button" class="cookie-consent-btn cookie-consent-btn-accept" onclick="CookieConsent.accept()" aria-label="Приемам използването на функционални бисквитки">
+                    Приемам
+                </button>
+                <button type="button" class="cookie-consent-btn cookie-consent-btn-decline" onclick="CookieConsent.decline()" aria-label="Отказвам използването на бисквитки">
+                    Отказвам
+                </button>
+            </div>
+        </div>
+    </div>
+
+    {% block extra_js %}{% endblock %}
+    <script src="{% static 'js/popups.js' %}"></script>
+    <script src="{% static 'js/bot-protection.js' %}"></script>
+    <script src="{% static 'js/cookie-consent.js' %}"></script>
+    <script>
+        // Mobile menu toggle
+        document.addEventListener('DOMContentLoaded', function() {
+            const menuToggle = document.getElementById('mobileMenuToggle');
+            const mainNav = document.getElementById('mainNav');
+            
+            if (menuToggle && mainNav) {
+                menuToggle.addEventListener('click', function() {
+                    mainNav.classList.toggle('mobile-open');
+                    menuToggle.classList.toggle('active');
+                });
+                
+                // Close menu when clicking outside
+                document.addEventListener('click', function(event) {
+                    if (!menuToggle.contains(event.target) && !mainNav.contains(event.target)) {
+                        mainNav.classList.remove('mobile-open');
+                        menuToggle.classList.remove('active');
+                    }
+                });
+            }
+        });
+    </script>
+</body>
+</html>
+
diff --git a/templates/legal/data_request.html b/templates/legal/data_request.html
new file mode 100644
index 0000000..b2066e4
--- /dev/null
+++ b/templates/legal/data_request.html
@@ -0,0 +1,48 @@
+{% extends 'base.html' %}
+
+{% block title %}Заявка за Данни - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>GDPR Заявка за Данни</h2>
+    <p class="form-description">Съгласно GDPR, имате правото да получите достъп, да коригирате или да изтриете вашите лични данни. Изпратете заявка по-долу.</p>
+    
+    <form method="post">
+        {% csrf_token %}
+        <div class="form-group">
+            <label for="id_request_type">Тип Заявка *</label>
+            {{ form.request_type }}
+            {% if form.request_type.errors %}
+                <div class="error-message">{{ form.request_type.errors }}</div>
+            {% endif %}
+        </div>
+
+        <div class="form-group">
+            <label for="id_description">Допълнителни Детайли</label>
+            {{ form.description }}
+            {% if form.description.errors %}
+                <div class="error-message">{{ form.description.errors }}</div>
+            {% endif %}
+            <small class="form-text">Предоставете допълнителна информация за вашата заявка</small>
+        </div>
+
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary">Изпращане на Заявка</button>
+            <a href="{% url 'accounts:profile' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+
+    <div class="info-box">
+        <h3>Типове Заявки</h3>
+        <ul>
+            <li><strong>Достъп до Данни:</strong> Получете копие на всички ваши лични данни</li>
+            <li><strong>Изтриване на Данни:</strong> Заявка за изтриване на вашите лични данни</li>
+            <li><strong>Преносимост на Данни:</strong> Получете вашите данни в машиночетим формат</li>
+            <li><strong>Коригиране на Данни:</strong> Заявка за корекция на неточни данни</li>
+            <li><strong>Възражение:</strong> Възражение срещу обработката на вашите данни</li>
+            <li><strong>Ограничаване:</strong> Заявка за ограничаване на обработката на данни</li>
+        </ul>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/legal/data_request_detail.html b/templates/legal/data_request_detail.html
new file mode 100644
index 0000000..4fe7336
--- /dev/null
+++ b/templates/legal/data_request_detail.html
@@ -0,0 +1,66 @@
+{% extends 'base.html' %}
+
+{% block title %}Статус на Заявка за Данни - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Статус на Заявка за Данни</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="info-section">
+            <h3>Информация за Заявката</h3>
+            <div class="info-grid">
+                <div><strong>Тип Заявка:</strong> {{ data_request.get_request_type_display }}</div>
+                <div><strong>Статус:</strong> <span class="badge badge-{{ data_request.status }}">{{ data_request.get_status_display }}</span></div>
+                <div><strong>Изпратено:</strong> {{ data_request.requested_at|date:"d F Y, H:i" }}</div>
+                {% if data_request.completed_at %}
+                <div><strong>Завършено:</strong> {{ data_request.completed_at|date:"d F Y, H:i" }}</div>
+                {% endif %}
+                {% if data_request.handled_by %}
+                <div><strong>Обработено от:</strong> {{ data_request.handled_by.username }}</div>
+                {% endif %}
+            </div>
+        </div>
+
+        {% if data_request.description %}
+        <div class="info-section">
+            <h3>Описание</h3>
+            <p style="line-height: 1.8;">{{ data_request.description|linebreaks }}</p>
+        </div>
+        {% endif %}
+
+        {% if data_request.response_file %}
+        <div class="info-section">
+            <h3>Отговор</h3>
+            <p>Вашата заявка е завършена. Изтеглете файла с отговора:</p>
+            <a href="{{ data_request.response_file.url }}" class="btn btn-primary" download>Изтегляне на Отговор</a>
+        </div>
+        {% elif data_request.response_data %}
+        <div class="info-section">
+            <h3>Отговор</h3>
+            <pre style="background: var(--gov-light); padding: 1rem; border-radius: 6px; overflow-x: auto;">{{ data_request.response_data|safe }}</pre>
+        </div>
+        {% endif %}
+
+        {% if data_request.status == 'pending' or data_request.status == 'in_progress' %}
+        <div class="info-section">
+            <div class="gov-alert gov-alert-info">
+                <div class="alert-icon">ℹ</div>
+                <div class="alert-content">
+                    <p>Вашата заявка се обработва. Ще бъдете уведомени, когато бъде завършена.</p>
+                </div>
+            </div>
+        </div>
+        {% endif %}
+
+        <div class="request-actions">
+            <a href="{% url 'accounts:profile' %}" class="btn btn-secondary">Обратно към Профил</a>
+            {% if data_request.status == 'pending' %}
+            <a href="{% url 'legal:data_request' %}" class="btn btn-secondary">Изпращане на Нова Заявка</a>
+            {% endif %}
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/legal/privacy_policy.html b/templates/legal/privacy_policy.html
new file mode 100644
index 0000000..2a95807
--- /dev/null
+++ b/templates/legal/privacy_policy.html
@@ -0,0 +1,497 @@
+{% extends 'base.html' %}
+
+{% block title %}Политика за Поверителност - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="legal-page">
+    <h1>Политика за Поверителност</h1>
+    <p class="last-updated">Последна актуализация: {{ "now"|date:"d F Y" }}</p>
+    <p class="version">Версия: 2.0</p>
+    
+    <section>
+        <h2>1. Въведение и Правна Основа</h2>
+        <p>Тази Политика за Поверителност обяснява как събираме, използваме, съхраняваме и защитаваме вашата лична информация, когато използвате нашия Официален Портал за Докладване на Измами и Мошеничества.</p>
+        <p>Тази политика е съставена в съответствие с:</p>
+        <ul>
+            <li><strong>Регламент (ЕС) 2016/679</strong> (Общ регламент за защита на данните - GDPR)</li>
+            <li><strong>Закон за защита на личните данни</strong> (ЗЗЛД) - българската имплементация на GDPR</li>
+            <li><strong>Закон за електронната търговия</strong></li>
+            <li><strong>Закон за защита на потребителите</strong></li>
+            <li><strong>Закон за киберпрестъпността</strong></li>
+        </ul>
+        <p>Чрез използването на нашата платформа, вие се съгласявате с условията на тази Политика за Поверителност.</p>
+    </section>
+
+    <section>
+        <h2>2. Администратор на Лични Данни (Data Controller)</h2>
+        <p>Администраторът на личните данни е юридическото лице, което определя целите и средствата за обработка на личните данни:</p>
+        <ul>
+            <li><strong>Име:</strong> [Име на организацията]</li>
+            <li><strong>Адрес:</strong> [Пълният адрес на организацията]</li>
+            <li><strong>ЕИК/БУЛСТАТ:</strong> [ЕИК номер]</li>
+            <li><strong>Имейл за контакт:</strong> [Имейл адрес]</li>
+            <li><strong>Телефон:</strong> [Телефонен номер]</li>
+        </ul>
+        <p>Ако имате въпроси относно обработката на вашите лични данни, можете да се свържете с нас на посочения адрес или имейл.</p>
+    </section>
+
+    <section>
+        <h2>3. Длъжностно Лице по Защита на Данните (DPO)</h2>
+        <p>В съответствие с чл. 37 от GDPR, ние сме назначили Длъжностно лице по защита на данните (Data Protection Officer - DPO), което можете да контактирате за всички въпроси, свързани с обработката на личните данни и упражняването на вашите права:</p>
+        <ul>
+            <li><strong>Имейл:</strong> dpo@[domain].bg</li>
+            <li><strong>Адрес:</strong> [Адрес на DPO]</li>
+        </ul>
+        <p>Можете също да подадете жалба до Комисията за защита на личните данни (КПЗЛД):</p>
+        <ul>
+            <li><strong>Адрес:</strong> ул. "Проф. Цвятко Лазаров" № 2, София 1592</li>
+            <li><strong>Телефон:</strong> 02/91-53-518</li>
+            <li><strong>Имейл:</strong> kzld@cpdp.bg</li>
+            <li><strong>Уебсайт:</strong> www.cpdp.bg</li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>4. Категории Лични Данни, Които Събираме</h2>
+        
+        <h3>4.1 Данни, Които Предоставяте Директно</h3>
+        <ul>
+            <li><strong>Данни за регистрация и акаунт:</strong>
+                <ul>
+                    <li>Потребителско име</li>
+                    <li>Имейл адрес</li>
+                    <li>Парола (хеширана)</li>
+                    <li>Име и фамилия</li>
+                    <li>Телефонен номер (по избор)</li>
+                </ul>
+            </li>
+            <li><strong>Данни в профила:</strong>
+                <ul>
+                    <li>Предпочитания за комуникация</li>
+                    <li>Настройки за уведомления</li>
+                    <li>Други данни, които изберете да споделите</li>
+                </ul>
+            </li>
+            <li><strong>Данни в докладите за измами:</strong>
+                <ul>
+                    <li>Детайли за събитието/измамата</li>
+                    <li>Доказателства (документи, снимки, скрийншоти)</li>
+                    <li>Информация за трети страни (ако е приложимо)</li>
+                    <li>Дата, час и място на събитието</li>
+                </ul>
+            </li>
+            <li><strong>Комуникационни данни:</strong>
+                <ul>
+                    <li>Съдържание на съобщения, които изпращате до нас</li>
+                    <li>Отзиви и коментари</li>
+                </ul>
+            </li>
+        </ul>
+
+        <h3>4.2 Данни, Събирани Автоматично</h3>
+        <ul>
+            <li><strong>Технически данни:</strong>
+                <ul>
+                    <li>IP адрес</li>
+                    <li>Тип и версия на браузъра</li>
+                    <li>Операционна система</li>
+                    <li>Информация за устройството (модел, резолюция на екрана)</li>
+                    <li>Уникални идентификатори на устройството</li>
+                </ul>
+            </li>
+            <li><strong>Данни за използване:</strong>
+                <ul>
+                    <li>Логове на активност</li>
+                    <li>Страници, които посещавате</li>
+                    <li>Време на посещение</li>
+                    <li>Кликвания и взаимодействия</li>
+                    <li>Референтиращи URL адреси</li>
+                </ul>
+            </li>
+            <li><strong>Данни от бисквитки (Cookies):</strong>
+                <ul>
+                    <li>Сесийни бисквитки</li>
+                    <li>Бисквитки за функционалност</li>
+                    <li>Аналитични бисквитки (със съгласие)</li>
+                    <li>Маркетингови бисквитки (със съгласие)</li>
+                </ul>
+            </li>
+        </ul>
+
+        <h3>4.3 Специални Категории Данни</h3>
+        <p>В определени случаи може да обработваме специални категории лични данни (чл. 9 от GDPR), като:</p>
+        <ul>
+            <li>Данни, разкрити от вас в докладите, които могат да съдържат информация за етнически произход, политически възгледи, религиозни убеждения и др.</li>
+        </ul>
+        <p>Такава обработка се извършва само с ваше изрично съгласие или когато е необходимо за установяване, упражняване или защита на правни претенции (чл. 9, параграф 2, буква "f" от GDPR).</p>
+    </section>
+
+    <section>
+        <h2>5. Правни Основи за Обработка</h2>
+        <p>Обработваме вашите лични данни на следните правни основания съгласно чл. 6 от GDPR:</p>
+        <ul>
+            <li><strong>Съгласие (чл. 6, параграф 1, буква "а"):</strong>
+                <ul>
+                    <li>За маркетингови комуникации</li>
+                    <li>За аналитични бисквитки</li>
+                    <li>За обработка на специални категории данни</li>
+                </ul>
+            </li>
+            <li><strong>Изпълнение на договор (чл. 6, параграф 1, буква "b"):</strong>
+                <ul>
+                    <li>За предоставяне на услугите на платформата</li>
+                    <li>За обработка и преглед на доклади</li>
+                    <li>За управление на вашия акаунт</li>
+                </ul>
+            </li>
+            <li><strong>Правно задължение (чл. 6, параграф 1, буква "c"):</strong>
+                <ul>
+                    <li>За съответствие с българското законодателство</li>
+                    <li>За сътрудничество с компетентните органи</li>
+                    <li>За съхранение на данни според изискванията на закона</li>
+                </ul>
+            </li>
+            <li><strong>Легитимен интерес (чл. 6, параграф 1, буква "f"):</strong>
+                <ul>
+                    <li>За подобряване на услугите и функционалността</li>
+                    <li>За сигурност и предотвратяване на измами</li>
+                    <li>За техническа поддръжка и отстраняване на проблеми</li>
+                    <li>За защита на правата и интересите на платформата и потребителите</li>
+                </ul>
+            </li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>6. Цели на Обработката</h2>
+        <p>Обработваме вашите лични данни за следните цели:</p>
+        <ul>
+            <li><strong>Предоставяне на услуги:</strong>
+                <ul>
+                    <li>Регистрация и управление на акаунт</li>
+                    <li>Обработка и преглед на доклади за измами</li>
+                    <li>Комуникация с вас относно докладите</li>
+                    <li>Предоставяне на техническа поддръжка</li>
+                </ul>
+            </li>
+            <li><strong>Съответствие с правни задължения:</strong>
+                <ul>
+                    <li>Сътрудничество с компетентните органи при необходимост</li>
+                    <li>Съхранение на данни според изискванията на закона</li>
+                    <li>Отчитане и документиране на дейностите</li>
+                </ul>
+            </li>
+            <li><strong>Подобряване на услугите:</strong>
+                <ul>
+                    <li>Анализ на използването на платформата</li>
+                    <li>Разработване на нови функции</li>
+                    <li>Оптимизация на производителността</li>
+                </ul>
+            </li>
+            <li><strong>Сигурност:</strong>
+                <ul>
+                    <li>Предотвратяване на измами и злоупотреби</li>
+                    <li>Защита срещу неоторизиран достъп</li>
+                    <li>Мониторинг на подозрителна дейност</li>
+                </ul>
+            </li>
+            <li><strong>Маркетинг (със съгласие):</strong>
+                <ul>
+                    <li>Изпращане на информационни бюлетини</li>
+                    <li>Уведомления за нови функции</li>
+                    <li>Промоционални съобщения</li>
+                </ul>
+            </li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>7. Получатели на Личните Данни</h2>
+        <p>Вашите лични данни могат да бъдат разкрити на следните категории получатели:</p>
+        <ul>
+            <li><strong>Вътрешни получатели:</strong>
+                <ul>
+                    <li>Служители и администратори на платформата, които имат нужда от достъп за изпълнение на служебните си задължения</li>
+                </ul>
+            </li>
+            <li><strong>Външни получатели:</strong>
+                <ul>
+                    <li><strong>Обработващи на данни (Processors):</strong> Трети страни, които обработват данни от наше име:
+                        <ul>
+                            <li>Хостинг доставчици</li>
+                            <li>Доставчици на облачни услуги</li>
+                            <li>Доставчици на имейл услуги</li>
+                            <li>Доставчици на аналитични инструменти</li>
+                            <li>Доставчици на услуги за сигурност</li>
+                        </ul>
+                    </li>
+                    <li><strong>Компетентни органи:</strong> Когато е изискано от закона или при съдебно разпореждане:
+                        <ul>
+                            <li>Съдебни власти</li>
+                            <li>Правоохранителни органи</li>
+                            <li>Комисия за защита на личните данни</li>
+                            <li>Други държавни органи</li>
+                        </ul>
+                    </li>
+                </ul>
+            </li>
+        </ul>
+        <p>Всички обработващи на данни са задължени да спазват GDPR и да прилагат подходящи мерки за сигурност. С тях са сключени договори за обработка на данни (Data Processing Agreements) в съответствие с чл. 28 от GDPR.</p>
+    </section>
+
+    <section>
+        <h2>8. Прехвърляне на Данни извън ЕС/ЕИП</h2>
+        <p>В определени случаи вашите лични данни могат да бъдат прехвърлени в държави извън Европейския съюз или Европейското икономическо пространство (ЕИП).</p>
+        <p>При прехвърляне на данни извън ЕС/ЕИП, ние гарантираме адекватна защита чрез:</p>
+        <ul>
+            <li>Решения за адекватност на Европейската комисия (чл. 45 от GDPR)</li>
+            <li>Стандартни договорни клаузи, одобрени от Европейската комисия (чл. 46, параграф 2, буква "c" от GDPR)</li>
+            <li>Други подходящи гаранции в съответствие с GDPR</li>
+        </ul>
+        <p>Можете да поискате информация за конкретните гаранции, приложими при прехвърляне на вашите данни, като се свържете с нас или с DPO.</p>
+    </section>
+
+    <section>
+        <h2>9. Период на Съхранение на Данните</h2>
+        <p>Съхраняваме вашите лични данни само толкова дълго, колкото е необходимо за постигане на целите, за които са събрани, или колкото е изискано от закона.</p>
+        <ul>
+            <li><strong>Данни за акаунт:</strong> Докато акаунтът ви е активен. След деактивиране, данните се съхраняват още 3 години за целите на съответствие с правните изисквания, след което се изтриват окончателно.</li>
+            <li><strong>Доклади за измами:</strong> Минимум 5 години след последната активност по доклада, в съответствие с изискванията на Закона за киберпрестъпността и други приложими закони.</li>
+            <li><strong>Логове и технически данни:</strong> До 12 месеца, освен ако по-дълъг период не е изискван за целите на сигурността или съответствие с закона.</li>
+            <li><strong>Маркетингови данни:</strong> До оттегляне на съгласието или до 2 години след последната активност.</li>
+            <li><strong>Данни за съгласие:</strong> До 5 години след оттегляне на съгласието, за целите на доказване на съгласието.</li>
+        </ul>
+        <p>След изтичане на периода на съхранение, данните се изтриват безопасно или се анонимизират, така че да не могат да бъдат свързани с вас.</p>
+    </section>
+
+    <section>
+        <h2>10. Вашите Права като Субект на Данни</h2>
+        <p>Съгласно GDPR и българското законодателство, вие имате следните права:</p>
+        
+        <h3>10.1 Право на достъп (чл. 15 от GDPR)</h3>
+        <p>Имате право да получите потвърждение дали обработваме вашите лични данни и достъп до тези данни, включително информация за:</p>
+        <ul>
+            <li>Целите на обработката</li>
+            <li>Категориите лични данни</li>
+            <li>Получателите на данните</li>
+            <li>Периода на съхранение</li>
+            <li>Вашите права</li>
+        </ul>
+
+        <h3>10.2 Право на коригиране (чл. 16 от GDPR)</h3>
+        <p>Имате право да поискате коригиране на неточни или непълни лични данни без ненужно забавяне.</p>
+
+        <h3>10.3 Право на изтриване - "Право да бъдеш забравен" (чл. 17 от GDPR)</h3>
+        <p>Имате право да поискате изтриване на вашите лични данни, когато:</p>
+        <ul>
+            <li>Данните вече не са необходими за целите, за които са събрани</li>
+            <li>Оттеглите съгласието си и няма друга правна основа за обработка</li>
+            <li>Възразите срещу обработката и няма преобладаващи легитимни основания</li>
+            <li>Данните са обработвани незаконно</li>
+        </ul>
+        <p><strong>Важно:</strong> Правото на изтриване може да бъде ограничено, когато обработката е необходима за:</p>
+        <ul>
+            <li>Съответствие с правно задължение</li>
+            <li>Установяване, упражняване или защита на правни претенции</li>
+            <li>Изпълнение на задача от обществен интерес</li>
+        </ul>
+
+        <h3>10.4 Право на ограничаване на обработката (чл. 18 от GDPR)</h3>
+        <p>Имате право да поискате ограничаване на обработката на вашите данни, когато:</p>
+        <ul>
+            <li>Оспорвате точността на данните</li>
+            <li>Обработката е незаконна, но не желаете изтриване</li>
+            <li>Вече не са необходими данните, но са нужни за правни претенции</li>
+            <li>Възразили сте срещу обработката</li>
+        </ul>
+
+        <h3>10.5 Право на преносимост на данните (чл. 20 от GDPR)</h3>
+        <p>Имате право да получите вашите лични данни в структуриран, широко използван и машиночетим формат и да ги прехвърлите на друг администратор, когато:</p>
+        <ul>
+            <li>Обработката се основава на съгласие или договор</li>
+            <li>Обработката се извършва по автоматизиран начин</li>
+        </ul>
+
+        <h3>10.6 Право на възражение (чл. 21 от GDPR)</h3>
+        <p>Имате право да възразите срещу обработката на вашите лични данни, когато обработката се основава на легитимен интерес (чл. 6, параграф 1, буква "f" от GDPR).</p>
+        <p>След получаване на възражение, ние ще спрем обработката, освен ако не докажем притежаване на преобладаващи легитимни основания за обработката.</p>
+
+        <h3>10.7 Право да не подлежите на автоматизирано вземане на решения, включително профилиране (чл. 22 от GDPR)</h3>
+        <p>Имате право да не подлежите на решение, основано изключително на автоматизирана обработка, включително профилиране, което произвежда правни последици за вас или по подобен начин засяга значително вас.</p>
+        <p>Това право не се прилага, ако решението:</p>
+        <ul>
+            <li>Е необходимо за сключване или изпълнение на договор</li>
+            <li>Е разрешено от правото на ЕС или на държавата членка</li>
+            <li>Се основава на вашето изрично съгласие</li>
+        </ul>
+
+        <h3>10.8 Право на оттегляне на съгласието (чл. 7, параграф 3 от GDPR)</h3>
+        <p>Когато обработката се основава на съгласие, имате право да оттеглите съгласието си по всяко време. Оттеглянето на съгласието не засяга законността на обработката, извършена преди оттеглянето.</p>
+
+        <h3>10.9 Право на жалба до надзорен орган</h3>
+        <p>Имате право да подадете жалба до надзорния орган, особено в държавата членка, в която пребивавате, работите или на чиято територия е настъпило предполагаемо нарушение, ако смятате, че обработката на вашите лични данни нарушава GDPR.</p>
+        <p>В България надзорният орган е:</p>
+        <ul>
+            <li><strong>Комисия за защита на личните данни (КПЗЛД)</strong></li>
+            <li>ул. "Проф. Цвятко Лазаров" № 2, София 1592</li>
+            <li>Телефон: 02/91-53-518</li>
+            <li>Имейл: kzld@cpdp.bg</li>
+            <li>Уебсайт: www.cpdp.bg</li>
+        </ul>
+
+        <h3>10.10 Как да Упражните Вашите Права</h3>
+        <p>За упражняване на някое от вашите права, моля:</p>
+        <ul>
+            <li>Използвайте формата за заявка за данни: <a href="{% url 'legal:data_request' %}">Заявка за упражняване на права</a></li>
+            <li>Изпратете имейл на: dpo@[domain].bg</li>
+            <li>Изпратете писмено заявление на адреса на администратора</li>
+        </ul>
+        <p>Ще отговорим на вашата заявка в срок от <strong>30 дни</strong> (чл. 12, параграф 3 от GDPR). В сложни случаи срокът може да бъде удължен с още 60 дни, като ще ви уведомим за това.</p>
+        <p>Обикновено не се налага такса за упражняване на правата ви, освен ако заявката е явно неоснователна или прекомерна (чл. 12, параграф 5 от GDPR).</p>
+    </section>
+
+    <section>
+        <h2>11. Бисквитки (Cookies) и Следящи Технологии</h2>
+        <p>Нашата платформа използва бисквитки и подобни технологии за подобряване на функционалността и потребителското изживяване.</p>
+        
+        <h3>11.1 Видове Бисквитки</h3>
+        <ul>
+            <li><strong>Необходими бисквитки:</strong> Необходими за основната функционалност на платформата. Не изискват съгласие.</li>
+            <li><strong>Функционални бисквитки:</strong> Позволяват запомняне на вашите предпочитания. Изискват съгласие.</li>
+            <li><strong>Аналитични бисквитки:</strong> Използват се за анализ на използването на платформата. Изискват съгласие.</li>
+            <li><strong>Маркетингови бисквитки:</strong> Използват се за персонализирани реклами. Изискват съгласие.</li>
+        </ul>
+
+        <h3>11.2 Управление на Бисквитки</h3>
+        <p>Можете да управлявате или изтривате бисквитките по всяко време чрез настройките на вашия браузър. Можете да промените съгласието си за бисквитки по всяко време чрез настройките на платформата.</p>
+    </section>
+
+    <section>
+        <h2>12. Технически и Организационни Мерки за Защита</h2>
+        <p>Прилагаме подходящи технически и организационни мерки за защита на вашите лични данни срещу неоторизиран достъп, промяна, разкриване или унищожаване, в съответствие с чл. 32 от GDPR:</p>
+        <ul>
+            <li><strong>Технически мерки:</strong>
+                <ul>
+                    <li>Криптиране на данните при предаване (TLS/SSL)</li>
+                    <li>Криптиране на данните в покой</li>
+                    <li>Регулярни резервни копия</li>
+                    <li>Системи за откриване и предотвратяване на прониквания</li>
+                    <li>Регулярни актуализации на софтуера и сигурността</li>
+                    <li>Хеширане на пароли (bcrypt/Argon2)</li>
+                    <li>Многофакторна автентификация за администратори</li>
+                </ul>
+            </li>
+            <li><strong>Организационни мерки:</strong>
+                <ul>
+                    <li>Ограничаване на достъпа до данни само на оторизиран персонал</li>
+                    <li>Регулярно обучение на персонала за защита на данните</li>
+                    <li>Политики и процедури за сигурност</li>
+                    <li>Регулярни одити и оценки на риска</li>
+                    <li>Процедури за управление на инциденти</li>
+                    <li>Договори за поверителност със служителите</li>
+                </ul>
+            </li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>13. Уведомяване за Нарушения на Данните</h2>
+        <p>В случай на нарушение на сигурността на личните данни, което вероятно ще доведе до висок риск за правата и свободите на физическите лица, ние ще уведомим:</p>
+        <ul>
+            <li><strong>Надзорния орган (КПЗЛД):</strong> В срок от 72 часа след като стане известно за нарушението (чл. 33 от GDPR)</li>
+            <li><strong>Засегнатите субекти на данни:</strong> Без ненужно забавяне, когато нарушението вероятно ще доведе до висок риск (чл. 34 от GDPR)</li>
+        </ul>
+        <p>Уведомлението ще съдържа:</p>
+        <ul>
+            <li>Описание на характера на нарушението</li>
+            <li>Име и контактни данни на DPO</li>
+            <li>Възможните последствия</li>
+            <li>Мерките, предприети или предложени за справяне с нарушението</li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>14. Автоматизирано Вземане на Решения и Профилиране</h2>
+        <p>В момента нашата платформа не използва автоматизирано вземане на решения или профилиране, което произвежда правни последици за вас или по подобен начин засяга значително вас.</p>
+        <p>Ако в бъдеще започнем да използваме такива технологии, ще ви уведомим и ще ви предоставим възможност да възразите или да поискате човешка намеса в процеса на вземане на решения.</p>
+    </section>
+
+    <section>
+        <h2>15. Данни на Непълнолетни</h2>
+        <p>Нашата платформа не е предназначена за лица под 18 години. Не събираме умишлено лични данни от непълнолетни без съгласието на родител или настойник.</p>
+        <p>Ако установим, че сме събрали данни от непълнолетно лице без подходящо съгласие, ще предприемем стъпки за изтриване на тези данни незабавно.</p>
+        <p>Ако сте родител или настойник и смятате, че вашето дете е предоставило лични данни, моля, свържете се с нас.</p>
+    </section>
+
+    <section>
+        <h2>16. Промени в Политиката за Поверителност</h2>
+        <p>Може да актуализираме тази Политика за Поверителност от време на време, за да отразяваме промени в нашите практики или по други оперативни, правни или регулаторни причини.</p>
+        <p>Ще ви уведомим за всяка значителна промяна чрез:</p>
+        <ul>
+            <li>Публикуване на новата версия на тази страница</li>
+            <li>Имейл уведомление (ако имате регистриран акаунт)</li>
+            <li>Известие в платформата</li>
+        </ul>
+        <p>Препоръчваме ви да преглеждате тази страница периодично, за да сте информирани за това как защитаваме вашите данни.</p>
+        <p>Продължаването на използването на платформата след промените означава приемане на новата Политика за Поверителност.</p>
+    </section>
+
+    <section>
+        <h2>17. Връзки към Други Уебсайтове</h2>
+        <p>Нашата платформа може да съдържа връзки към други уебсайтове, които не управляваме. Не носим отговорност за практиките за поверителност на тези уебсайтове.</p>
+        <p>Препоръчваме ви да преглеждате политиките за поверителност на всеки уебсайт, който посещавате.</p>
+    </section>
+
+    <section>
+        <h2>18. Контакти</h2>
+        <p>Ако имате въпроси, коментари или искате да упражните някое от вашите права относно тази Политика за Поверителност или обработката на вашите лични данни, моля, свържете се с нас:</p>
+        <ul>
+            <li><strong>Администратор на лични данни:</strong>
+                <ul>
+                    <li>Имейл: [имейл адрес]</li>
+                    <li>Адрес: [адрес]</li>
+                    <li>Телефон: [телефон]</li>
+                </ul>
+            </li>
+            <li><strong>Длъжностно лице по защита на данните (DPO):</strong>
+                <ul>
+                    <li>Имейл: dpo@[domain].bg</li>
+                    <li>Адрес: [адрес на DPO]</li>
+                </ul>
+            </li>
+            <li><strong>За упражняване на права:</strong>
+                <ul>
+                    <li>Форма за заявка: <a href="{% url 'legal:data_request' %}">Заявка за упражняване на права</a></li>
+                </ul>
+            </li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>19. Приложимо Право и Юрисдикция</h2>
+        <p>Тази Политика за Поверителност се управлява и тълкува в съответствие с:</p>
+        <ul>
+            <li>Регламент (ЕС) 2016/679 (GDPR)</li>
+            <li>Закон за защита на личните данни (ЗЗЛД)</li>
+            <li>Други приложими български и европейски закони</li>
+        </ul>
+        <p>Всички спорове, произтичащи от или свързани с тази политика, ще бъдат решавани от компетентните български съдилища.</p>
+    </section>
+
+    <section>
+        <h2>20. Допълнителна Информация</h2>
+        <p>За повече информация относно вашите права и как ги упражнявате, можете да посетите:</p>
+        <ul>
+            <li>Официалния уебсайт на Европейската комисия за GDPR: <a href="https://ec.europa.eu/info/law/law-topic/data-protection" target="_blank" rel="noopener noreferrer">https://ec.europa.eu/info/law/law-topic/data-protection</a></li>
+            <li>Уебсайта на Комисията за защита на личните данни: <a href="https://www.cpdp.bg" target="_blank" rel="noopener noreferrer">https://www.cpdp.bg</a></li>
+        </ul>
+    </section>
+
+    <footer class="legal-footer">
+        <p><strong>Последна актуализация:</strong> {{ "now"|date:"d F Y" }}</p>
+        <p><strong>Версия:</strong> 2.0</p>
+        <p>Тази политика е съставена в съответствие с GDPR и българското законодателство.</p>
+    </footer>
+</div>
+{% endblock %}
+
diff --git a/templates/legal/terms_of_service.html b/templates/legal/terms_of_service.html
new file mode 100644
index 0000000..859c5d6
--- /dev/null
+++ b/templates/legal/terms_of_service.html
@@ -0,0 +1,78 @@
+{% extends 'base.html' %}
+
+{% block title %}Условия за Ползване - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="legal-page">
+    <h1>Условия за Ползване</h1>
+    <p class="last-updated">Последна актуализация: {{ "now"|date:"d F Y" }}</p>
+    
+    <section>
+        <h2>1. Приемане на Условията</h2>
+        <p>Чрез достъп и използване на тази платформа, вие приемате и се съгласявате да бъдете обвързани с тези Условия за Ползване.</p>
+    </section>
+
+    <section>
+        <h2>2. Използване на Платформата</h2>
+        <h3>2.1 Разрешено Използване</h3>
+        <p>Можете да използвате платформата за:</p>
+        <ul>
+            <li>Докладване на измами и мошеничества</li>
+            <li>Преглед на потвърдени доклади за измами</li>
+            <li>Принос към усилията за предотвратяване на измами</li>
+        </ul>
+
+        <h3>2.2 Забранени Действия</h3>
+        <p>Вие се съгласявате да не:</p>
+        <ul>
+            <li>Изпращате неверни или подвеждащи доклади</li>
+            <li>Притеснявате или клеветите други</li>
+            <li>Нарушавате приложимите закони</li>
+            <li>Опитвате се да получите неоторизиран достъп</li>
+            <li>Препятствате работата на платформата</li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>3. Изпращане на Доклади</h2>
+        <p>При изпращане на доклади, вие се съгласявате, че:</p>
+        <ul>
+            <li>Всичката предоставена информация е точна според най-добрите ви знания</li>
+            <li>Имате правото да изпратите информацията</li>
+            <li>Докладите ще бъдат прегледани от модератори</li>
+            <li>Запазваме си правото да отхвърлим или премахнем доклади</li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>4. Потребителски Акаунти</h2>
+        <p>Вие сте отговорни за:</p>
+        <ul>
+            <li>Поддържането на поверителността на вашия акаунт</li>
+            <li>Всички дейности под вашия акаунт</li>
+            <li>Уведомяването ни за неоторизиран достъп</li>
+        </ul>
+    </section>
+
+    <section>
+        <h2>5. Интелектуална Собственост</h2>
+        <p>Платформата и нейното съдържание са защитени от авторско право и други закони за интелектуална собственост. Не можете да възпроизвеждате, разпространявате или създавате производни произведения без разрешение.</p>
+    </section>
+
+    <section>
+        <h2>6. Ограничение на Отговорността</h2>
+        <p>Платформата се предоставя "както е" без гаранции. Не носим отговорност за каквито и да било щети, произтичащи от вашето използване на платформата.</p>
+    </section>
+
+    <section>
+        <h2>7. Модификации</h2>
+        <p>Запазваме си правото да модифицираме тези условия по всяко време. Продължителното използване на платформата означава приемане на модифицираните условия.</p>
+    </section>
+
+    <section>
+        <h2>8. Контакт</h2>
+        <p>За въпроси относно тези условия, моля, свържете се с нас чрез платформата.</p>
+    </section>
+</div>
+{% endblock %}
+
diff --git a/templates/moderation/approve.html b/templates/moderation/approve.html
new file mode 100644
index 0000000..747cd4a
--- /dev/null
+++ b/templates/moderation/approve.html
@@ -0,0 +1,26 @@
+{% extends 'base.html' %}
+
+{% block title %}Одобряване на Доклад - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Одобряване на Доклад</h2>
+    <div class="gov-alert gov-alert-info">
+        <div class="alert-icon">ℹ</div>
+        <div class="alert-content">
+            <p>Сигурни ли сте, че искате да одобрите този доклад?</p>
+            <p><strong>{{ object.title }}</strong></p>
+            <p>Това ще маркира доклада като потвърден и ще го направи видим за обществеността.</p>
+        </div>
+    </div>
+    
+    <form method="post" data-loading>
+        {% csrf_token %}
+        <div class="form-actions">
+            <button type="submit" class="btn btn-success" data-tooltip="Докладът ще бъде маркиран като потвърден">Да, Одобрявам</button>
+            <a href="{% url 'moderation:report_detail' object.pk %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/moderation/dashboard.html b/templates/moderation/dashboard.html
new file mode 100644
index 0000000..44cb9a9
--- /dev/null
+++ b/templates/moderation/dashboard.html
@@ -0,0 +1,65 @@
+{% extends 'base.html' %}
+
+{% block title %}Табло за Модерация - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Табло за Модерация</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="stats-grid">
+            <div class="stat-card">
+                <h3>{{ pending_count|default:0 }}</h3>
+                <p>Чакащи Доклади</p>
+                <a href="{% url 'moderation:queue' %}" class="btn btn-sm btn-primary" style="margin-top: 1rem;">Преглед на Опашката</a>
+            </div>
+            <div class="stat-card">
+                <h3>{{ under_review_count|default:0 }}</h3>
+                <p>В Преглед</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ verified_count|default:0 }}</h3>
+                <p>Потвърдени Доклади</p>
+            </div>
+            <div class="stat-card">
+                <h3>🤖 OSINT</h3>
+                <p>Автоматични Доклади</p>
+                <a href="{% url 'osint:auto_report_list' %}" class="btn btn-sm btn-primary" style="margin-top: 1rem;">Преглед на OSINT</a>
+            </div>
+        </div>
+    </div>
+</div>
+
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Последни Доклади</h2>
+    </div>
+    <div class="gov-card-body">
+        {% if reports %}
+        <div class="reports-list">
+            {% for report in reports %}
+            <div class="report-card">
+                <div class="report-header">
+                    <h3><a href="{% url 'moderation:report_detail' report.pk %}">{{ report.title }}</a></h3>
+                    <span class="badge badge-{{ report.status }}">{{ report.get_status_display }}</span>
+                </div>
+                <div class="report-meta">
+                    <span>{{ report.created_at|date:"d F Y, H:i" }}</span>
+                    <span>{{ report.get_scam_type_display }}</span>
+                </div>
+                <div class="report-actions">
+                    <a href="{% url 'moderation:report_detail' report.pk %}" class="btn btn-sm btn-primary">Преглед</a>
+                </div>
+            </div>
+            {% endfor %}
+        </div>
+        {% else %}
+        <div class="empty-state">
+            <p>Няма доклади, чакащи преглед.</p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/moderation/queue.html b/templates/moderation/queue.html
new file mode 100644
index 0000000..e623e70
--- /dev/null
+++ b/templates/moderation/queue.html
@@ -0,0 +1,52 @@
+{% extends 'base.html' %}
+
+{% block title %}Опашка за Модерация - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Опашка за Модерация</h2>
+    </div>
+    <div class="gov-card-body">
+        {% if queue_items %}
+        <div class="reports-list">
+            {% for item in queue_items %}
+            <div class="queue-item">
+                <div class="queue-item-header">
+                    <h3><a href="{% url 'moderation:report_detail' item.report.pk %}">{{ item.report.title }}</a></h3>
+                    <span class="badge badge-priority-{{ item.priority }}">{{ item.get_priority_display }}</span>
+                </div>
+                <div class="queue-item-meta">
+                    <span>Изпратено: {{ item.report.created_at|date:"d F Y, H:i" }}</span>
+                    <span>Вид: {{ item.report.get_scam_type_display }}</span>
+                    {% if item.assigned_to %}
+                    <span>Назначено на: {{ item.assigned_to.username }}</span>
+                    {% endif %}
+                </div>
+                <div class="queue-item-actions">
+                    <a href="{% url 'moderation:report_detail' item.report.pk %}" class="btn btn-primary">Преглед</a>
+                </div>
+            </div>
+            {% endfor %}
+        </div>
+
+        <div class="pagination">
+            {% if page_obj.has_previous %}
+                <a href="?page=1" class="btn btn-secondary">Първа</a>
+                <a href="?page={{ page_obj.previous_page_number }}" class="btn btn-secondary">Предишна</a>
+            {% endif %}
+            <span class="page-info">Страница {{ page_obj.number }} от {{ page_obj.paginator.num_pages }}</span>
+            {% if page_obj.has_next %}
+                <a href="?page={{ page_obj.next_page_number }}" class="btn btn-secondary">Следваща</a>
+                <a href="?page={{ page_obj.paginator.num_pages }}" class="btn btn-secondary">Последна</a>
+            {% endif %}
+        </div>
+        {% else %}
+        <div class="empty-state">
+            <p>Опашката за модерация е празна. Всички доклади са прегледани.</p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/moderation/reject.html b/templates/moderation/reject.html
new file mode 100644
index 0000000..5c57b9a
--- /dev/null
+++ b/templates/moderation/reject.html
@@ -0,0 +1,37 @@
+{% extends 'base.html' %}
+
+{% block title %}Отхвърляне на Доклад - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Отхвърляне на Доклад</h2>
+    <div class="gov-alert gov-alert-warning">
+        <div class="alert-icon">⚠</div>
+        <div class="alert-content">
+            <p>Сигурни ли сте, че искате да отхвърлите този доклад?</p>
+            <p><strong>{{ object.title }}</strong></p>
+        </div>
+    </div>
+    
+    <form method="post" data-loading>
+        {% csrf_token %}
+        <div class="form-group">
+            <label for="id_reason">Причина за Отхвърляне <span style="color: var(--gov-danger);">*</span></label>
+            <textarea name="reason" id="id_reason" class="form-control" rows="5" placeholder="Моля, предоставете ясна и конструктивна причина за отхвърляне на доклада. Тази информация ще бъде видима за автора на доклада и ще му помогне да разбере какво трябва да подобри." required data-tooltip="Причината ще бъде видима за автора на доклада"></textarea>
+            <small class="form-text" style="color: var(--gov-gray); margin-top: 0.5rem;">
+                <strong>Важно:</strong> Причината е задължителна и ще бъде показана на потребителя. Бъдете ясни и конструктивни, за да помогнете на потребителя да разбере какво трябва да подобри.
+            </small>
+        </div>
+        <div class="form-group">
+            <label for="id_notes">Допълнителни Бележки (незадължително)</label>
+            <textarea name="notes" id="id_notes" class="form-control" rows="3" placeholder="Вътрешни бележки, които няма да бъдат видими за потребителя"></textarea>
+            <small class="form-text" style="color: var(--gov-gray);">Тези бележки са само за модератори и администратори и няма да бъдат видими за автора на доклада.</small>
+        </div>
+        <div class="form-actions">
+            <button type="submit" class="btn btn-danger" data-tooltip="Докладът ще бъде отхвърлен">Да, Отхвърлям</button>
+            <a href="{% url 'moderation:report_detail' object.pk %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/moderation/report_detail.html b/templates/moderation/report_detail.html
new file mode 100644
index 0000000..e765fb6
--- /dev/null
+++ b/templates/moderation/report_detail.html
@@ -0,0 +1,103 @@
+{% extends 'base.html' %}
+
+{% block title %}Преглед на Доклад - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>{{ report.title }}</h2>
+        <div style="display: flex; gap: 1rem;">
+            <a href="{% url 'moderation:approve' report.pk %}" class="btn btn-success">Одобряване</a>
+            <a href="{% url 'moderation:reject' report.pk %}" class="btn btn-danger">Отхвърляне</a>
+        </div>
+    </div>
+    <div class="gov-card-body">
+        <div class="info-section">
+            <h3>Информация за Доклада</h3>
+            <div class="info-grid">
+                <div><strong>Статус:</strong> <span class="badge badge-{{ report.status }}">{{ report.get_status_display }}</span></div>
+                <div><strong>Вид:</strong> {{ report.get_scam_type_display }}</div>
+                <div><strong>Докладвано от:</strong> {{ report.get_reporter_display }}</div>
+                <div><strong>Изпратено:</strong> {{ report.created_at|date:"d F Y, H:i" }}</div>
+            </div>
+        </div>
+
+        <div class="info-section">
+            <h3>Описание</h3>
+            <p style="line-height: 1.8;">{{ report.description|linebreaks }}</p>
+        </div>
+
+        <div class="info-section">
+            <h3>Докладвани Обекти</h3>
+            <ul style="list-style: none; padding: 0;">
+                {% if report.reported_url %}
+                <li style="padding: 0.75rem; background: var(--gov-light); margin-bottom: 0.5rem; border-radius: 6px;">
+                    <strong>URL:</strong> <a href="{{ report.reported_url }}" target="_blank">{{ report.reported_url }}</a>
+                </li>
+                {% endif %}
+                {% if report.reported_email %}
+                <li style="padding: 0.75rem; background: var(--gov-light); margin-bottom: 0.5rem; border-radius: 6px;">
+                    <strong>Имейл:</strong> {{ report.reported_email }}
+                </li>
+                {% endif %}
+                {% if report.reported_phone %}
+                <li style="padding: 0.75rem; background: var(--gov-light); margin-bottom: 0.5rem; border-radius: 6px;">
+                    <strong>Телефон:</strong> {{ report.reported_phone }}
+                </li>
+                {% endif %}
+                {% if report.reported_company %}
+                <li style="padding: 0.75rem; background: var(--gov-light); margin-bottom: 0.5rem; border-radius: 6px;">
+                    <strong>Фирма:</strong> {{ report.reported_company }}
+                </li>
+                {% endif %}
+            </ul>
+        </div>
+
+        {% if osint_results %}
+        <div class="info-section">
+            <h3>OSINT Резултати</h3>
+            {% for result in osint_results %}
+            <div class="verification-item" style="padding: 1rem; background: var(--gov-light); margin-bottom: 1rem; border-radius: 8px; border-left: 4px solid var(--gov-info);">
+                <strong>{{ result.get_data_type_display }} ({{ result.source }}):</strong>
+                <span>Увереност: {{ result.confidence_level }}%</span>
+                {% if result.is_verified %}
+                <span class="badge badge-verified">Потвърдено</span>
+                {% endif %}
+            </div>
+            {% endfor %}
+        </div>
+        {% endif %}
+
+        {% if verifications %}
+        <div class="info-section">
+            <h3>Проверки</h3>
+            {% for verification in verifications %}
+            <div class="verification-item" style="padding: 1rem; background: var(--gov-light); margin-bottom: 1rem; border-radius: 8px; border-left: 4px solid var(--gov-secondary);">
+                <strong>{{ verification.get_verification_method_display }}:</strong>
+                <span>Увереност: {{ verification.confidence_score }}%</span>
+                {% if verification.notes %}
+                <p style="margin-top: 0.5rem; color: var(--gov-gray);">{{ verification.notes }}</p>
+                {% endif %}
+            </div>
+            {% endfor %}
+        </div>
+        {% endif %}
+
+        {% if moderation_actions %}
+        <div class="info-section">
+            <h3>История на Модерацията</h3>
+            {% for action in moderation_actions %}
+            <div class="moderation-action" style="padding: 1rem; background: var(--gov-light); margin-bottom: 1rem; border-radius: 8px;">
+                <strong>{{ action.get_action_type_display }}</strong> от {{ action.moderator.username }}
+                <span style="color: var(--gov-gray); font-size: 0.9rem;">{{ action.created_at|date:"d F Y, H:i" }}</span>
+                {% if action.reason %}
+                <p style="margin-top: 0.5rem; color: var(--gov-gray);">Причина: {{ action.reason }}</p>
+                {% endif %}
+            </div>
+            {% endfor %}
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/admin_dashboard.html b/templates/osint/admin_dashboard.html
new file mode 100644
index 0000000..741676c
--- /dev/null
+++ b/templates/osint/admin_dashboard.html
@@ -0,0 +1,299 @@
+{% extends 'base.html' %}
+
+{% block title %}OSINT Администраторски Табло{% endblock %}
+
+{% block extra_css %}
+<style>
+    .dashboard-grid {
+        display: grid;
+        grid-template-columns: repeat(auto-fit, minmax(300px, 1fr));
+        gap: 1.5rem;
+        margin-bottom: 2rem;
+    }
+    
+    .dashboard-card {
+        background: var(--gov-white);
+        border-radius: 10px;
+        box-shadow: 0 4px 16px var(--gov-shadow);
+        padding: 1.5rem;
+        border-left: 4px solid var(--gov-secondary);
+    }
+    
+    .dashboard-card h3 {
+        font-family: 'Roboto Slab', serif;
+        color: var(--gov-primary);
+        margin-bottom: 1rem;
+        font-size: 1.3rem;
+        border-bottom: 2px solid var(--gov-gray-light);
+        padding-bottom: 0.5rem;
+    }
+    
+    .stat-number {
+        font-size: 2.5rem;
+        font-weight: 700;
+        color: var(--gov-secondary);
+        margin: 0.5rem 0;
+    }
+    
+    .quick-actions {
+        display: flex;
+        gap: 1rem;
+        flex-wrap: wrap;
+        margin-top: 1rem;
+    }
+    
+    .table-responsive {
+        overflow-x: auto;
+        margin-top: 1rem;
+    }
+    
+    .status-badge {
+        display: inline-block;
+        padding: 0.25rem 0.75rem;
+        border-radius: 12px;
+        font-size: 0.85rem;
+        font-weight: 600;
+    }
+    
+    .status-active { background: #d4edda; color: #155724; }
+    .status-inactive { background: #f8d7da; color: #721c24; }
+    .status-pending { background: #fff3cd; color: #856404; }
+</style>
+{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>🤖 OSINT Администраторски Табло</h2>
+        <div class="quick-actions">
+            <a href="{% url 'osint:seed_create' %}" class="btn btn-primary">➕ Добави Seed Website</a>
+            <a href="{% url 'osint:keyword_create' %}" class="btn btn-primary">➕ Добави Ключова Дума</a>
+            <a href="{% url 'osint:start_crawling' %}" class="btn btn-success">🚀 Стартирай Crawling</a>
+            <a href="{% url 'osint:auto_report_list' %}" class="btn btn-secondary">📋 Преглед на Доклади</a>
+        </div>
+    </div>
+</div>
+
+<!-- Statistics Overview -->
+<div class="dashboard-grid">
+    <div class="dashboard-card">
+        <h3>📊 Seed Websites</h3>
+        <div class="stat-number">{{ total_seeds }}</div>
+        <p>Общо: {{ total_seeds }} | Активни: {{ active_seeds }}</p>
+        <a href="{% url 'osint:seed_create' %}" class="btn btn-sm btn-primary" style="margin-top: 1rem;">Управление</a>
+    </div>
+    
+    <div class="dashboard-card">
+        <h3>🔍 Ключови Думи</h3>
+        <div class="stat-number">{{ total_keywords }}</div>
+        <p>Общо: {{ total_keywords }} | Активни: {{ active_keywords }}</p>
+        <a href="{% url 'osint:keyword_create' %}" class="btn btn-sm btn-primary" style="margin-top: 1rem;">Управление</a>
+    </div>
+    
+    <div class="dashboard-card">
+        <h3>📄 Събрано Съдържание</h3>
+        <div class="stat-number">{{ total_crawled }}</div>
+        <p>Общо: {{ total_crawled }} | Потенциални измами: {{ potential_scams }}</p>
+    </div>
+    
+    <div class="dashboard-card">
+        <h3>📋 Автоматични Доклади</h3>
+        <div class="stat-number">{{ pending_reports }}</div>
+        <p>Чакащи: {{ pending_reports }} | Публикувани: {{ published_reports }}</p>
+        <a href="{% url 'osint:auto_report_list' %}" class="btn btn-sm btn-primary" style="margin-top: 1rem;">Преглед</a>
+    </div>
+</div>
+
+<!-- Seed Websites Management -->
+<div class="gov-card">
+    <div class="gov-card-header" style="display: flex; justify-content: space-between; align-items: center;">
+        <h2>🌐 Seed Websites</h2>
+        <a href="{% url 'osint:seed_create' %}" class="btn btn-primary">➕ Добави Нов</a>
+    </div>
+    <div class="gov-card-body">
+        {% if seed_websites %}
+        <div class="table-responsive">
+            <table class="gov-table">
+                <thead>
+                    <tr>
+                        <th>Име</th>
+                        <th>URL</th>
+                        <th>Статус</th>
+                        <th>Приоритет</th>
+                        <th>Последно Crawl</th>
+                        <th>Страници</th>
+                        <th>Съвпадения</th>
+                        <th>Действия</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for seed in seed_websites %}
+                    <tr>
+                        <td><strong>{{ seed.name }}</strong></td>
+                        <td><a href="{{ seed.url }}" target="_blank">{{ seed.url|truncatechars:40 }}</a></td>
+                        <td>
+                            {% if seed.is_active %}
+                            <span class="status-badge status-active">Активен</span>
+                            {% else %}
+                            <span class="status-badge status-inactive">Неактивен</span>
+                            {% endif %}
+                        </td>
+                        <td>{{ seed.get_priority_display }}</td>
+                        <td>
+                            {% if seed.last_crawled_at %}
+                            {{ seed.last_crawled_at|date:"d.m.Y H:i" }}
+                            {% else %}
+                            <span style="color: orange;">Никога</span>
+                            {% endif %}
+                        </td>
+                        <td>{{ seed.pages_crawled }}</td>
+                        <td>{{ seed.matches_found }}</td>
+                        <td>
+                            <a href="{% url 'osint:seed_edit' seed.pk %}" class="btn btn-sm btn-secondary">✏️ Редактирай</a>
+                            <a href="{% url 'osint:seed_delete' seed.pk %}" class="btn btn-sm btn-danger" 
+                               onclick="return confirm('Сигурни ли сте?')">🗑️ Изтрий</a>
+                        </td>
+                    </tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+        {% else %}
+        <div class="empty-state">
+            <p>Няма конфигурирани seed websites. <a href="{% url 'osint:seed_create' %}">Добавете първия</a></p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+
+<!-- Keywords Management -->
+<div class="gov-card">
+    <div class="gov-card-header" style="display: flex; justify-content: space-between; align-items: center;">
+        <h2>🔑 Ключови Думи</h2>
+        <a href="{% url 'osint:keyword_create' %}" class="btn btn-primary">➕ Добави Нова</a>
+    </div>
+    <div class="gov-card-body">
+        {% if keywords %}
+        <div class="table-responsive">
+            <table class="gov-table">
+                <thead>
+                    <tr>
+                        <th>Име</th>
+                        <th>Ключова Дума</th>
+                        <th>Тип</th>
+                        <th>Статус</th>
+                        <th>Увереност</th>
+                        <th>Auto Approve</th>
+                        <th>Действия</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for keyword in keywords %}
+                    <tr>
+                        <td><strong>{{ keyword.name }}</strong></td>
+                        <td><code style="font-size: 0.85rem;">{{ keyword.keyword|truncatechars:50 }}</code></td>
+                        <td>{{ keyword.get_keyword_type_display }}</td>
+                        <td>
+                            {% if keyword.is_active %}
+                            <span class="status-badge status-active">Активна</span>
+                            {% else %}
+                            <span class="status-badge status-inactive">Неактивна</span>
+                            {% endif %}
+                        </td>
+                        <td>{{ keyword.confidence_score }}%</td>
+                        <td>
+                            {% if keyword.auto_approve %}
+                            <span class="status-badge status-active">Да</span>
+                            {% else %}
+                            <span class="status-badge status-inactive">Не</span>
+                            {% endif %}
+                        </td>
+                        <td>
+                            <a href="{% url 'osint:keyword_edit' keyword.pk %}" class="btn btn-sm btn-secondary">✏️ Редактирай</a>
+                            <a href="{% url 'osint:keyword_delete' keyword.pk %}" class="btn btn-sm btn-danger"
+                               onclick="return confirm('Сигурни ли сте?')">🗑️ Изтрий</a>
+                        </td>
+                    </tr>
+                    {% endfor %}
+                </tbody>
+            </table>
+        </div>
+        {% else %}
+        <div class="empty-state">
+            <p>Няма конфигурирани ключови думи. <a href="{% url 'osint:keyword_create' %}">Добавете първата</a></p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+
+<!-- Recent Activity -->
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>📊 Последна Активност</h2>
+    </div>
+    <div class="gov-card-body">
+        <div style="display: grid; grid-template-columns: 1fr 1fr; gap: 2rem;">
+            <div>
+                <h3>Последно Събрано Съдържание</h3>
+                {% if recent_crawled %}
+                <ul style="list-style: none; padding: 0;">
+                    {% for content in recent_crawled %}
+                    <li style="padding: 0.5rem; border-bottom: 1px solid var(--gov-gray-light);">
+                        <strong><a href="{{ content.url }}" target="_blank">{{ content.title|truncatechars:50 }}</a></strong><br>
+                        <small>{{ content.crawled_at|date:"d.m.Y H:i" }} | {{ content.match_count }} съвпадения</small>
+                    </li>
+                    {% endfor %}
+                </ul>
+                {% else %}
+                <p>Все още няма събрано съдържание.</p>
+                {% endif %}
+            </div>
+            
+            <div>
+                <h3>Последни Автоматични Доклади</h3>
+                {% if recent_auto_reports %}
+                <ul style="list-style: none; padding: 0;">
+                    {% for report in recent_auto_reports %}
+                    <li style="padding: 0.5rem; border-bottom: 1px solid var(--gov-gray-light);">
+                        <strong><a href="{% url 'osint:auto_report_detail' report.pk %}">{{ report.title|truncatechars:50 }}</a></strong><br>
+                        <small>
+                            {{ report.created_at|date:"d.m.Y H:i" }} | 
+                            <span class="badge badge-{{ report.status }}">{{ report.get_status_display }}</span> |
+                            {{ report.confidence_score }}%
+                        </small>
+                    </li>
+                    {% endfor %}
+                </ul>
+                {% else %}
+                <p>Все още няма автоматично генерирани доклади.</p>
+                {% endif %}
+            </div>
+        </div>
+    </div>
+</div>
+
+<!-- Due for Crawling -->
+{% if due_for_crawling %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>⏰ Seed Websites за Crawling</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="gov-alert gov-alert-warning">
+            <div class="alert-icon">⚠</div>
+            <div class="alert-content">
+                <strong>Следните seed websites са готови за crawling:</strong>
+                <ul style="margin-top: 0.5rem;">
+                    {% for seed in due_for_crawling %}
+                    <li><strong>{{ seed.name }}</strong> - {{ seed.url }}</li>
+                    {% endfor %}
+                </ul>
+                <a href="{% url 'osint:start_crawling' %}" class="btn btn-primary" style="margin-top: 1rem;">Стартирай Crawling</a>
+            </div>
+        </div>
+    </div>
+</div>
+{% endif %}
+
+{% endblock %}
+
diff --git a/templates/osint/approve_auto_report.html b/templates/osint/approve_auto_report.html
new file mode 100644
index 0000000..24b0291
--- /dev/null
+++ b/templates/osint/approve_auto_report.html
@@ -0,0 +1,34 @@
+{% extends 'base.html' %}
+
+{% block title %}Одобряване на Автоматичен Доклад{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Одобряване на Автоматичен Доклад</h2>
+    
+    <div class="gov-card" style="margin-bottom: 2rem;">
+        <h3>{{ object.title }}</h3>
+        <p><strong>Източник:</strong> <a href="{{ object.source_url }}" target="_blank" rel="noopener">{{ object.source_url }}</a></p>
+        <p><strong>Увереност:</strong> {{ object.confidence_score }}%</p>
+        <div style="background: var(--gov-light); padding: 1rem; border-radius: 6px; margin-top: 1rem;">
+            {{ object.description|truncatewords:100 }}
+        </div>
+    </div>
+
+    <form method="post">
+        {% csrf_token %}
+        <div class="form-group">
+            <p class="form-description">
+                Сигурни ли сте, че искате да одобрите този автоматично генериран доклад? 
+                Това ще създаде публичен доклад, който ще бъде видим в платформата.
+            </p>
+        </div>
+        
+        <div class="form-actions">
+            <button type="submit" class="btn btn-success">Да, Одобри</button>
+            <a href="{% url 'osint:auto_report_detail' object.pk %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/auto_report_detail.html b/templates/osint/auto_report_detail.html
new file mode 100644
index 0000000..f1679ca
--- /dev/null
+++ b/templates/osint/auto_report_detail.html
@@ -0,0 +1,110 @@
+{% extends 'base.html' %}
+
+{% block title %}Детайли на Автоматичен Доклад - OSINT{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Детайли на Автоматичен Доклад</h2>
+    </div>
+    <div class="gov-card-body">
+        <!-- Status and Actions -->
+        <div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 2rem; flex-wrap: wrap; gap: 1rem;">
+            <div>
+                <span class="badge badge-{{ auto_report.status }}" style="font-size: 1rem; padding: 0.5rem 1rem;">
+                    {{ auto_report.get_status_display }}
+                </span>
+                <span class="badge" style="background: linear-gradient(135deg, #17a2b8 0%, #138496 100%); color: white; font-size: 1rem; padding: 0.5rem 1rem;">
+                    Увереност: {{ auto_report.confidence_score }}%
+                </span>
+            </div>
+            {% if auto_report.status == 'pending' %}
+            <div>
+                <a href="{% url 'osint:approve_auto_report' auto_report.pk %}" class="btn btn-success">Одобри</a>
+                <a href="{% url 'osint:reject_auto_report' auto_report.pk %}" class="btn btn-danger">Отхвърли</a>
+            </div>
+            {% endif %}
+        </div>
+
+        <!-- Report Information -->
+        <div class="info-section" style="margin-bottom: 2rem;">
+            <h3>Информация за Доклада</h3>
+            <div class="info-grid">
+                <div><strong>Заглавие:</strong> {{ auto_report.title }}</div>
+                <div><strong>Източник:</strong> <a href="{{ auto_report.source_url }}" target="_blank" rel="noopener">{{ auto_report.source_url }}</a></div>
+                <div><strong>Създадено:</strong> {{ auto_report.created_at|date:"d F Y, H:i" }}</div>
+                {% if auto_report.reviewed_by %}
+                <div><strong>Прегледано от:</strong> {{ auto_report.reviewed_by.username }}</div>
+                <div><strong>Прегледано на:</strong> {{ auto_report.reviewed_at|date:"d F Y, H:i" }}</div>
+                {% endif %}
+                {% if auto_report.published_at %}
+                <div><strong>Публикувано на:</strong> {{ auto_report.published_at|date:"d F Y, H:i" }}</div>
+                {% endif %}
+                {% if auto_report.report %}
+                <div><strong>Свързан Доклад:</strong> <a href="{% url 'reports:detail' auto_report.report.pk %}">Доклад #{{ auto_report.report.pk }}</a></div>
+                {% endif %}
+            </div>
+        </div>
+
+        <!-- Matched Keywords -->
+        {% if auto_report.matched_keywords.all %}
+        <div class="info-section" style="margin-bottom: 2rem;">
+            <h3>Намерени Ключови Думи</h3>
+            <div class="report-tags">
+                {% for keyword in auto_report.matched_keywords.all %}
+                <span class="badge badge-info" style="font-size: 1rem; padding: 0.5rem 1rem; margin: 0.25rem;">
+                    {{ keyword.name }} ({{ keyword.confidence_score }}%)
+                </span>
+                {% endfor %}
+            </div>
+        </div>
+        {% endif %}
+
+        <!-- Description -->
+        <div class="info-section" style="margin-bottom: 2rem;">
+            <h3>Описание</h3>
+            <div style="background: var(--gov-light); padding: 1.5rem; border-radius: 8px; white-space: pre-wrap; line-height: 1.8;">
+                {{ auto_report.description }}
+            </div>
+        </div>
+
+        <!-- Crawled Content -->
+        {% if auto_report.crawled_content %}
+        <div class="info-section" style="margin-bottom: 2rem;">
+            <h3>Съдържание от Източника</h3>
+            <div style="margin-bottom: 1rem;">
+                <strong>Seed Website:</strong> {{ auto_report.crawled_content.seed_website.name }}<br>
+                <strong>URL:</strong> <a href="{{ auto_report.crawled_content.url }}" target="_blank" rel="noopener">{{ auto_report.crawled_content.url }}</a><br>
+                <strong>Събрано на:</strong> {{ auto_report.crawled_content.crawled_at|date:"d F Y, H:i" }}<br>
+                <strong>Брой Съвпадения:</strong> {{ auto_report.crawled_content.match_count }}
+            </div>
+            <div style="background: var(--gov-light); padding: 1.5rem; border-radius: 8px; max-height: 400px; overflow-y: auto;">
+                <h4>Заглавие:</h4>
+                <p>{{ auto_report.crawled_content.title }}</p>
+                <h4>Съдържание:</h4>
+                <p style="white-space: pre-wrap; line-height: 1.8;">{{ auto_report.crawled_content.content|truncatewords:500 }}</p>
+            </div>
+        </div>
+        {% endif %}
+
+        <!-- Review Notes -->
+        {% if auto_report.review_notes %}
+        <div class="info-section" style="margin-bottom: 2rem;">
+            <h3>Бележки от Прегледа</h3>
+            <div style="background: var(--gov-light); padding: 1.5rem; border-radius: 8px; white-space: pre-wrap;">
+                {{ auto_report.review_notes }}
+            </div>
+        </div>
+        {% endif %}
+
+        <!-- Actions -->
+        <div class="report-actions">
+            <a href="{% url 'osint:auto_report_list' %}" class="btn btn-secondary">Обратно към Списъка</a>
+            {% if auto_report.report %}
+            <a href="{% url 'reports:detail' auto_report.report.pk %}" class="btn btn-primary">Виж Публикувания Доклад</a>
+            {% endif %}
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/auto_report_list.html b/templates/osint/auto_report_list.html
new file mode 100644
index 0000000..99ccb98
--- /dev/null
+++ b/templates/osint/auto_report_list.html
@@ -0,0 +1,109 @@
+{% extends 'base.html' %}
+
+{% block title %}Автоматично Генерирани Доклади - OSINT{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Автоматично Генерирани Доклади от OSINT</h2>
+    </div>
+    <div class="gov-card-body">
+        <!-- Statistics -->
+        <div class="stats-grid" style="margin-bottom: 2rem;">
+            <div class="stat-card">
+                <h3>{{ pending_count }}</h3>
+                <p>Чакащи Преглед</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ approved_count }}</h3>
+                <p>Одобрени</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ published_count }}</h3>
+                <p>Публикувани</p>
+            </div>
+            <div class="stat-card">
+                <h3>{{ rejected_count }}</h3>
+                <p>Отхвърлени</p>
+            </div>
+        </div>
+
+        <!-- Filter Bar -->
+        <div class="filter-bar" style="margin-bottom: 2rem;">
+            <a href="?status=" class="btn btn-sm {% if not request.GET.status %}btn-primary{% else %}btn-secondary{% endif %}">Всички</a>
+            <a href="?status=pending" class="btn btn-sm {% if request.GET.status == 'pending' %}btn-primary{% else %}btn-secondary{% endif %}">Чакащи</a>
+            <a href="?status=approved" class="btn btn-sm {% if request.GET.status == 'approved' %}btn-primary{% else %}btn-secondary{% endif %}">Одобрени</a>
+            <a href="?status=published" class="btn btn-sm {% if request.GET.status == 'published' %}btn-primary{% else %}btn-secondary{% endif %}">Публикувани</a>
+            <a href="?status=rejected" class="btn btn-sm {% if request.GET.status == 'rejected' %}btn-primary{% else %}btn-secondary{% endif %}">Отхвърлени</a>
+        </div>
+
+        {% if auto_reports %}
+        <div class="reports-list">
+            {% for auto_report in auto_reports %}
+            <div class="report-card" style="border-left: 4px solid {% if auto_report.status == 'pending' %}#ffc107{% elif auto_report.status == 'approved' %}#28a745{% elif auto_report.status == 'published' %}#17a2b8{% else %}#dc3545{% endif %};">
+                <div class="report-header">
+                    <h3>
+                        <a href="{% url 'osint:auto_report_detail' auto_report.pk %}">{{ auto_report.title }}</a>
+                    </h3>
+                    <div>
+                        <span class="badge badge-{{ auto_report.status }}">{{ auto_report.get_status_display }}</span>
+                        <span class="badge" style="background: linear-gradient(135deg, #17a2b8 0%, #138496 100%); color: white;">
+                            Увереност: {{ auto_report.confidence_score }}%
+                        </span>
+                    </div>
+                </div>
+                <div class="report-meta">
+                    <span>🔗 <a href="{{ auto_report.source_url }}" target="_blank" rel="noopener">{{ auto_report.source_url|truncatechars:60 }}</a></span>
+                    <span>📅 Създадено: {{ auto_report.created_at|date:"d F Y, H:i" }}</span>
+                    {% if auto_report.reviewed_by %}
+                    <span>👤 Прегледано от: {{ auto_report.reviewed_by.username }}</span>
+                    {% endif %}
+                </div>
+                <div class="report-description">
+                    {{ auto_report.description|truncatewords:50 }}
+                </div>
+                {% if auto_report.matched_keywords.all %}
+                <div class="report-tags">
+                    <strong>Намерени Ключови Думи:</strong>
+                    {% for keyword in auto_report.matched_keywords.all %}
+                    <span class="badge badge-info">{{ keyword.name }}</span>
+                    {% endfor %}
+                </div>
+                {% endif %}
+                <div class="report-actions">
+                    <a href="{% url 'osint:auto_report_detail' auto_report.pk %}" class="btn btn-sm btn-primary">Преглед</a>
+                    {% if auto_report.status == 'pending' %}
+                    <a href="{% url 'osint:approve_auto_report' auto_report.pk %}" class="btn btn-sm btn-success">Одобри</a>
+                    <a href="{% url 'osint:reject_auto_report' auto_report.pk %}" class="btn btn-sm btn-danger">Отхвърли</a>
+                    {% endif %}
+                    {% if auto_report.report %}
+                    <a href="{% url 'reports:detail' auto_report.report.pk %}" class="btn btn-sm btn-secondary">Виж Доклад</a>
+                    {% endif %}
+                </div>
+            </div>
+            {% endfor %}
+        </div>
+
+        <!-- Pagination -->
+        {% if page_obj.has_other_pages %}
+        <div class="pagination">
+            {% if page_obj.has_previous %}
+                <a href="?page=1{% if request.GET.status %}&status={{ request.GET.status }}{% endif %}" class="btn btn-secondary">Първа</a>
+                <a href="?page={{ page_obj.previous_page_number }}{% if request.GET.status %}&status={{ request.GET.status }}{% endif %}" class="btn btn-secondary">Предишна</a>
+            {% endif %}
+            <span class="page-info">Страница {{ page_obj.number }} от {{ page_obj.paginator.num_pages }}</span>
+            {% if page_obj.has_next %}
+                <a href="?page={{ page_obj.next_page_number }}{% if request.GET.status %}&status={{ request.GET.status }}{% endif %}" class="btn btn-secondary">Следваща</a>
+                <a href="?page={{ page_obj.paginator.num_pages }}{% if request.GET.status %}&status={{ request.GET.status }}{% endif %}" class="btn btn-secondary">Последна</a>
+            {% endif %}
+        </div>
+        {% endif %}
+        {% else %}
+        <div class="empty-state">
+            <p>Няма автоматично генерирани доклади.</p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/keyword_confirm_delete.html b/templates/osint/keyword_confirm_delete.html
new file mode 100644
index 0000000..6539efe
--- /dev/null
+++ b/templates/osint/keyword_confirm_delete.html
@@ -0,0 +1,33 @@
+{% extends 'base.html' %}
+
+{% block title %}Изтриване на Ключова Дума{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Изтриване на Ключова Дума</h2>
+    
+    <div class="gov-alert gov-alert-warning">
+        <div class="alert-icon">⚠</div>
+        <div class="alert-content">
+            <strong>Внимание!</strong> Сигурни ли сте, че искате да изтриете "{{ object.name }}"?
+            Това действие не може да бъде отменено.
+        </div>
+    </div>
+    
+    <div class="gov-card" style="margin: 2rem 0;">
+        <h3>{{ object.name }}</h3>
+        <p><strong>Ключова Дума:</strong> <code>{{ object.keyword }}</code></p>
+        <p><strong>Тип:</strong> {{ object.get_keyword_type_display }}</p>
+        <p><strong>Увереност:</strong> {{ object.confidence_score }}%</p>
+    </div>
+    
+    <form method="post">
+        {% csrf_token %}
+        <div class="form-actions">
+            <button type="submit" class="btn btn-danger">Да, Изтрий</button>
+            <a href="{% url 'osint:admin_dashboard' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/keyword_form.html b/templates/osint/keyword_form.html
new file mode 100644
index 0000000..aa39321
--- /dev/null
+++ b/templates/osint/keyword_form.html
@@ -0,0 +1,93 @@
+{% extends 'base.html' %}
+
+{% block title %}{% if object %}Редактиране{% else %}Добавяне{% endif %} на Ключова Дума{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>{% if object %}Редактиране{% else %}Добавяне{% endif %} на Ключова Дума</h2>
+    
+    <form method="post">
+        {% csrf_token %}
+        
+        <div class="form-group">
+            <label for="{{ form.name.id_for_label }}">Име *</label>
+            {{ form.name }}
+            {% if form.name.errors %}
+            <div class="error-message">{{ form.name.errors }}</div>
+            {% endif %}
+        </div>
+        
+        <div class="form-group">
+            <label for="{{ form.keyword.id_for_label }}">Ключова Дума/Патърн *</label>
+            {{ form.keyword }}
+            {% if form.keyword.errors %}
+            <div class="error-message">{{ form.keyword.errors }}</div>
+            {% endif %}
+            <small class="form-text">Текст, фраза или regex патърн за търсене</small>
+        </div>
+        
+        <div class="form-group">
+            <label for="{{ form.description.id_for_label }}">Описание</label>
+            {{ form.description }}
+            {% if form.description.errors %}
+            <div class="error-message">{{ form.description.errors }}</div>
+            {% endif %}
+        </div>
+        
+        <div class="form-row">
+            <div class="form-group">
+                <label for="{{ form.keyword_type.id_for_label }}">Тип *</label>
+                {{ form.keyword_type }}
+                {% if form.keyword_type.errors %}
+                <div class="error-message">{{ form.keyword_type.errors }}</div>
+                {% endif %}
+                <small class="form-text">exact, regex, phrase, domain, email, phone</small>
+            </div>
+            
+            <div class="form-group">
+                <label for="{{ form.confidence_score.id_for_label }}">Увереност (0-100) *</label>
+                {{ form.confidence_score }}
+                {% if form.confidence_score.errors %}
+                <div class="error-message">{{ form.confidence_score.errors }}</div>
+                {% endif %}
+            </div>
+        </div>
+        
+        <div class="form-row">
+            <div class="form-group">
+                <label for="{{ form.is_active.id_for_label }}">
+                    {{ form.is_active }} Активна
+                </label>
+                {% if form.is_active.errors %}
+                <div class="error-message">{{ form.is_active.errors }}</div>
+                {% endif %}
+            </div>
+            
+            <div class="form-group">
+                <label for="{{ form.case_sensitive.id_for_label }}">
+                    {{ form.case_sensitive }} Case Sensitive
+                </label>
+                {% if form.case_sensitive.errors %}
+                <div class="error-message">{{ form.case_sensitive.errors }}</div>
+                {% endif %}
+            </div>
+            
+            <div class="form-group">
+                <label for="{{ form.auto_approve.id_for_label }}">
+                    {{ form.auto_approve }} Auto Approve
+                </label>
+                {% if form.auto_approve.errors %}
+                <div class="error-message">{{ form.auto_approve.errors }}</div>
+                {% endif %}
+                <small class="form-text">Автоматично одобряване при увереност ≥ 80%</small>
+            </div>
+        </div>
+        
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary">Запази</button>
+            <a href="{% url 'osint:admin_dashboard' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/reject_auto_report.html b/templates/osint/reject_auto_report.html
new file mode 100644
index 0000000..222aa4d
--- /dev/null
+++ b/templates/osint/reject_auto_report.html
@@ -0,0 +1,33 @@
+{% extends 'base.html' %}
+
+{% block title %}Отхвърляне на Автоматичен Доклад{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Отхвърляне на Автоматичен Доклад</h2>
+    
+    <div class="gov-card" style="margin-bottom: 2rem;">
+        <h3>{{ object.title }}</h3>
+        <p><strong>Източник:</strong> <a href="{{ object.source_url }}" target="_blank" rel="noopener">{{ object.source_url }}</a></p>
+        <p><strong>Увереност:</strong> {{ object.confidence_score }}%</p>
+        <div style="background: var(--gov-light); padding: 1rem; border-radius: 6px; margin-top: 1rem;">
+            {{ object.description|truncatewords:100 }}
+        </div>
+    </div>
+
+    <form method="post">
+        {% csrf_token %}
+        <div class="form-group">
+            <label for="review_notes">Причина за Отхвърляне (по избор):</label>
+            <textarea name="review_notes" id="review_notes" class="form-control" rows="4" 
+                      placeholder="Обяснете защо отхвърляте този доклад..."></textarea>
+        </div>
+        
+        <div class="form-actions">
+            <button type="submit" class="btn btn-danger">Отхвърли</button>
+            <a href="{% url 'osint:auto_report_detail' object.pk %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/result_list.html b/templates/osint/result_list.html
new file mode 100644
index 0000000..9484c9c
--- /dev/null
+++ b/templates/osint/result_list.html
@@ -0,0 +1,49 @@
+{% extends 'base.html' %}
+
+{% block title %}OSINT Резултати - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>OSINT Резултати за Доклад: {{ report.title }}</h2>
+    </div>
+    <div class="gov-card-body">
+        {% if results %}
+        <div class="reports-list">
+            {% for result in results %}
+            <div class="result-card">
+                <div class="result-header">
+                    <h3>{{ result.get_data_type_display }}</h3>
+                    <div class="result-badges">
+                        <span class="badge badge-source">{{ result.source }}</span>
+                        <span class="badge badge-confidence">Увереност: {{ result.confidence_level }}%</span>
+                        {% if result.is_verified %}
+                        <span class="badge badge-verified">Потвърдено</span>
+                        {% endif %}
+                    </div>
+                </div>
+                <div class="result-meta">
+                    <span>Събрано: {{ result.collected_at|date:"d F Y, H:i" }}</span>
+                </div>
+                {% if result.processed_data %}
+                <div class="result-data">
+                    <h4>Обработени Данни</h4>
+                    <pre style="background: var(--gov-light); padding: 1rem; border-radius: 6px; overflow-x: auto;">{{ result.processed_data|safe }}</pre>
+                </div>
+                {% endif %}
+            </div>
+            {% endfor %}
+        </div>
+        {% else %}
+        <div class="empty-state">
+            <p>Все още няма налични OSINT резултати за този доклад.</p>
+        </div>
+        {% endif %}
+
+        <div class="result-actions">
+            <a href="{% url 'reports:detail' report.pk %}" class="btn btn-secondary">Обратно към Доклад</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/seed_website_confirm_delete.html b/templates/osint/seed_website_confirm_delete.html
new file mode 100644
index 0000000..12295d2
--- /dev/null
+++ b/templates/osint/seed_website_confirm_delete.html
@@ -0,0 +1,33 @@
+{% extends 'base.html' %}
+
+{% block title %}Изтриване на Seed Website{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Изтриване на Seed Website</h2>
+    
+    <div class="gov-alert gov-alert-warning">
+        <div class="alert-icon">⚠</div>
+        <div class="alert-content">
+            <strong>Внимание!</strong> Сигурни ли сте, че искате да изтриете "{{ object.name }}"?
+            Това действие не може да бъде отменено.
+        </div>
+    </div>
+    
+    <div class="gov-card" style="margin: 2rem 0;">
+        <h3>{{ object.name }}</h3>
+        <p><strong>URL:</strong> {{ object.url }}</p>
+        <p><strong>Страници събрани:</strong> {{ object.pages_crawled }}</p>
+        <p><strong>Съвпадения:</strong> {{ object.matches_found }}</p>
+    </div>
+    
+    <form method="post">
+        {% csrf_token %}
+        <div class="form-actions">
+            <button type="submit" class="btn btn-danger">Да, Изтрий</button>
+            <a href="{% url 'osint:admin_dashboard' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/seed_website_form.html b/templates/osint/seed_website_form.html
new file mode 100644
index 0000000..1f36047
--- /dev/null
+++ b/templates/osint/seed_website_form.html
@@ -0,0 +1,100 @@
+{% extends 'base.html' %}
+
+{% block title %}{% if object %}Редактиране{% else %}Добавяне{% endif %} на Seed Website{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>{% if object %}Редактиране{% else %}Добавяне{% endif %} на Seed Website</h2>
+    
+    <form method="post">
+        {% csrf_token %}
+        
+        <div class="form-group">
+            <label for="{{ form.name.id_for_label }}">Име *</label>
+            {{ form.name }}
+            {% if form.name.errors %}
+            <div class="error-message">{{ form.name.errors }}</div>
+            {% endif %}
+        </div>
+        
+        <div class="form-group">
+            <label for="{{ form.url.id_for_label }}">URL *</label>
+            {{ form.url }}
+            {% if form.url.errors %}
+            <div class="error-message">{{ form.url.errors }}</div>
+            {% endif %}
+            <small class="form-text">Основният URL адрес за crawling</small>
+        </div>
+        
+        <div class="form-group">
+            <label for="{{ form.description.id_for_label }}">Описание</label>
+            {{ form.description }}
+            {% if form.description.errors %}
+            <div class="error-message">{{ form.description.errors }}</div>
+            {% endif %}
+        </div>
+        
+        <div class="form-row">
+            <div class="form-group">
+                <label for="{{ form.is_active.id_for_label }}">
+                    {{ form.is_active }} Активен
+                </label>
+                {% if form.is_active.errors %}
+                <div class="error-message">{{ form.is_active.errors }}</div>
+                {% endif %}
+            </div>
+            
+            <div class="form-group">
+                <label for="{{ form.priority.id_for_label }}">Приоритет *</label>
+                {{ form.priority }}
+                {% if form.priority.errors %}
+                <div class="error-message">{{ form.priority.errors }}</div>
+                {% endif %}
+            </div>
+        </div>
+        
+        <div class="form-row">
+            <div class="form-group">
+                <label for="{{ form.crawl_depth.id_for_label }}">Crawl Depth *</label>
+                {{ form.crawl_depth }}
+                {% if form.crawl_depth.errors %}
+                <div class="error-message">{{ form.crawl_depth.errors }}</div>
+                {% endif %}
+                <small class="form-text">0 = само тази страница, 1 = + директни линкове, 2 = + 2 нива</small>
+            </div>
+            
+            <div class="form-group">
+                <label for="{{ form.crawl_interval_hours.id_for_label }}">Интервал (часове) *</label>
+                {{ form.crawl_interval_hours }}
+                {% if form.crawl_interval_hours.errors %}
+                <div class="error-message">{{ form.crawl_interval_hours.errors }}</div>
+                {% endif %}
+                <small class="form-text">Колко често да се crawl-ва</small>
+            </div>
+        </div>
+        
+        <div class="form-group">
+            <label for="{{ form.allowed_domains_text.id_for_label }}">Разрешени Домейни</label>
+            {{ form.allowed_domains_text }}
+            {% if form.allowed_domains_text.errors %}
+            <div class="error-message">{{ form.allowed_domains_text.errors }}</div>
+            {% endif %}
+            <small class="form-text">{{ form.allowed_domains_text.help_text }}</small>
+        </div>
+        
+        <div class="form-group">
+            <label for="{{ form.user_agent.id_for_label }}">User Agent</label>
+            {{ form.user_agent }}
+            {% if form.user_agent.errors %}
+            <div class="error-message">{{ form.user_agent.errors }}</div>
+            {% endif %}
+        </div>
+        
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary">Запази</button>
+            <a href="{% url 'osint:admin_dashboard' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/start_crawling.html b/templates/osint/start_crawling.html
new file mode 100644
index 0000000..4ae28fe
--- /dev/null
+++ b/templates/osint/start_crawling.html
@@ -0,0 +1,52 @@
+{% extends 'base.html' %}
+
+{% block title %}Стартиране на OSINT Crawling{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>🚀 Стартиране на OSINT Crawling</h2>
+    
+    <form method="post">
+        {% csrf_token %}
+        
+        <div class="form-group">
+            <label for="seed_id">Seed Website (Оставете празно за всички активни)</label>
+            <select name="seed_id" id="seed_id" class="form-control">
+                <option value="">-- Всички активни Seed Websites --</option>
+                {% for seed in seed_websites %}
+                <option value="{{ seed.pk }}">{{ seed.name }} ({{ seed.url }})</option>
+                {% endfor %}
+            </select>
+            <small class="form-text">Изберете конкретен seed website или оставете празно за всички</small>
+        </div>
+        
+        <div class="form-row">
+            <div class="form-group">
+                <label for="max_pages">Максимум Страници</label>
+                <input type="number" name="max_pages" id="max_pages" class="form-control" value="50" min="1" max="1000">
+                <small class="form-text">Максимален брой страници за crawl на seed website</small>
+            </div>
+            
+            <div class="form-group">
+                <label for="delay">Забавяне (секунди)</label>
+                <input type="number" name="delay" id="delay" class="form-control" value="1.0" min="0.1" max="10" step="0.1">
+                <small class="form-text">Забавяне между заявките</small>
+            </div>
+        </div>
+        
+        <div class="gov-alert gov-alert-info">
+            <div class="alert-icon">ℹ</div>
+            <div class="alert-content">
+                <strong>Информация:</strong> Crawling-ът ще стартира в background. Резултатите ще се появят след няколко минути.
+                Проверете "Crawled Content" и "Auto-Generated Reports" в админ таблото.
+            </div>
+        </div>
+        
+        <div class="form-actions">
+            <button type="submit" class="btn btn-success">🚀 Стартирай Crawling</button>
+            <a href="{% url 'osint:admin_dashboard' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/task_detail.html b/templates/osint/task_detail.html
new file mode 100644
index 0000000..067874c
--- /dev/null
+++ b/templates/osint/task_detail.html
@@ -0,0 +1,59 @@
+{% extends 'base.html' %}
+
+{% block title %}Детайли на OSINT Задача - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Детайли на OSINT Задача</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="info-section">
+            <h3>Информация за Задачата</h3>
+            <div class="info-grid">
+                <div><strong>Тип:</strong> {{ task.get_task_type_display }}</div>
+                <div><strong>Статус:</strong> <span class="badge badge-{{ task.status }}">{{ task.get_status_display }}</span></div>
+                <div><strong>Доклад:</strong> <a href="{% url 'reports:detail' task.report.pk %}">{{ task.report.title }}</a></div>
+                <div><strong>Създадено:</strong> {{ task.created_at|date:"d F Y, H:i" }}</div>
+                {% if task.started_at %}
+                <div><strong>Започнато:</strong> {{ task.started_at|date:"d F Y, H:i" }}</div>
+                {% endif %}
+                {% if task.completed_at %}
+                <div><strong>Завършено:</strong> {{ task.completed_at|date:"d F Y, H:i" }}</div>
+                {% endif %}
+                <div><strong>Брой Опити:</strong> {{ task.retry_count }}</div>
+            </div>
+        </div>
+
+        {% if task.parameters %}
+        <div class="info-section">
+            <h3>Параметри</h3>
+            <pre style="background: var(--gov-light); padding: 1rem; border-radius: 6px; overflow-x: auto;">{{ task.parameters|safe }}</pre>
+        </div>
+        {% endif %}
+
+        {% if task.result %}
+        <div class="info-section">
+            <h3>Резултат</h3>
+            <pre style="background: var(--gov-light); padding: 1rem; border-radius: 6px; overflow-x: auto;">{{ task.result|safe }}</pre>
+        </div>
+        {% endif %}
+
+        {% if task.error_message %}
+        <div class="info-section">
+            <h3>Грешка</h3>
+            <div class="gov-alert gov-alert-error">
+                <div class="alert-icon">✕</div>
+                <div class="alert-content">{{ task.error_message }}</div>
+            </div>
+        </div>
+        {% endif %}
+
+        <div class="task-actions">
+            <a href="{% url 'osint:result_list' task.report.pk %}" class="btn btn-secondary">Преглед на Резултати</a>
+            <a href="{% url 'osint:task_list' %}" class="btn btn-secondary">Обратно към Задачи</a>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/osint/task_list.html b/templates/osint/task_list.html
new file mode 100644
index 0000000..8597072
--- /dev/null
+++ b/templates/osint/task_list.html
@@ -0,0 +1,62 @@
+{% extends 'base.html' %}
+
+{% block title %}OSINT Задачи - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>OSINT Задачи</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="filter-bar" style="margin-bottom: 2rem;">
+            <a href="?status=" class="btn btn-sm {% if not request.GET.status %}btn-primary{% else %}btn-secondary{% endif %}">Всички</a>
+            <a href="?status=pending" class="btn btn-sm {% if request.GET.status == 'pending' %}btn-primary{% else %}btn-secondary{% endif %}">Чакащи</a>
+            <a href="?status=running" class="btn btn-sm {% if request.GET.status == 'running' %}btn-primary{% else %}btn-secondary{% endif %}">В Изпълнение</a>
+            <a href="?status=completed" class="btn btn-sm {% if request.GET.status == 'completed' %}btn-primary{% else %}btn-secondary{% endif %}">Завършени</a>
+            <a href="?status=failed" class="btn btn-sm {% if request.GET.status == 'failed' %}btn-primary{% else %}btn-secondary{% endif %}">Неуспешни</a>
+        </div>
+
+        {% if tasks %}
+        <div class="reports-list">
+            {% for task in tasks %}
+            <div class="task-card">
+                <div class="task-header">
+                    <h3><a href="{% url 'osint:task_detail' task.pk %}">{{ task.get_task_type_display }}</a></h3>
+                    <span class="badge badge-{{ task.status }}">{{ task.get_status_display }}</span>
+                </div>
+                <div class="task-meta">
+                    <span>Доклад: <a href="{% url 'reports:detail' task.report.pk %}">{{ task.report.title }}</a></span>
+                    <span>Създадено: {{ task.created_at|date:"d F Y, H:i" }}</span>
+                    {% if task.completed_at %}
+                    <span>Завършено: {{ task.completed_at|date:"d F Y, H:i" }}</span>
+                    {% endif %}
+                </div>
+                {% if task.error_message %}
+                <div class="task-error">
+                    <strong>Грешка:</strong> {{ task.error_message }}
+                </div>
+                {% endif %}
+            </div>
+            {% endfor %}
+        </div>
+
+        <div class="pagination">
+            {% if page_obj.has_previous %}
+                <a href="?page=1" class="btn btn-secondary">Първа</a>
+                <a href="?page={{ page_obj.previous_page_number }}" class="btn btn-secondary">Предишна</a>
+            {% endif %}
+            <span class="page-info">Страница {{ page_obj.number }} от {{ page_obj.paginator.num_pages }}</span>
+            {% if page_obj.has_next %}
+                <a href="?page={{ page_obj.next_page_number }}" class="btn btn-secondary">Следваща</a>
+                <a href="?page={{ page_obj.paginator.num_pages }}" class="btn btn-secondary">Последна</a>
+            {% endif %}
+        </div>
+        {% else %}
+        <div class="empty-state">
+            <p>Не са намерени OSINT задачи.</p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/contact.html b/templates/reports/contact.html
new file mode 100644
index 0000000..777db01
--- /dev/null
+++ b/templates/reports/contact.html
@@ -0,0 +1,355 @@
+{% extends 'base.html' %}
+
+{% block title %}Свържете се с нас - Контакти{% endblock %}
+
+{% block extra_css %}
+<style>
+    .contact-hero {
+        background: linear-gradient(135deg, var(--gov-primary) 0%, var(--gov-primary-dark) 100%);
+        color: var(--gov-white);
+        padding: 4rem 3rem;
+        border-radius: 16px;
+        margin-bottom: 3rem;
+        text-align: center;
+        box-shadow: 0 12px 48px rgba(0, 51, 102, 0.3);
+        position: relative;
+        overflow: hidden;
+    }
+    
+    .contact-hero::before {
+        content: '';
+        position: absolute;
+        top: 0;
+        left: 0;
+        right: 0;
+        bottom: 0;
+        background: url("data:image/svg+xml,%3Csvg width='100' height='100' viewBox='0 0 100 100' xmlns='http://www.w3.org/2000/svg'%3E%3Cpath d='M11 18c3.866 0 7-3.134 7-7s-3.134-7-7-7-7 3.134-7 7 3.134 7 7 7zm48 25c3.866 0 7-3.134 7-7s-3.134-7-7-7-7 3.134-7 7 3.134 7 7 7zm-43-7c1.657 0 3-1.343 3-3s-1.343-3-3-3-3 1.343-3 3 1.343 3 3 3zm63 31c1.657 0 3-1.343 3-3s-1.343-3-3-3-3 1.343-3 3 1.343 3 3 3zM34 90c1.657 0 3-1.343 3-3s-1.343-3-3-3-3 1.343-3 3 1.343 3 3 3zm56-76c1.657 0 3-1.343 3-3s-1.343-3-3-3-3 1.343-3 3 1.343 3 3 3zM12 86c2.21 0 4-1.79 4-4s-1.79-4-4-4-4 1.79-4 4 1.79 4 4 4zm28-65c2.21 0 4-1.79 4-4s-1.79-4-4-4-4 1.79-4 4 1.79 4 4 4zm23-11c2.76 0 5-2.24 5-5s-2.24-5-5-5-5 2.24-5 5 2.24 5 5 5zm-6 60c2.21 0 4-1.79 4-4s-1.79-4-4-4-4 1.79-4 4 1.79 4 4 4zm29 22c2.76 0 5-2.24 5-5s-2.24-5-5-5-5 2.24-5 5 2.24 5 5 5zM32 63c2.76 0 5-2.24 5-5s-2.24-5-5-5-5 2.24-5 5 2.24 5 5 5zm57-13c2.76 0 5-2.24 5-5s-2.24-5-5-5-5 2.24-5 5 2.24 5 5 5zm-9-21c1.105 0 2-.895 2-2s-.895-2-2-2-2 .895-2 2 .895 2 2 2zM60 91c1.105 0 2-.895 2-2s-.895-2-2-2-2 .895-2 2 .895 2 2 2zM35 41c1.105 0 2-.895 2-2s-.895-2-2-2-2 .895-2 2 .895 2 2 2zM12 60c1.105 0 2-.895 2-2s-.895-2-2-2-2 .895-2 2 .895 2 2 2z' fill='%23ffffff' fill-opacity='0.03' fill-rule='evenodd'/%3E%3C/svg%3E");
+        opacity: 0.4;
+    }
+    
+    .contact-hero > * {
+        position: relative;
+        z-index: 1;
+    }
+    
+    .contact-hero h1 {
+        font-family: 'Roboto Slab', serif;
+        font-size: 3rem;
+        margin-bottom: 1.5rem;
+        text-shadow: 2px 2px 8px rgba(0, 0, 0, 0.3);
+        font-weight: 700;
+        letter-spacing: -0.5px;
+    }
+    
+    .contact-hero p {
+        font-size: 1.3rem;
+        opacity: 0.95;
+        line-height: 1.9;
+        max-width: 700px;
+        margin: 0 auto;
+        font-weight: 300;
+    }
+    
+    .contact-form-container {
+        max-width: 900px;
+        margin: 0 auto 3rem;
+    }
+    
+    .form-section-header {
+        background: linear-gradient(135deg, var(--gov-primary) 0%, var(--gov-primary-dark) 100%);
+        color: var(--gov-white);
+        padding: 2rem 2.5rem;
+        border-radius: 12px 12px 0 0;
+        margin-bottom: 0;
+        position: relative;
+        overflow: hidden;
+    }
+    
+    .form-section-header::before {
+        content: '';
+        position: absolute;
+        top: -50%;
+        right: -10%;
+        width: 200px;
+        height: 200px;
+        background: radial-gradient(circle, rgba(255, 215, 0, 0.1) 0%, transparent 70%);
+        border-radius: 50%;
+    }
+    
+    .form-section-header h2 {
+        font-family: 'Roboto Slab', serif;
+        margin: 0;
+        font-size: 2rem;
+        position: relative;
+        z-index: 1;
+        display: flex;
+        align-items: center;
+        gap: 1rem;
+    }
+    
+    .form-section-header h2::before {
+        content: '✉️';
+        font-size: 2rem;
+    }
+    
+    .contact-form-card {
+        background: var(--gov-white);
+        border-radius: 0 0 12px 12px;
+        box-shadow: 0 8px 32px rgba(0, 51, 102, 0.15);
+        border: 1px solid var(--gov-border);
+        overflow: hidden;
+    }
+    
+    .contact-form-body {
+        padding: 3rem;
+        background: linear-gradient(to bottom, #ffffff 0%, #f8f9fa 100%);
+    }
+    
+    .form-group label {
+        font-weight: 600;
+        color: var(--gov-primary);
+        margin-bottom: 0.75rem;
+        display: flex;
+        align-items: center;
+        gap: 0.5rem;
+        font-size: 0.95rem;
+    }
+    
+    .form-group label::before {
+        content: '▸';
+        color: var(--gov-secondary);
+        font-size: 0.8rem;
+    }
+    
+    .form-control {
+        border: 2px solid var(--gov-border);
+        border-radius: 8px;
+        padding: 0.875rem 1.25rem;
+        font-size: 1rem;
+        transition: all 0.3s ease;
+        background: var(--gov-white);
+    }
+    
+    .form-control:focus {
+        border-color: var(--gov-secondary);
+        box-shadow: 0 0 0 4px rgba(0, 102, 204, 0.1);
+        outline: none;
+        transform: translateY(-1px);
+    }
+    
+    textarea.form-control {
+        min-height: 150px;
+        resize: vertical;
+    }
+    
+    .form-actions {
+        margin-top: 2.5rem;
+        padding-top: 2rem;
+        border-top: 2px solid var(--gov-gray-light);
+        display: flex;
+        gap: 1rem;
+        justify-content: flex-end;
+    }
+    
+    .form-actions .btn {
+        padding: 1rem 2.5rem;
+        font-size: 1.05rem;
+        font-weight: 600;
+        border-radius: 8px;
+        min-width: 180px;
+    }
+    
+    .faq-section {
+        background: linear-gradient(135deg, #f8f9fa 0%, #ffffff 100%);
+        border-radius: 12px;
+        overflow: hidden;
+    }
+    
+    .faq-item {
+        padding: 1.5rem;
+        border-bottom: 1px solid var(--gov-gray-light);
+        transition: all 0.3s ease;
+    }
+    
+    .faq-item:last-child {
+        border-bottom: none;
+    }
+    
+    .faq-item:hover {
+        background: rgba(0, 102, 204, 0.03);
+        padding-left: 2rem;
+    }
+    
+    .faq-item h3 {
+        color: var(--gov-primary);
+        margin-bottom: 0.75rem;
+        font-size: 1.2rem;
+        display: flex;
+        align-items: center;
+        gap: 0.75rem;
+    }
+    
+    .faq-item h3::before {
+        content: '❓';
+        font-size: 1.5rem;
+    }
+    
+    .faq-item p {
+        color: var(--gov-gray);
+        line-height: 1.8;
+        margin: 0;
+    }
+    
+    .faq-item a {
+        color: var(--gov-secondary);
+        font-weight: 600;
+        text-decoration: none;
+        transition: color 0.3s ease;
+    }
+    
+    .faq-item a:hover {
+        color: var(--gov-primary);
+        text-decoration: underline;
+    }
+    
+    @media (max-width: 768px) {
+        .contact-hero {
+            padding: 2.5rem 1.5rem;
+        }
+        
+        .contact-hero h1 {
+            font-size: 2rem;
+        }
+        
+        .contact-hero p {
+            font-size: 1.1rem;
+        }
+        
+        .contact-form-body {
+            padding: 2rem 1.5rem;
+        }
+        
+        .form-section-header {
+            padding: 1.5rem;
+        }
+        
+        .form-section-header h2 {
+            font-size: 1.5rem;
+        }
+        
+        .form-actions {
+            flex-direction: column;
+        }
+        
+        .form-actions .btn {
+            width: 100%;
+        }
+    }
+</style>
+{% endblock %}
+
+{% block content %}
+<!-- Hero Section -->
+<div class="contact-hero">
+    <h1>Свържете се с нас</h1>
+    <p>Имате въпрос, предложение или нужда от помощ? Нашият екип е готов да ви помогне.</p>
+</div>
+
+
+<!-- Contact Form -->
+<div class="contact-form-container">
+    <div class="contact-form-card">
+        <div class="form-section-header">
+            <h2>Изпратете ни съобщение</h2>
+        </div>
+        <div class="contact-form-body">
+            <form method="post">
+                {% csrf_token %}
+                
+                {# Hidden bot protection fields #}
+                {% for field in form.hidden_fields %}
+                    {{ field }}
+                {% endfor %}
+                
+                <div class="form-row">
+                    <div class="form-group">
+                        <label for="{{ form.name.id_for_label }}">{{ form.name.label }}</label>
+                        {{ form.name }}
+                        {% if form.name.errors %}
+                        <div class="error-message">{{ form.name.errors }}</div>
+                        {% endif %}
+                    </div>
+                    
+                    <div class="form-group">
+                        <label for="{{ form.email.id_for_label }}">{{ form.email.label }}</label>
+                        {{ form.email }}
+                        {% if form.email.errors %}
+                        <div class="error-message">{{ form.email.errors }}</div>
+                        {% endif %}
+                    </div>
+                </div>
+                
+                <div class="form-group">
+                    <label for="{{ form.inquiry_type.id_for_label }}">{{ form.inquiry_type.label }}</label>
+                    {{ form.inquiry_type }}
+                    {% if form.inquiry_type.errors %}
+                    <div class="error-message">{{ form.inquiry_type.errors }}</div>
+                    {% endif %}
+                </div>
+                
+                <div class="form-group">
+                    <label for="{{ form.subject.id_for_label }}">{{ form.subject.label }}</label>
+                    {{ form.subject }}
+                    {% if form.subject.errors %}
+                    <div class="error-message">{{ form.subject.errors }}</div>
+                    {% endif %}
+                </div>
+                
+                <div class="form-group">
+                    <label for="{{ form.message.id_for_label }}">{{ form.message.label }}</label>
+                    {{ form.message }}
+                    {% if form.message.errors %}
+                    <div class="error-message">{{ form.message.errors }}</div>
+                    {% endif %}
+                    <small class="form-text">Моля, опишете подробно вашия въпрос или проблем.</small>
+                </div>
+                
+                <div class="form-actions">
+                    <button type="submit" class="btn btn-primary">Изпрати Съобщение</button>
+                    <a href="{% url 'reports:home' %}" class="btn btn-secondary">Отказ</a>
+                </div>
+            </form>
+        </div>
+    </div>
+</div>
+
+<!-- Additional Information -->
+<div class="gov-card faq-section" style="margin-top: 3rem;">
+    <div class="gov-card-header">
+        <h2>Често задавани въпроси</h2>
+        <p style="color: var(--gov-gray); margin-top: 0.5rem; font-weight: normal;">Най-често задавани въпроси и отговори</p>
+    </div>
+    <div class="gov-card-body" style="padding: 0;">
+        <div class="faq-item">
+            <h3>Как да докладвам измама?</h3>
+            <p>Можете да докладвате измама като използвате формата за <a href="{% url 'reports:create' %}">докладване</a>. Моля, предоставете всички налични детайли за да помогнем на другите граждани.</p>
+        </div>
+        
+        <div class="faq-item">
+            <h3>Колко време отнема прегледът на доклад?</h3>
+            <p>Нашият екип преглежда всички доклади в рамките на 2-5 работни дни. Ще получите уведомление по имейл когато докладът ви бъде прегледан.</p>
+        </div>
+        
+        <div class="faq-item">
+            <h3>Мога ли да остана анонимен?</h3>
+            <p>Да, можете да докладвате анонимно. Вашата лична информация ще бъде защитена и няма да бъде разкрита публично.</p>
+        </div>
+        
+        <div class="faq-item">
+            <h3>Как да проверя статуса на моя доклад?</h3>
+            <p>Ако сте регистриран потребител, можете да видите статуса на всички ваши доклади в секцията <a href="{% url 'reports:my_reports' %}">Моите Доклади</a>.</p>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/create.html b/templates/reports/create.html
new file mode 100644
index 0000000..2e6c091
--- /dev/null
+++ b/templates/reports/create.html
@@ -0,0 +1,101 @@
+{% extends 'base.html' %}
+
+{% block title %}Докладване на Измама - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Докладване на Измама или Мошеничество</h2>
+    <p class="form-description">Помогнете да защитим другите граждани, като докладвате измами. Всички доклади се преглеждат от модератори преди публикуване.</p>
+    
+    <form method="post" enctype="multipart/form-data" data-loading>
+        {% csrf_token %}
+        <div class="form-group">
+            <label for="id_title">Заглавие *</label>
+            {{ form.title }}
+            {% if form.title.errors %}
+                <div class="error-message">{{ form.title.errors }}</div>
+            {% endif %}
+            <small class="form-text" data-tooltip="Кратко и описателно заглавие на измамата">Кратко и описателно заглавие</small>
+        </div>
+
+        <div class="form-group">
+            <label for="id_description">Описание *</label>
+            {{ form.description }}
+            {% if form.description.errors %}
+                <div class="error-message">{{ form.description.errors }}</div>
+            {% endif %}
+            <small class="form-text" data-tooltip="Включете всички важни детайли: какво се е случило, кога, къде">Предоставете подробна информация за измамата</small>
+        </div>
+
+        <div class="form-group">
+            <label for="id_scam_type">Вид Измама *</label>
+            {{ form.scam_type }}
+            {% if form.scam_type.errors %}
+                <div class="error-message">{{ form.scam_type.errors }}</div>
+            {% endif %}
+        </div>
+
+        <div class="form-row">
+            <div class="form-group">
+                <label for="id_reported_url">Докладван URL</label>
+                {{ form.reported_url }}
+                {% if form.reported_url.errors %}
+                    <div class="error-message">{{ form.reported_url.errors }}</div>
+                {% endif %}
+            </div>
+
+            <div class="form-group">
+                <label for="id_reported_email">Докладван Имейл</label>
+                {{ form.reported_email }}
+                {% if form.reported_email.errors %}
+                    <div class="error-message">{{ form.reported_email.errors }}</div>
+                {% endif %}
+            </div>
+        </div>
+
+        <div class="form-row">
+            <div class="form-group">
+                <label for="id_reported_phone">Докладван Телефон</label>
+                {{ form.reported_phone }}
+                {% if form.reported_phone.errors %}
+                    <div class="error-message">{{ form.reported_phone.errors }}</div>
+                {% endif %}
+            </div>
+
+            <div class="form-group">
+                <label for="id_reported_company">Докладвана Фирма</label>
+                {{ form.reported_company }}
+                {% if form.reported_company.errors %}
+                    <div class="error-message">{{ form.reported_company.errors }}</div>
+                {% endif %}
+            </div>
+        </div>
+
+        <div class="form-group">
+            <label for="id_tags">Етикети</label>
+            {{ form.tags }}
+            {% if form.tags.errors %}
+                <div class="error-message">{{ form.tags.errors }}</div>
+            {% endif %}
+            <small class="form-text">Задръжте Ctrl/Cmd за избор на множество етикети</small>
+        </div>
+
+        <div class="form-group">
+            <label class="checkbox-label">
+                {{ form.is_anonymous }}
+                Докладване анонимно
+                <span data-tooltip="Вашият профил няма да бъде видим в публичния доклад">ℹ️</span>
+            </label>
+            {% if form.is_anonymous.errors %}
+                <div class="error-message">{{ form.is_anonymous.errors }}</div>
+            {% endif %}
+        </div>
+
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary" data-tooltip="Докладът ще бъде изпратен за преглед от модератор">Изпращане на Доклад</button>
+            <a href="{% url 'reports:home' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/delete.html b/templates/reports/delete.html
new file mode 100644
index 0000000..f607a4d
--- /dev/null
+++ b/templates/reports/delete.html
@@ -0,0 +1,26 @@
+{% extends 'base.html' %}
+
+{% block title %}Изтриване на Доклад - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Изтриване на Доклад</h2>
+    <div class="gov-alert gov-alert-warning">
+        <div class="alert-icon">⚠</div>
+        <div class="alert-content">
+            <p>Сигурни ли сте, че искате да изтриете този доклад?</p>
+            <p><strong>{{ object.title }}</strong></p>
+            <p>Това действие не може да бъде отменено.</p>
+        </div>
+    </div>
+    
+    <form method="post" data-loading>
+        {% csrf_token %}
+        <div class="form-actions">
+            <button type="submit" class="btn btn-danger" data-tooltip="Това действие е необратимо">Да, Изтривам</button>
+            <a href="{% url 'reports:my_reports' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/detail.html b/templates/reports/detail.html
new file mode 100644
index 0000000..d08cf47
--- /dev/null
+++ b/templates/reports/detail.html
@@ -0,0 +1,193 @@
+{% extends 'base.html' %}
+{% load static %}
+
+{% block title %}{{ report.title }} - Портал за Докладване на Измами{% endblock %}
+
+{% block schema_type %}Article{% endblock %}
+
+{% block extra_head %}
+<!-- Article Structured Data -->
+<script type="application/ld+json">
+{
+    "@context": "https://schema.org",
+    "@type": "Article",
+    "headline": "{{ report.title|escapejs }}",
+    "description": "{{ report.description|truncatewords:30|escapejs }}",
+    "datePublished": "{{ report.created_at|date:'c' }}",
+    "dateModified": "{{ report.updated_at|date:'c'|default:report.created_at|date:'c' }}",
+    "author": {
+        "@type": "Organization",
+        "name": "{{ seo.site_name }}"
+    },
+    "publisher": {
+        "@type": "GovernmentOrganization",
+        "name": "{{ seo.site_name }}",
+        "logo": {
+            "@type": "ImageObject",
+            "url": "{{ seo.site_image }}"
+        }
+    },
+    "mainEntityOfPage": {
+        "@type": "WebPage",
+        "@id": "{{ seo.canonical_url }}"
+    },
+    "articleSection": "{{ report.get_scam_type_display }}",
+    "keywords": "{{ report.tags.all|join:', ' }}, измама, {{ report.get_scam_type_display }}"
+}
+</script>
+{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h1>{{ report.title }}</h1>
+        <div class="report-badges">
+            <span class="badge badge-{{ report.scam_type }}">{{ report.get_scam_type_display }}</span>
+            {% if report.status == 'verified' %}
+            <span class="badge badge-verified">Потвърдено</span>
+            {% elif report.status == 'rejected' %}
+            <span class="badge badge-rejected">Отхвърлено</span>
+            {% elif report.status == 'pending' %}
+            <span class="badge badge-pending">Чака Преглед</span>
+            {% elif report.status == 'under_review' %}
+            <span class="badge badge-under_review">В Преглед</span>
+            {% endif %}
+            {% if report.verification_score %}
+            <span class="badge badge-score">Проверка: {{ report.verification_score }}%</span>
+            {% endif %}
+        </div>
+    </div>
+
+    <div class="gov-card-body">
+        {% if report.status == 'rejected' and user.is_authenticated and report.reporter == user and rejection_action and rejection_action.reason %}
+        <div class="gov-alert gov-alert-error" style="margin-bottom: 1.5rem;">
+            <div class="alert-icon">✕</div>
+            <div class="alert-content">
+                <strong>Докладът е отхвърлен</strong>
+                <p style="margin: 0.75rem 0 0 0; font-size: 1.05rem;"><strong>Причина за отхвърляне:</strong></p>
+                <p style="margin: 0.5rem 0 0 0; padding: 0.75rem; background: rgba(220, 53, 69, 0.1); border-radius: 6px; border-left: 3px solid var(--gov-danger);">
+                    {{ rejection_action.reason }}
+                </p>
+                <p style="margin: 0.75rem 0 0 0; font-size: 0.9rem; color: var(--gov-gray);">
+                    <strong>Отхвърлен на:</strong> {{ rejection_action.created_at|date:"d.m.Y в H:i" }}<br>
+                    <strong>От:</strong> {{ rejection_action.moderator.username|default:"модератор" }}
+                </p>
+                <div style="margin-top: 1rem;">
+                    <a href="{% url 'reports:edit' report.pk %}" class="btn btn-primary btn-sm">Редактиране и Повторно Изпращане</a>
+                </div>
+            </div>
+        </div>
+        {% endif %}
+        
+        <div class="info-grid" style="margin-bottom: 2rem;">
+            <div class="info-item">
+                <strong>Статус:</strong> <span class="badge badge-{{ report.status }}">{{ report.get_status_display }}</span>
+            </div>
+            <div class="info-item">
+                <strong>Докладвано на:</strong> {{ report.created_at|date:"d F Y, H:i" }}
+            </div>
+            <div class="info-item">
+                <strong>Докладвано от:</strong> {{ report.get_reporter_display }}
+            </div>
+            {% if report.verified_at %}
+            <div class="info-item">
+                <strong>Потвърдено на:</strong> {{ report.verified_at|date:"d F Y, H:i" }}
+            </div>
+            {% endif %}
+        </div>
+
+        <div class="info-section">
+            <h3>Описание</h3>
+            <p style="line-height: 1.8; color: var(--gov-dark);">{{ report.description|linebreaks }}</p>
+        </div>
+
+        <div class="info-section">
+            <h3>Докладвани Обекти</h3>
+            <ul style="list-style: none; padding: 0;">
+                {% if report.reported_url %}
+                <li style="padding: 0.75rem; background: var(--gov-light); margin-bottom: 0.5rem; border-radius: 6px;">
+                    <strong>URL:</strong> <a href="{{ report.reported_url }}" target="_blank" rel="noopener">{{ report.reported_url }}</a>
+                </li>
+                {% endif %}
+                {% if report.reported_email %}
+                <li style="padding: 0.75rem; background: var(--gov-light); margin-bottom: 0.5rem; border-radius: 6px;">
+                    <strong>Имейл:</strong> {{ report.reported_email }}
+                </li>
+                {% endif %}
+                {% if report.reported_phone %}
+                <li style="padding: 0.75rem; background: var(--gov-light); margin-bottom: 0.5rem; border-radius: 6px;">
+                    <strong>Телефон:</strong> {{ report.reported_phone }}
+                </li>
+                {% endif %}
+                {% if report.reported_company %}
+                <li style="padding: 0.75rem; background: var(--gov-light); margin-bottom: 0.5rem; border-radius: 6px;">
+                    <strong>Фирма:</strong> {{ report.reported_company }}
+                </li>
+                {% endif %}
+            </ul>
+        </div>
+
+        {% if report.tags.all %}
+        <div class="info-section">
+            <h3>Етикети</h3>
+            <div class="report-tags">
+                {% for tag in report.tags.all %}
+                <span class="tag" style="background-color: {{ tag.color }}">{{ tag.name }}</span>
+                {% endfor %}
+            </div>
+        </div>
+        {% endif %}
+
+        {% if report.verifications.all %}
+        <div class="info-section">
+            <h3>Детайли за Проверка</h3>
+            {% for verification in report.verifications.all %}
+            <div class="verification-item" style="padding: 1rem; background: var(--gov-light); margin-bottom: 1rem; border-radius: 8px; border-left: 4px solid var(--gov-secondary);">
+                <strong>{{ verification.get_verification_method_display }}:</strong>
+                <span>Увереност: {{ verification.confidence_score }}%</span>
+                {% if verification.notes %}
+                <p style="margin-top: 0.5rem; color: var(--gov-gray);">{{ verification.notes }}</p>
+                {% endif %}
+            </div>
+            {% endfor %}
+        </div>
+        {% endif %}
+
+        {% if user.is_authenticated and report.reporter == user %}
+        <div class="report-actions">
+            {% if report.status == 'pending' %}
+            <a href="{% url 'reports:edit' report.pk %}" class="btn btn-secondary">Редактиране</a>
+            <a href="{% url 'reports:delete' report.pk %}" 
+               class="btn btn-danger" 
+               data-confirm="Сигурни ли сте, че искате да изтриете този доклад? Това действие не може да бъде отменено."
+               data-confirm-title="Изтриване на Доклад">Изтриване</a>
+            {% elif report.status == 'rejected' %}
+            <a href="{% url 'reports:edit' report.pk %}" class="btn btn-primary">Редактиране и Повторно Изпращане</a>
+            <a href="{% url 'reports:delete' report.pk %}" 
+               class="btn btn-danger" 
+               data-confirm="Сигурни ли сте, че искате да изтриете този отхвърлен доклад? Това действие не може да бъде отменено."
+               data-confirm-title="Изтриване на Доклад">Изтриване</a>
+            {% endif %}
+        </div>
+        {% endif %}
+        
+        {% if report.status == 'verified' and report.is_public %}
+        <div class="report-actions" style="margin-top: 2rem; padding-top: 2rem; border-top: 2px solid var(--gov-gray-light);">
+            <div style="background: var(--gov-light); padding: 1.5rem; border-radius: 8px; border-left: 4px solid var(--gov-warning);">
+                <h4 style="margin: 0 0 0.75rem 0; color: var(--gov-primary); display: flex; align-items: center; gap: 0.5rem;">
+                    <span>⚠️</span>
+                    <span>Смятате ли, че този доклад е несправедлив?</span>
+                </h4>
+                <p style="margin: 0 0 1rem 0; color: var(--gov-gray); line-height: 1.6;">
+                    Ако сте обект на този доклад и смятате, че информацията е невярна или несправедлива, можете да подадете заявка за премахване.
+                </p>
+                <a href="{% url 'reports:takedown_request' report.pk %}" class="btn btn-secondary">
+                    📝 Заявка за Премахване на Доклад
+                </a>
+            </div>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/edit.html b/templates/reports/edit.html
new file mode 100644
index 0000000..204cfbf
--- /dev/null
+++ b/templates/reports/edit.html
@@ -0,0 +1,73 @@
+{% extends 'base.html' %}
+
+{% block title %}Редактиране на Доклад - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="form-container">
+    <h2>Редактиране на Доклад</h2>
+    {% if object.status == 'rejected' %}
+    <div class="gov-alert gov-alert-warning" style="margin-bottom: 1.5rem;">
+        <div class="alert-icon">⚠</div>
+        <div class="alert-content">
+            <strong>Този доклад е бил отхвърлен.</strong>
+            <p style="margin: 0.5rem 0 0 0;">След като направите промените, докладът ще бъде изпратен отново за преглед.</p>
+        </div>
+    </div>
+    {% else %}
+    <p class="form-description">Можете да редактирате доклади, които чакат преглед.</p>
+    {% endif %}
+    
+    <form method="post" data-loading>
+        {% csrf_token %}
+        <div class="form-group">
+            <label for="id_title">Заглавие *</label>
+            {{ form.title }}
+        </div>
+
+        <div class="form-group">
+            <label for="id_description">Описание *</label>
+            {{ form.description }}
+        </div>
+
+        <div class="form-group">
+            <label for="id_scam_type">Вид Измама *</label>
+            {{ form.scam_type }}
+        </div>
+
+        <div class="form-row">
+            <div class="form-group">
+                <label for="id_reported_url">Докладван URL</label>
+                {{ form.reported_url }}
+            </div>
+
+            <div class="form-group">
+                <label for="id_reported_email">Докладван Имейл</label>
+                {{ form.reported_email }}
+            </div>
+        </div>
+
+        <div class="form-row">
+            <div class="form-group">
+                <label for="id_reported_phone">Докладван Телефон</label>
+                {{ form.reported_phone }}
+            </div>
+
+            <div class="form-group">
+                <label for="id_reported_company">Докладвана Фирма</label>
+                {{ form.reported_company }}
+            </div>
+        </div>
+
+        <div class="form-group">
+            <label for="id_tags">Етикети</label>
+            {{ form.tags }}
+        </div>
+
+        <div class="form-actions">
+            <button type="submit" class="btn btn-primary" data-tooltip="Промените ще бъдат запазени">Запазване на Промените</button>
+            <a href="{% url 'reports:my_reports' %}" class="btn btn-secondary">Отказ</a>
+        </div>
+    </form>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/home.html b/templates/reports/home.html
new file mode 100644
index 0000000..e987044
--- /dev/null
+++ b/templates/reports/home.html
@@ -0,0 +1,126 @@
+{% extends 'base.html' %}
+{% load static %}
+
+{% block title %}Начало - Портал за Докладване на Измами{% endblock %}
+
+{% block schema_type %}WebSite{% endblock %}
+
+{% block extra_head %}
+<!-- Website Structured Data with SearchAction -->
+<script type="application/ld+json">
+{
+    "@context": "https://schema.org",
+    "@type": "WebSite",
+    "name": "{{ seo.site_name }}",
+    "url": "{{ seo.site_url }}",
+    "description": "{{ seo.site_description }}",
+    "inLanguage": "bg",
+    "potentialAction": {
+        "@type": "SearchAction",
+        "target": {
+            "@type": "EntryPoint",
+            "urlTemplate": "{{ seo.site_url }}/search/?q={search_term_string}"
+        },
+        "query-input": "required name=search_term_string"
+    }
+}
+</script>
+
+<!-- BreadcrumbList Structured Data -->
+<script type="application/ld+json">
+{
+    "@context": "https://schema.org",
+    "@type": "BreadcrumbList",
+    "itemListElement": [{
+        "@type": "ListItem",
+        "position": 1,
+        "name": "Начало",
+        "item": "{{ seo.site_url }}"
+    }]
+}
+</script>
+{% endblock %}
+
+{% block content %}
+<div class="home-hero">
+    <div class="home-hero-content">
+        <div class="home-hero-text">
+            <h1>Добре дошли в Портала за Докладване на Измами</h1>
+            <p class="lead">Докладвайте измами, за да помогнете на другите граждани в българското интернет пространство.</p>
+            <div class="home-hero-actions">
+                <a href="{% url 'reports:create' %}" class="btn btn-primary">Докладване на Измама</a>
+                <a href="{% url 'reports:list' %}" class="btn btn-secondary">Преглед на Докладите</a>
+            </div>
+        </div>
+        <div class="home-hero-image">
+            <img src="{% static 'images/home.jpg' %}" alt="Официален Портал за Докладване на Измами" />
+        </div>
+    </div>
+</div>
+
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Статистика на Платформата</h2>
+    </div>
+    <div class="stats-grid">
+        <div class="stat-card">
+            <h3>{{ total_reports|default:0 }}</h3>
+            <p>Потвърдени Доклади</p>
+        </div>
+    </div>
+</div>
+
+{% if recent_reports %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Последни Доклади</h2>
+    </div>
+    <div class="reports-list">
+        {% for report in recent_reports %}
+        <div class="report-card">
+            <div class="report-header">
+                <h3><a href="{% url 'reports:detail' report.pk %}">{{ report.title }}</a></h3>
+                <span class="badge badge-{{ report.scam_type }}">{{ report.get_scam_type_display }}</span>
+            </div>
+            <div class="report-meta">
+                <span>{{ report.created_at|date:"d M Y" }}</span>
+                <span>от {{ report.get_reporter_display }}</span>
+            </div>
+        </div>
+        {% endfor %}
+    </div>
+</div>
+{% endif %}
+
+{% if scam_types %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Разпределение по Видове Измами</h2>
+    </div>
+    <div class="gov-card-body">
+        <div class="scam-types-grid">
+            {% for type in scam_types %}
+            <div class="scam-type-card">
+                <div class="scam-type-header">
+                    <span class="badge badge-{{ type.scam_type }}" style="font-size: 0.9rem; padding: 0.5rem 1rem;">
+                        {{ type.display_name }}
+                    </span>
+                    <div class="scam-type-count">
+                        <span class="count-number">{{ type.count }}</span>
+                        <span class="count-label">доклад{{ type.count|pluralize:"а,а" }}</span>
+                    </div>
+                </div>
+                <div class="scam-type-bar">
+                    <div class="scam-type-bar-fill" style="width: {{ type.percentage }}%"></div>
+                </div>
+                <div class="scam-type-percentage">
+                    {{ type.percentage }}% от общия брой
+                </div>
+            </div>
+            {% endfor %}
+        </div>
+    </div>
+</div>
+{% endif %}
+{% endblock %}
+
diff --git a/templates/reports/list.html b/templates/reports/list.html
new file mode 100644
index 0000000..a5ff0db
--- /dev/null
+++ b/templates/reports/list.html
@@ -0,0 +1,78 @@
+{% extends 'base.html' %}
+
+{% block title %}Потвърдени Доклади - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Потвърдени Доклади за Измами</h2>
+        <div style="display: flex; gap: 1rem; flex-wrap: wrap;">
+            <a href="{% url 'reports:create' %}" class="btn btn-primary" data-tooltip="Докладвайте нова измама или мошеничество">Докладване на Измама</a>
+            <a href="{% url 'reports:search' %}" class="btn btn-secondary" data-tooltip="Търсене в базата данни с доклади">Търсене</a>
+        </div>
+    </div>
+    <div class="gov-card-body">
+
+        {% if reports %}
+        <div class="reports-list">
+            {% for report in reports %}
+            <div class="report-card">
+                <div class="report-header">
+                    <h3><a href="{% url 'reports:detail' report.pk %}">{{ report.title }}</a></h3>
+                    <div style="display: flex; gap: 0.5rem; flex-wrap: wrap;">
+                        <span class="badge badge-{{ report.scam_type }}">{{ report.get_scam_type_display }}</span>
+                        {% if report.is_auto_discovered %}
+                        <span class="badge" style="background: linear-gradient(135deg, #17a2b8 0%, #138496 100%); color: white;" title="Автоматично открит от OSINT системата">🤖 OSINT</span>
+                        {% endif %}
+                    </div>
+                </div>
+                <div class="report-meta">
+                    <span class="date">{{ report.created_at|date:"d F Y" }}</span>
+                    <span class="reporter">от {{ report.get_reporter_display }}</span>
+                    {% if report.verification_score %}
+                    <span class="verification-score">Проверка: {{ report.verification_score }}%</span>
+                    {% endif %}
+                </div>
+                <p class="report-description">{{ report.description|truncatewords:50 }}</p>
+                {% if report.tags.all %}
+                <div class="report-tags">
+                    {% for tag in report.tags.all %}
+                    <span class="tag" style="background-color: {{ tag.color }}">{{ tag.name }}</span>
+                    {% endfor %}
+                </div>
+                {% endif %}
+                <div class="report-entities">
+                    {% if report.reported_url %}
+                    <span class="entity">URL: <a href="{{ report.reported_url }}" target="_blank" rel="noopener">{{ report.reported_url|truncatechars:50 }}</a></span>
+                    {% endif %}
+                    {% if report.reported_email %}
+                    <span class="entity">Имейл: {{ report.reported_email }}</span>
+                    {% endif %}
+                    {% if report.reported_phone %}
+                    <span class="entity">Телефон: {{ report.reported_phone }}</span>
+                    {% endif %}
+                </div>
+            </div>
+            {% endfor %}
+        </div>
+
+        <div class="pagination">
+            {% if page_obj.has_previous %}
+                <a href="?page=1" class="btn btn-secondary">Първа</a>
+                <a href="?page={{ page_obj.previous_page_number }}" class="btn btn-secondary">Предишна</a>
+            {% endif %}
+            <span class="page-info">Страница {{ page_obj.number }} от {{ page_obj.paginator.num_pages }}</span>
+            {% if page_obj.has_next %}
+                <a href="?page={{ page_obj.next_page_number }}" class="btn btn-secondary">Следваща</a>
+                <a href="?page={{ page_obj.paginator.num_pages }}" class="btn btn-secondary">Последна</a>
+            {% endif %}
+        </div>
+        {% else %}
+        <div class="empty-state">
+            <p>Все още няма потвърдени доклади. Бъдете първият, който <a href="{% url 'reports:create' %}">докладва измама</a>!</p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/my_reports.html b/templates/reports/my_reports.html
new file mode 100644
index 0000000..31f92ac
--- /dev/null
+++ b/templates/reports/my_reports.html
@@ -0,0 +1,77 @@
+{% extends 'base.html' %}
+
+{% block title %}Моите Доклади - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Моите Доклади</h2>
+        <a href="{% url 'reports:create' %}" class="btn btn-primary">Докладване на Измама</a>
+    </div>
+    <div class="gov-card-body">
+
+        {% if reports %}
+        <div class="reports-list">
+            {% for report in reports %}
+            <div class="report-card">
+                <div class="report-header">
+                    <h3><a href="{% url 'reports:detail' report.pk %}">{{ report.title }}</a></h3>
+                    <span class="badge badge-{{ report.status }}">{{ report.get_status_display }}</span>
+                </div>
+                <div class="report-meta">
+                    <span class="date">{{ report.created_at|date:"d F Y" }}</span>
+                    <span class="scam-type">{{ report.get_scam_type_display }}</span>
+                </div>
+                {% if report.status == 'rejected' and report.rejection_action and report.rejection_reason %}
+                <div class="gov-alert gov-alert-error" style="margin-bottom: 1rem;">
+                    <div class="alert-icon">✕</div>
+                    <div class="alert-content">
+                        <strong>Докладът е отхвърлен</strong>
+                        <p style="margin: 0.5rem 0 0 0;"><strong>Причина:</strong> {{ report.rejection_reason }}</p>
+                        <p style="margin: 0.5rem 0 0 0; font-size: 0.9rem; color: var(--gov-gray);">
+                            Отхвърлен на {{ report.rejection_action.created_at|date:"d.m.Y в H:i" }} от {{ report.rejection_action.moderator.username|default:"модератор" }}
+                        </p>
+                    </div>
+                </div>
+                {% endif %}
+                <p class="report-description">{{ report.description|truncatewords:30 }}</p>
+                <div class="report-actions">
+                    <a href="{% url 'reports:detail' report.pk %}" class="btn btn-sm btn-secondary" data-tooltip="Преглед на детайли">Преглед</a>
+                    {% if report.status == 'pending' %}
+                    <a href="{% url 'reports:edit' report.pk %}" class="btn btn-sm btn-secondary" data-tooltip="Редактиране на доклад">Редактиране</a>
+                    <a href="{% url 'reports:delete' report.pk %}" 
+                       class="btn btn-sm btn-danger" 
+                       data-confirm="Сигурни ли сте, че искате да изтриете този доклад? Това действие не може да бъде отменено."
+                       data-confirm-title="Изтриване на Доклад">Изтриване</a>
+                    {% elif report.status == 'rejected' %}
+                    <a href="{% url 'reports:edit' report.pk %}" class="btn btn-sm btn-primary" data-tooltip="Редактирайте доклада според обратната връзка и изпратете отново">Редактиране и Повторно Изпращане</a>
+                    <a href="{% url 'reports:delete' report.pk %}" 
+                       class="btn btn-sm btn-danger" 
+                       data-confirm="Сигурни ли сте, че искате да изтриете този отхвърлен доклад? Това действие не може да бъде отменено."
+                       data-confirm-title="Изтриване на Доклад">Изтриване</a>
+                    {% endif %}
+                </div>
+            </div>
+            {% endfor %}
+        </div>
+
+        <div class="pagination">
+            {% if page_obj.has_previous %}
+                <a href="?page=1" class="btn btn-secondary">Първа</a>
+                <a href="?page={{ page_obj.previous_page_number }}" class="btn btn-secondary">Предишна</a>
+            {% endif %}
+            <span class="page-info">Страница {{ page_obj.number }} от {{ page_obj.paginator.num_pages }}</span>
+            {% if page_obj.has_next %}
+                <a href="?page={{ page_obj.next_page_number }}" class="btn btn-secondary">Следваща</a>
+                <a href="?page={{ page_obj.paginator.num_pages }}" class="btn btn-secondary">Последна</a>
+            {% endif %}
+        </div>
+        {% else %}
+        <div class="empty-state">
+            <p>Все още не сте изпратили доклади. <a href="{% url 'reports:create' %}">Докладвайте първата си измама</a>!</p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/search.html b/templates/reports/search.html
new file mode 100644
index 0000000..3faac64
--- /dev/null
+++ b/templates/reports/search.html
@@ -0,0 +1,54 @@
+{% extends 'base.html' %}
+
+{% block title %}Търсене на Доклади - Официален Портал{% endblock %}
+
+{% block content %}
+<div class="gov-card">
+    <div class="gov-card-header">
+        <h2>Търсене на Доклади за Измами</h2>
+    </div>
+    <div class="gov-card-body">
+        <form method="get" class="search-form" style="margin-bottom: 2rem;">
+            <div class="form-row">
+                <div class="form-group">
+                    <input type="text" name="q" class="form-control" placeholder="Търсене по заглавие, описание, URL или имейл..." value="{{ request.GET.q }}">
+                </div>
+                <div class="form-group">
+                    <select name="type" class="form-control">
+                        <option value="">Всички Видове</option>
+                        {% for value, label in scam_type_choices %}
+                            <option value="{{ value }}" {% if request.GET.type == value %}selected{% endif %}>{{ label }}</option>
+                        {% endfor %}
+                    </select>
+                </div>
+                <button type="submit" class="btn btn-primary">Търсене</button>
+            </div>
+        </form>
+
+        {% if reports %}
+        <div class="search-results">
+            <p class="results-count" style="font-weight: 600; color: var(--gov-primary); margin-bottom: 1.5rem;">Намерени {{ reports.count }} резултат(а)</p>
+            <div class="reports-list">
+                {% for report in reports %}
+                <div class="report-card">
+                    <div class="report-header">
+                        <h3><a href="{% url 'reports:detail' report.pk %}">{{ report.title }}</a></h3>
+                        <span class="badge badge-{{ report.scam_type }}">{{ report.get_scam_type_display }}</span>
+                    </div>
+                    <div class="report-meta">
+                        <span class="date">{{ report.created_at|date:"d F Y" }}</span>
+                    </div>
+                    <p class="report-description">{{ report.description|truncatewords:30 }}</p>
+                </div>
+                {% endfor %}
+            </div>
+        </div>
+        {% elif request.GET.q %}
+        <div class="empty-state">
+            <p>Не са намерени резултати за "{{ request.GET.q }}". Опитайте с различни термини за търсене.</p>
+        </div>
+        {% endif %}
+    </div>
+</div>
+{% endblock %}
+
diff --git a/templates/reports/takedown_request.html b/templates/reports/takedown_request.html
new file mode 100644
index 0000000..6ca01d7
--- /dev/null
+++ b/templates/reports/takedown_request.html
@@ -0,0 +1,244 @@
+{% extends 'base.html' %}
+{% load static %}
+
+{% block title %}Заявка за Премахване - {{ report.title }}{% endblock %}
+
+{% block extra_css %}
+<style>
+    .takedown-hero {
+        background: linear-gradient(135deg, var(--gov-warning) 0%, #e0a800 100%);
+        color: var(--gov-white);
+        padding: 3rem 2.5rem;
+        border-radius: 12px;
+        margin-bottom: 2.5rem;
+        text-align: center;
+        box-shadow: 0 8px 24px rgba(255, 193, 7, 0.3);
+    }
+    
+    .takedown-hero h1 {
+        font-family: 'Roboto Slab', serif;
+        font-size: 2.5rem;
+        margin-bottom: 1rem;
+        text-shadow: 2px 2px 6px rgba(0, 0, 0, 0.2);
+    }
+    
+    .takedown-hero p {
+        font-size: 1.1rem;
+        opacity: 0.95;
+        line-height: 1.7;
+        max-width: 800px;
+        margin: 0 auto;
+    }
+    
+    .report-summary {
+        background: var(--gov-light);
+        padding: 1.5rem;
+        border-radius: 8px;
+        margin-bottom: 2rem;
+        border-left: 4px solid var(--gov-secondary);
+    }
+    
+    .report-summary h3 {
+        color: var(--gov-primary);
+        margin-bottom: 1rem;
+        font-size: 1.25rem;
+    }
+    
+    .report-summary p {
+        color: var(--gov-gray);
+        margin: 0.5rem 0;
+        line-height: 1.6;
+    }
+    
+    .form-section-header {
+        background: linear-gradient(135deg, var(--gov-primary) 0%, var(--gov-primary-dark) 100%);
+        color: var(--gov-white);
+        padding: 2rem 2.5rem;
+        border-radius: 12px 12px 0 0;
+        margin-bottom: 0;
+    }
+    
+    .form-section-header h2 {
+        font-family: 'Roboto Slab', serif;
+        margin: 0;
+        font-size: 2rem;
+        display: flex;
+        align-items: center;
+        gap: 1rem;
+    }
+    
+    .form-section-header h2::before {
+        content: '📋';
+        font-size: 2rem;
+    }
+    
+    .takedown-form-card {
+        background: var(--gov-white);
+        border-radius: 0 0 12px 12px;
+        box-shadow: 0 8px 32px rgba(0, 51, 102, 0.15);
+        border: 1px solid var(--gov-border);
+        overflow: hidden;
+        margin-bottom: 2rem;
+    }
+    
+    .takedown-form-body {
+        padding: 3rem;
+        background: linear-gradient(to bottom, #ffffff 0%, #f8f9fa 100%);
+    }
+    
+    .info-box {
+        background: #fff3cd;
+        border: 1px solid #ffc107;
+        border-radius: 8px;
+        padding: 1.5rem;
+        margin-bottom: 2rem;
+    }
+    
+    .info-box h4 {
+        color: #856404;
+        margin: 0 0 0.75rem 0;
+        display: flex;
+        align-items: center;
+        gap: 0.5rem;
+    }
+    
+    .info-box h4::before {
+        content: 'ℹ️';
+    }
+    
+    .info-box ul {
+        margin: 0.75rem 0 0 0;
+        padding-left: 1.5rem;
+        color: #856404;
+    }
+    
+    .info-box li {
+        margin: 0.5rem 0;
+        line-height: 1.6;
+    }
+    
+    @media (max-width: 768px) {
+        .takedown-hero {
+            padding: 2rem 1.5rem;
+        }
+        
+        .takedown-hero h1 {
+            font-size: 1.75rem;
+        }
+        
+        .takedown-form-body {
+            padding: 2rem 1.5rem;
+        }
+        
+        .form-section-header {
+            padding: 1.5rem;
+        }
+        
+        .form-section-header h2 {
+            font-size: 1.5rem;
+        }
+    }
+</style>
+{% endblock %}
+
+{% block content %}
+<!-- Hero Section -->
+<div class="takedown-hero">
+    <h1>Заявка за Премахване на Доклад</h1>
+    <p>Ако сте обект на този доклад и смятате, че информацията е невярна или несправедлива, моля попълнете формата по-долу.</p>
+</div>
+
+<!-- Report Summary -->
+<div class="report-summary">
+    <h3>📄 Доклад, за който се отнася заявката:</h3>
+    <p><strong>Заглавие:</strong> <a href="{% url 'reports:detail' report.pk %}">{{ report.title }}</a></p>
+    <p><strong>Вид измама:</strong> {{ report.get_scam_type_display }}</p>
+    <p><strong>Докладван на:</strong> {{ report.created_at|date:"d F Y" }}</p>
+    {% if report.reported_url %}
+    <p><strong>URL:</strong> <a href="{{ report.reported_url }}" target="_blank" rel="noopener">{{ report.reported_url }}</a></p>
+    {% endif %}
+</div>
+
+<!-- Info Box -->
+<div class="info-box">
+    <h4>Важна информация</h4>
+    <ul>
+        <li>Всички заявки се преглеждат внимателно от нашия екип</li>
+        <li>Ще получите отговор по имейл в рамките на 2-5 работни дни</li>
+        <li>Моля, предоставете всички налични доказателства, които подкрепят вашата заявка</li>
+        <li>Лъжливи или злонамерени заявки могат да доведат до правни последици</li>
+    </ul>
+</div>
+
+<!-- Takedown Request Form -->
+<div class="takedown-form-card">
+    <div class="form-section-header">
+        <h2>Форма за Заявка</h2>
+    </div>
+    <div class="takedown-form-body">
+        <form method="post">
+            {% csrf_token %}
+            
+            {# Hidden bot protection fields #}
+            {% for field in form.hidden_fields %}
+                {{ field }}
+            {% endfor %}
+            
+            <div class="form-row">
+                <div class="form-group">
+                    <label for="{{ form.requester_name.id_for_label }}">{{ form.requester_name.label }}</label>
+                    {{ form.requester_name }}
+                    {% if form.requester_name.errors %}
+                    <div class="error-message">{{ form.requester_name.errors }}</div>
+                    {% endif %}
+                </div>
+                
+                <div class="form-group">
+                    <label for="{{ form.requester_email.id_for_label }}">{{ form.requester_email.label }}</label>
+                    {{ form.requester_email }}
+                    {% if form.requester_email.errors %}
+                    <div class="error-message">{{ form.requester_email.errors }}</div>
+                    {% endif %}
+                </div>
+            </div>
+            
+            <div class="form-group">
+                <label for="{{ form.requester_phone.id_for_label }}">{{ form.requester_phone.label }}</label>
+                {{ form.requester_phone }}
+                {% if form.requester_phone.errors %}
+                <div class="error-message">{{ form.requester_phone.errors }}</div>
+                {% endif %}
+                <small class="form-text">Незадължително поле</small>
+            </div>
+            
+            <div class="form-group">
+                <label for="{{ form.reason.id_for_label }}">{{ form.reason.label }}</label>
+                {{ form.reason }}
+                {% if form.reason.errors %}
+                <div class="error-message">{{ form.reason.errors }}</div>
+                {% endif %}
+                {% if form.reason.help_text %}
+                <small class="form-text">{{ form.reason.help_text }}</small>
+                {% endif %}
+            </div>
+            
+            <div class="form-group">
+                <label for="{{ form.evidence.id_for_label }}">{{ form.evidence.label }}</label>
+                {{ form.evidence }}
+                {% if form.evidence.errors %}
+                <div class="error-message">{{ form.evidence.errors }}</div>
+                {% endif %}
+                {% if form.evidence.help_text %}
+                <small class="form-text">{{ form.evidence.help_text }}</small>
+                {% endif %}
+            </div>
+            
+            <div class="form-actions">
+                <button type="submit" class="btn btn-primary">Изпрати Заявка</button>
+                <a href="{% url 'reports:detail' report.pk %}" class="btn btn-secondary">Отказ</a>
+            </div>
+        </form>
+    </div>
+</div>
+{% endblock %}
+