Security Directory

L

Lepida S.c.p.A.

cup2000.it

39

Lepida S.c.p.A. is a well-established regional ICT consortium founded in 1997, serving the Emilia-Romagna region in Italy. It provides a broad range of digital infrastructure and software services primarily targeting public administration, healthcare, and social assistance sectors. The company holds multiple ISO certifications, indicating a strong commitment to quality, security, and environmental standards. The website reflects a mature digital presence with comprehensive content, clear navigation, and good user experience. However, the lack of a valid SSL certificate and HTTPS implementation is a significant security gap that undermines the overall security posture. Privacy and cookie policies are well implemented with consent mechanisms, and the use of Matomo analytics shows a privacy-conscious approach to user tracking. The domain is mature and consistent with the business claims, enhancing trustworthiness. Strategic improvements in SSL/TLS deployment and enhanced security configurations are recommended to elevate the security and trust levels.

D

Dauphin Telecom

dauphintelecom.fr

26

Dauphin Telecom is a regional telecommunications provider serving the French Antilles, including Saint Martin and Saint Barthélemy. The company offers a comprehensive range of services including mobile plans (unlimited, blocked, prepaid), fiber internet, TV packages, and bundled offers. With over 26 years of market presence and multiple local agencies, Dauphin Telecom holds a strong position in its regional market. The website reflects a professional and well-branded digital presence, targeting both residential and business customers in the region. Technically, the website is built on WordPress with Elementor and various Jet plugins, indicating a modern CMS-based infrastructure. However, performance metrics suggest slow loading times, and there is no SSL/TLS certificate installed, which is a significant security concern. The site is mobile-optimized and includes SEO best practices, but accessibility features are basic. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture, exposing users to potential risks. Some security headers are present, but critical improvements are needed. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is clearly provided, enhancing business credibility. Overall, while the business and content quality are strong, the lack of HTTPS is a critical issue that must be addressed immediately to protect users and improve trust. Strategic recommendations include implementing SSL, enhancing security configurations, and maintaining compliance documentation.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

M

Migastone International Srl

migastone.com

23

Migastone International Srl is a small technology company based in San Marino specializing in custom mobile app development and mobile marketing solutions for small to medium-sized businesses. The company leverages relational marketing techniques and offers a suite of services including app development, referral network training, and digital marketing education. Their market position is supported by a mature domain and a consistent brand presence with multiple partner collaborations and customer testimonials. Technically, the website is built on the Kartra platform with Cloudflare CDN and uses modern web technologies such as Bootstrap and Google Fonts. However, the site lacks a valid SSL certificate, which severely impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is comprehensive. The security configuration requires urgent improvement to protect user data and enhance trust. Overall, the website demonstrates good content quality and business credibility but suffers from critical security shortcomings that must be addressed.

L

Leagel S.r.l.

leagel.com

40

Leagel S.r.l. is a medium-sized manufacturing company based in San Marino specializing in the production and commercialization of semi-finished products and ingredients for gelato and pastry artisans. The company has a strong international presence and a well-established brand with over 20 years of experience. Their website reflects a professional and consistent brand image, offering multilingual content, downloadable catalogs, and recipe books to support their B2B customers. Technically, the website is built on WordPress with Bootstrap and integrates modern marketing and analytics tools such as Google Tag Manager and HubSpot. However, the security posture is weak due to the absence of a valid SSL certificate and modern TLS protocols, exposing the site to risks and reducing user trust. Privacy compliance is strong, with clear GDPR-aligned policies and consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

T

TITANKA! Spa

mvmedicalsolutions.com

37

The website mvmedicalsolutions.com currently serves as a minimal placeholder page indicating that TITANKA! Spa is preparing a new website. There is no substantive business content, contact information, or user engagement features present. The technical infrastructure is basic, with Apache server hosting and no SSL/TLS certificate, resulting in an insecure HTTP-only connection. The site uses Google Fonts for typography but lacks modern frameworks or CMS indications. Security posture is weak due to the absence of HTTPS, security headers, and privacy policies. No analytics or tracking mechanisms are detected, indicating minimal data collection. Overall, the site is not yet operational as a business platform and lacks essential compliance and security features.

C

Candyclouds di Danila Bigazzi

candyclouds.it

37

Candyclouds is a small creative business operated by Danila Bigazzi, specializing in web design, graphic design, and UX/UI strategy based in Bologna, Italy. The website serves as a portfolio showcasing various graphic, logo, and web projects, targeting clients seeking personalized design services. The business model includes service provision and an online shop presence via Etsy. Technically, the site is built on WordPress with common plugins such as WooCommerce, Yoast SEO, and Contact Form 7, hosted on SiteGround. While the site demonstrates good content quality and SEO optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, but no terms of service or security policies are present. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

W

Web Server's Default Page

planetservicesrl.it

22

The website planetservicesrl.it currently hosts only a default Plesk web server placeholder page with no active business content or branding. The domain is mature, registered since 2001 in Italy, but the lack of published content suggests the site is either inactive or under development. Technically, the site runs on nginx and is hosted by Italhosting, but it lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available, limiting user trust and compliance with privacy regulations. The external links lead solely to Plesk's official resources and social media channels, indicating no direct business presence on the site itself. Overall, the website's security posture is weak due to missing HTTPS and security headers, and the site shows minimal technical or content maturity.

O

Organizzazione Sammarinese degli Imprenditori

osla.sm

25

Organizzazione Sammarinese degli Imprenditori (OSLA) is a mature, small-sized association dedicated to supporting small and medium enterprises (SMEs) across multiple sectors in San Marino, including commerce, tourism, industry, services, craftsmanship, liberal professions, and agriculture. The website serves as an informational and service portal offering consultancy, legal advice, training, and representation for its members. The organization holds a key market position as a representative body for SMEs in San Marino. Technically, the website is built on Drupal 7 with an Apache server and PHP 5.4.16, indicating an outdated technology stack. The site includes modern web features such as responsive design and social media integration but suffers from slow performance and basic SEO and accessibility implementations. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS support, despite some security headers being present. Privacy compliance is partially addressed with visible privacy and cookie policies and a consent mechanism, but GDPR compliance is not fully evident. Contact information is limited to a physical address with no direct email or phone contacts displayed. Overall, the site is functional but requires significant improvements in security and technical modernization to enhance trust and compliance.

I

In Scientia Fides

inscientiafides.com

30

In Scientia Fides is a specialized healthcare biobank located in San Marino, offering private stem cell preservation services with international FACTNetCord accreditation. The company targets families and parents seeking biological insurance for their children through stem cell storage. The website is professionally designed, content-rich, and provides comprehensive information about services, accreditations, and procedures. Technically, the site is built on WordPress with common marketing and analytics tools integrated, but lacks HTTPS security, which is a critical vulnerability. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Overall, the business presents a trustworthy and professional image but must urgently address its lack of SSL to improve security posture and user trust.

H

H.J. Opdyke Lumber Company

opdyke.com

40

H.J. Opdyke Lumber Company is a well-established regional supplier of lumber and building materials, servicing residential and multifamily properties since 1955. The company offers a broad range of products and design services including kitchens, baths, decking, doors, windows, and closets, targeting contractors, builders, and homeowners primarily in New Jersey, Pennsylvania, and New York. Their market position is solid with multiple physical locations and a medium-sized business footprint. Technically, the website is built on WordPress with modern plugins and accessibility features, but lacks a valid SSL certificate, which is a critical security shortfall. The site uses Sucuri Cloudproxy for WAF protection, Google Analytics and Tag Manager for tracking, and hCaptcha for form security. Privacy and cookie policies are present and GDPR compliant, but no terms of service or security policies are found. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

K

KOITOTO

tmsap.com

36

KOITOTO operates as an online bandar toto macau platform providing real-time data on toto macau lottery results primarily targeting Indonesian-speaking users. The website claims to be the number one provider of toto macau data in 2025, offering updated and transparent lottery results with a responsive design optimized for mobile users. Technically, the site employs AMP HTML technology and is hosted behind Cloudflare CDN, which aids in content delivery and performance. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, significantly impacting its security posture. No privacy or cookie policies are present, and no contact information is provided, which further reduces trust and compliance with privacy regulations. The site links to partner domains related to gambling and prediction services but does not use analytics or tracking technologies. Overall, KOITOTO presents a basic but functional online gambling data service with significant security and compliance gaps.

B

BAUER Foundation Corp.

bauerfoundations.com

40

BAUER Foundation Corp. is a specialized foundation engineering company operating globally as part of the BAUER Group. The company offers comprehensive geotechnical solutions, construction methods, and equipment services, targeting clients with complex foundation engineering needs. Their mature domain and extensive content reflect a well-established market presence. Technically, the website is built on Drupal 10 with modern CSS frameworks but suffers from slow load times and lacks HTTPS, which is a critical security shortfall. Security posture is weak due to missing SSL certificates, absence of security headers, and no DNSSEC or HSTS implementation. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and credible but requires urgent security improvements to protect user data and enhance trust.

E

Evolved Novelties

myevolved.com

39

Evolved Novelties operates as a niche e-commerce retailer specializing in premium adult pleasure products, featuring well-known brands such as Playboy Pleasure and Gender X. The website is built on the BigCommerce platform and leverages Cloudflare for hosting and CDN services. The site demonstrates good content quality, clear navigation, and a consistent branding approach targeting adult consumers seeking luxury sexual wellness products. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the security posture, exposing users to potential data interception risks. Cookie consent mechanisms are present, indicating some level of privacy compliance, but no explicit GDPR or security policies are found. Overall, the business appears legitimate with consistent domain registration data, but urgent improvements in security infrastructure are recommended to protect customer data and enhance trust.

A

Anel Arabian company

anelarabia.com

20

Anel Arabian company is a Saudi-based business specializing in information and communication technologies and electromechanical technology services. Established in 2010, it positions itself as a leader in the Saudi market with a focus on leveraging local talent to meet customer needs. The website content is bilingual, targeting Arabic and English-speaking audiences, and is hosted on the Weebly platform with basic design and navigation features. However, the site lacks critical contact information and formal policies, which limits user trust and engagement. Technically, the website runs on an nginx server with jQuery and Weebly's platform scripts. Hosting is provided by Hostmonster. The site suffers from poor performance metrics, no mobile optimization beyond basic, and minimal SEO and accessibility features. Importantly, the site does not have a valid SSL certificate, resulting in no HTTPS support, which severely impacts security and user trust. From a security perspective, the absence of HTTPS, lack of security headers, and missing compliance policies such as privacy and cookie policies indicate a low security maturity level. No incident response or vulnerability disclosure information is provided. Analytics tools like Google Analytics and Snowplow are used, but no cookie consent mechanism is implemented, raising privacy compliance concerns. Overall, the website presents a basic online presence for the company but requires significant improvements in security, privacy compliance, and user engagement features to enhance trustworthiness and professionalism.

P

Parallels IP Holdings GmbH

teddygroup.com

23

The website teddygroup.com currently hosts a default Parallels Plesk placeholder page indicating no active website or business presence. The content describes Parallels as a leading provider of virtualization and hosting automation software, targeting businesses and cloud service providers. The site lacks any custom content, contact information, or privacy policies, which significantly limits its business credibility and user engagement potential. Technically, the site runs on nginx and Parallels Plesk but lacks a valid SSL certificate, serving content only over HTTP, which is a critical security deficiency. No modern security headers or HTTPS configurations are present, exposing the site to potential risks. Overall, the security posture is weak, and the absence of privacy compliance measures further reduces trustworthiness. The domain is registered and has DNS and mail exchange records, but no detailed WHOIS data was provided to assess domain age or registrant legitimacy. Strategic recommendations include deploying a valid SSL certificate, publishing privacy and cookie policies, adding contact information, and replacing the placeholder content with a professional website to improve business credibility and security.

The website is a parked domain landing page for isosistemi.it, offering the domain for sale with no active business content or services presented. The site primarily serves as a placeholder with advertising scripts and domain inquiry links. The technical infrastructure is minimal, hosted on Hetzner Online with nginx and Caddy components, but lacks a valid SSL certificate and modern security configurations. The absence of HTTPS and security headers significantly weakens the security posture. Privacy compliance is minimal, with only a basic privacy policy linked via a popup and no cookie consent mechanisms. No contact or business information is provided, limiting business credibility and trust. Overall, the site represents a low-risk but low-value digital asset with poor content and security maturity.

S

Stefano Boeri Architetti

stefanoboeriarchitetti.net

37

Stefano Boeri Architetti is a mature and internationally recognized architecture and urban planning firm headquartered in Milan, with offices in Shanghai and Tirana. Established in 1993, the firm specializes in innovative architectural design and urbanism, with notable projects such as the Bosco Verticale in Milan. The website reflects a professional digital presence with multilingual support and active social media engagement, targeting clients and professionals interested in architecture and urban development. Technically, the site is built on WordPress with a range of plugins for SEO, content management, and user interaction, but lacks a valid SSL certificate, which impacts security and trust. The absence of HTTPS and security headers represents a critical vulnerability that should be addressed promptly. Privacy compliance is well managed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires significant security improvements to align with best practices.

I

Impresa Pizzarotti & C. S.p.A.

pizzarotti.it

20

Impresa Pizzarotti & C. S.p.A. is a well-established Italian enterprise specializing in the design, construction, and management of large-scale infrastructure and building projects. With over a century of experience and operations in more than 20 countries, the company holds a strong market position as one of Italy's leading general contractors. Their key services span infrastructure, prefabricated structures, building construction, facility management, real estate, and smart green solutions. The website reflects a professional and comprehensive digital presence, targeting clients and partners in the construction and infrastructure sectors. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, hosted likely on SiteGround. While the site is content-rich and well-structured with good mobile optimization and accessibility, performance is somewhat slow, likely due to heavy media content. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. Analytics are handled via Matomo, indicating a privacy-conscious approach. Security posture is a concern due to the absence of a valid SSL certificate and HTTPS, lack of security headers, and no modern TLS protocols enabled. This exposes the site to significant risks and reduces trustworthiness from a security perspective. No incident response or security policy pages were found. Overall, the site is trustworthy from a business and content perspective but requires urgent security improvements. Recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, implementing security headers, improving site performance, and enhancing security policies and incident response documentation to strengthen the security posture and user trust.

T

TIM San Marino S.p.A.

tim.sm

31

TIM San Marino S.p.A. operates as a telecommunications provider in the Republic of San Marino, offering a range of services including fiber internet, mobile telephony, fixed telephony, and digital TV. The website targets residential and business customers within San Marino, positioning itself as a leading local telecom operator. The business model focuses on providing bundled telecom services and devices, supported by a professional online presence with clear service offerings and customer support channels. Technically, the website is built on WordPress 6.8.1, utilizing common libraries such as jQuery and Owl Carousel for UI components. SEO is enhanced via the Yoast SEO plugin, and the site includes structured data for improved search engine understanding. However, performance is suboptimal with a slow page load time of over 7 seconds, and accessibility features are basic. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. No modern TLS protocols or security headers are enabled, exposing users to potential risks. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, while the business and content aspects are strong and trustworthy, the security posture is weak and requires urgent remediation to protect user data and maintain trust. Strategic improvements in SSL deployment, security headers, and performance optimization are recommended to elevate the site's security and technical maturity.

Colorificio Sammarinese is a well-established paint and coatings manufacturer based in San Marino with a history spanning approximately 80 years. The company offers a broad portfolio of products for light and professional construction, including decorative paints, industrial coatings, and innovative tintometric systems. Their market position is strong within the manufacturing sector, supported by a professional website that targets both professional and retail customers. The website is multilingual and integrates e-commerce capabilities through WooCommerce, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are present and GDPR compliant, and the company maintains active social media channels. The WHOIS data confirms the domain's legitimacy and long-term registration, consistent with the company's profile.

The website goldcoin.co.in currently presents minimal content, consisting solely of a client-side redirect script to the /lander path. There is no visible business information, metadata, or user-facing content to analyze. The domain resolves to two Amazon AWS IP addresses, indicating hosting on cloud infrastructure, but lacks a valid SSL/TLS certificate and does not support HTTPS, which severely impacts security and trustworthiness. No privacy, cookie, or terms of service policies are present, and no contact information or business credentials are available on the site. This suggests the website is either under development or improperly configured. From a technical perspective, the site lacks modern web standards such as security headers, DNSSEC, and CAA records. Performance data is unavailable due to the lack of content. The absence of analytics, advertising, or tracking scripts indicates minimal digital marketing or user engagement infrastructure. The DNS setup is standard but could be improved with security enhancements. Security posture is poor, with no SSL certificate, no HTTPS support, and no security best practices implemented. This exposes visitors to risks and undermines trust. The WHOIS data shows the domain is registered and DNS is consistent, but no registrant or business information was provided to verify legitimacy. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include immediate implementation of a valid SSL certificate and HTTPS, development of meaningful website content including privacy and cookie policies, addition of contact and business information, and deployment of security headers and DNS security features. These steps are critical to improve trust, compliance, and user experience.

S

SCAVOLINI S.P.A.

scavolini.com

40

Scavolini S.P.A. is a well-established Italian furniture manufacturer specializing in kitchens, bathrooms, living rooms, walk-in wardrobes, and outdoor kitchens. The company positions itself as a premium brand with a focus on quality, sustainability, and bespoke furniture solutions. Their market presence is supported by international certifications and a broad dealer network. Technically, the website is built on ASP.NET technology, leveraging Cloudflare for CDN and security, and integrates modern marketing and accessibility tools. However, the website suffers from a critical security weakness due to the absence of a valid SSL certificate and lack of TLS protocol support, which severely impacts its security posture. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to ensure secure communications and user trust.

Ristorante La Terrazza is a small Italian restaurant located in Krefeld, Germany, specializing in fresh seasonal dishes with a focus on fish and wild game. The business emphasizes warm hospitality and a pleasant dining ambiance, targeting local residents and visitors seeking quality Italian cuisine. The website reflects a local hospitality business model without online reservations, relying on direct phone contact. Technically, the website uses Mobirise CMS with Bootstrap and jQuery libraries, hosted on Cloudpit servers. Performance is moderate to slow, and mobile optimization is good. However, the site lacks HTTPS support, exposing visitors to security risks. Privacy and cookie policies exist but are basic and not fully GDPR compliant. No terms of service or security policies are present. Overall, the site is functional but requires significant security improvements.

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 26 security findings identified across all modules.

D

Dynaset SRL

dynaset.sm

40

Dynaset SRL is a small technology company based in San Marino, specializing since 2005 in cloud-based human resources management software. Their flagship product, evohrp, offers a comprehensive suite of HR tools tailored for managers, HR professionals, and employees, positioning itself as a competitive alternative to larger HR market players. The website demonstrates a high level of digital maturity with a modern WordPress CMS, Elementor page builder, and integration of various plugins for enhanced user experience and marketing. However, the absence of a valid SSL certificate significantly undermines the security posture, exposing users to potential risks. Privacy and cookie policies are well implemented, reflecting good GDPR compliance. Overall, the site is professional, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

The website imready.it currently serves only a minimal HTML page that immediately redirects visitors to an external domain (ingenio-web.it). There is no substantive content, metadata, or business information present on the landing page. The domain is mature, registered since 2007, and located in Italy, but the website itself lacks visible business presence or contact details. The technical infrastructure is basic, running on Apache with no SSL/TLS certificate installed, resulting in an insecure HTTP-only connection. DNS records are configured with mail servers and SPF/DKIM-like TXT records, but no DNSSEC validation or domain protection locks are enabled. Security posture is weak, with no security headers, no HTTPS, and imminent domain expiry increasing risk. Overall, the site appears inactive or under maintenance, redirecting users elsewhere rather than providing direct content or services.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Aeffe Spa is an established Italian luxury goods group specializing in the production and distribution of high-end fashion products including ready-to-wear, footwear, leather goods, lingerie, and beachwear. The company operates internationally with proprietary brands such as Alberta Ferretti, Moschino, Pollini, and Philosophy di Lorenzo Serafini, positioning itself as a significant player in the luxury retail sector. The website reflects a professional corporate presence with comprehensive investor relations and governance information, targeting investors, partners, and luxury consumers. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple third-party services including Google Tag Manager and Google Analytics for analytics and marketing. Multilingual support is provided via WPML, enhancing accessibility for international audiences. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS, which impacts its security posture and user trust. Security-wise, while no critical vulnerabilities or exposed sensitive data were detected, the lack of HTTPS and modern TLS protocols, absence of HSTS, and missing DMARC records represent significant risks. The site employs basic security headers but could benefit from enhanced configurations. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern TLS protocols, and improving security headers and email authentication mechanisms.

L

LunaLabs

lunalabs.it

33

LunaLabs is a technology-oriented website with a domain registered in Italy since 2018, indicating a mature presence. The site uses modern web technologies such as Angular and includes cookie consent mechanisms via Iubenda, but lacks critical business information such as contact details, privacy policy, and terms of service. The absence of HTTPS and a valid SSL certificate significantly undermines the security posture of the website. Technical infrastructure shows use of modern fonts and frameworks but lacks performance optimization and accessibility features. Security best practices are minimal, with no security headers or advanced configurations detected. Overall, the website presents a low trustworthiness profile due to missing compliance and security features, and limited business transparency.

S

SPACE

space.be

35

SPACE is a Belgian-based Trusted Media Agency focused on delivering agile and innovative media positioning and strategy services. The company emphasizes a mindset of connection, daring, and growth, targeting businesses seeking media agency expertise. The website reflects a professional and consistent brand image with clear contact information and a LinkedIn presence, positioning SPACE as a small but credible player in the media sector. Technically, the website employs modern frontend technologies including Bootstrap, Symfony Stimulus, and Chart.js, hosted on infrastructure linked to Gandi. However, the site suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. The absence of security headers and modern TLS protocols further weakens the security stance. From a security perspective, the lack of HTTPS is a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies are present, indicating poor compliance with GDPR and related regulations. No incident response or vulnerability disclosure mechanisms are evident, limiting transparency and responsiveness to security issues. Overall, the website is functional and professionally designed but requires urgent improvements in security and privacy compliance to enhance trustworthiness and protect user data. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, and adopting security best practices to elevate the site's security maturity and compliance posture.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website quattroquarti.org currently serves only a 404 Not Found error page, indicating that the requested resource is unavailable. The domain is mature, registered since 2002, and owned by 7Note Insieme Service s.r.l., an Italian company. However, the website itself lacks any meaningful content, business information, or user engagement features. Technically, the site is hosted on LiteSpeed Web Server without HTTPS enabled, which is a significant security shortfall. There are no privacy or cookie policies, no contact information, and no visible security or compliance frameworks implemented. This severely limits the site's credibility and trustworthiness. From a security perspective, the absence of an SSL/TLS certificate and security headers exposes users to risks such as data interception and man-in-the-middle attacks. The lack of DNSSEC and domain protection locks further increases vulnerability to domain hijacking or spoofing. The WHOIS data is consistent and indicates a legitimate registration, but the website's lack of content and security measures suggests it may be inactive or poorly maintained. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility. Immediate remediation is recommended to enable HTTPS, publish essential policies, and provide valid business contact information to improve trust and compliance.

The website quartarone.it is currently a parked domain page primarily serving as a placeholder indicating the domain is for sale. The site lacks substantive business content, contact information, or any form of user engagement mechanisms. The target audience appears to be domain investors or buyers interested in acquiring the domain. The business model is domain parking and resale, with no active commercial operations visible on the site. From a technical perspective, the site is minimalistic, built with basic HTML and JavaScript, hosted via ParkingCrew services. Performance is slow with a load time of over 5 seconds and minimal resources. The site lacks modern web technologies, accessibility features, and SEO optimization. Mobile optimization is basic but functional. Security posture is weak, with no HTTPS/SSL certificate configured, no security headers, no DNSSEC, and no domain protection locks enabled. This exposes the domain to potential risks such as interception and domain hijacking. No privacy or cookie policies are present, indicating poor compliance with GDPR and related regulations. Overall, the site presents a low trust profile with critical security and compliance gaps. Strategic recommendations include implementing HTTPS, enabling domain protection mechanisms, adding privacy and cookie policies, and improving website content and professionalism to enhance credibility and security.

U

Universal Cables Limited

unistar.co.in

23

Universal Cables Limited is a well-established Indian manufacturing company specializing in cables and capacitors, founded in 1962 and part of the M.P. Birla Group. The company serves industrial and energy sectors with a broad product portfolio including XLPE, PVC, and elastomeric cables, as well as capacitors and EPC services. The website reflects a traditional manufacturing business with a focus on corporate overview, product details, and investor relations. Technically, the website uses common web technologies such as Bootstrap, jQuery, and Google Fonts but suffers from slow performance and lacks modern security implementations. Critically, the absence of HTTPS and a valid SSL certificate exposes visitors to security risks and undermines trust. Privacy and compliance documentation such as privacy policy and cookie policy are missing, indicating gaps in regulatory adherence. Overall, the site presents a moderate level of professionalism but requires significant improvements in security and privacy to meet modern standards.

B

B Consulting

bconsulting.org

40

B Consulting is a specialized financial operations consulting firm serving high-growth startups, offering services in finance, accounting, HR, and business management. The company positions itself as a trusted partner from early-stage funding rounds through IPO, focusing on operational excellence and investor readiness. The website is built on Squarespace and integrates HubSpot for analytics and marketing automation. While the site is professionally designed and content-rich, it suffers from critical security issues including an invalid SSL certificate and lack of security headers. Privacy and cookie policies are absent, which impacts compliance posture. Contact information is limited to an email and LinkedIn profile, with no phone or physical address provided. Overall, the business appears legitimate and mature, but security and privacy improvements are necessary to enhance trust and compliance.

A

Alpiq Holding Ltd.

alpiq.com

40

Alpiq Holding Ltd. is a leading Swiss electricity producer and energy service provider operating across Europe. The company focuses on electricity generation, energy trading, and renewable energy management, positioning itself as a key player in the energy sector with a large operational footprint and multiple subsidiaries in European countries. The website reflects a mature and professional business with comprehensive content and clear branding. Technically, the site is built on TYPO3 CMS and hosted on AWS infrastructure, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, lack of security headers, and no modern TLS protocols enabled. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism implemented via OneTrust. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

The website solegiallo.it is currently a parked domain page hosted by Aruba.it, indicating the domain is registered but not actively used for business purposes. The page provides no business description, contact information, or user engagement features. Technically, the site runs on Microsoft IIS 10.0 with ASP.NET but lacks a valid SSL/TLS certificate, serving content only over HTTP, which is a significant security concern. The absence of privacy, cookie, and terms of service policies further reduces compliance and trustworthiness. Security posture is weak with no modern security headers or HTTPS enforcement. Overall, the site presents a low-risk profile due to minimal content but requires substantial improvements to be considered a professional business website.

Soundcheck B.V. is a small Dutch rental company specializing in sound and lighting equipment for events such as theater productions, festivals, concerts, TV productions, weddings, and corporate events. The company has a mature domain registered since 2002, consistent with its stated business history. The website content is basic and primarily in Dutch, targeting local event organizers and production companies. Technically, the website uses legacy HTML and JavaScript without modern frameworks or CMS, resulting in slow load times and poor mobile optimization. Critically, the site lacks HTTPS support, exposing users to security risks. No privacy or cookie policies are present, and no contact information is explicitly provided on the homepage, which impacts trust and compliance. The DNS and MX records are properly configured, but security configurations such as DNSSEC, HSTS, and security headers are missing. Overall, the website demonstrates a low security posture and basic digital maturity, requiring significant improvements to meet modern security and privacy standards.

S.M.Service is a small, local business based in Serravalle, San Marino, providing intelligent services as suggested by its name and website title. The website content is minimal, primarily offering contact details without detailed descriptions of services or business operations. The domain is mature, registered since 2003, indicating a longstanding presence, but the online footprint is limited. Technically, the website runs on an Apache server with basic JavaScript usage but lacks modern web technologies, mobile optimization, and SEO best practices. Critically, the site does not use HTTPS, exposing visitors to security risks. There are no security headers or advanced TLS protocols enabled, and no evidence of security or privacy policies, which indicates a low level of digital maturity. From a security perspective, the absence of SSL/TLS, security headers, and privacy compliance mechanisms are significant vulnerabilities. The domain registration data is consistent and legitimate, but the website itself does not reflect strong security or privacy practices. There is no evidence of incident response or vulnerability disclosure policies. Overall, the website poses moderate risk due to lack of encryption and privacy controls. Strategic recommendations include immediate implementation of HTTPS, addition of privacy and cookie policies, and enhancement of security headers and protocols to improve trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 15 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The General Authority of Civil Aviation (GACA) is the official Saudi government entity responsible for civil aviation regulation and services. The website serves as a comprehensive platform offering information on aviation policies, passenger rights, safety reporting, and electronic services. It targets citizens, travelers, and aviation stakeholders within Saudi Arabia, positioning itself as the national authority in the transportation sector. The site features a professional design with consistent branding and a strong social media presence, enhancing trust and engagement. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Swiper.js, and is likely powered by the Sitecore CMS. Accessibility and digital experience tools are integrated, though performance is hindered by slow load times and a large page size. The SSL/TLS configuration is currently invalid or missing, which significantly impacts the security posture. Security-wise, the site lacks a valid HTTPS certificate and security headers, which are critical for protecting user data and ensuring secure communications. No explicit incident response or vulnerability disclosure mechanisms are evident. Privacy and cookie policies exist but are basic, with limited GDPR compliance indicators. The domain registration aligns with the Saudi government entity, supporting legitimacy. Overall, the website is functional and professional but requires urgent improvements in security configuration and performance optimization to enhance user trust and compliance with modern standards.

Qatar Airways is a globally recognized airline with a mature digital presence, offering comprehensive travel services including flight bookings, loyalty programs, and ancillary services. The website is well-designed, mobile-optimized, and provides extensive content and user engagement features. Technically, the site employs modern frameworks and analytics tools but lacks a valid SSL certificate, which is a critical security concern. The security posture is moderate due to missing HTTPS and TLS configurations, though other security headers are present. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site reflects a reputable enterprise with room for critical security improvements.

The website valorexpo.com is currently a parked domain with no active business content. It serves primarily as a placeholder page indicating the domain is for sale, targeting potential domain buyers or investors. The site is dominated by advertising scripts and lacks any meaningful business information or user engagement features. Technically, the site uses basic JavaScript and Google Adsense Domains CAF scripts, hosted likely on a parking provider's infrastructure. Performance is slow with a load time exceeding 7 seconds, and mobile optimization is minimal. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and lack of security headers or best practices. Privacy compliance is minimal with only a basic privacy policy accessible via a popup, and no cookie consent mechanism is present. Overall, the site has low trustworthiness and professionalism, reflecting its status as a parked domain rather than an active business website.

I

Interperformances

interperformances.com

24

Interperformances.com is a mature and established sports agency specializing in basketball player management, contract negotiation, marketing, and post-career planning. The website targets professional basketball players, agents, coaches, and teams globally. The business model is focused on athlete representation and sports management services. The company has a consistent brand presence and active social media engagement, supporting its market position as a recognized agency in the basketball sports sector. Technically, the website employs a variety of modern front-end libraries such as jQuery, Bootstrap, and Slick Carousel, hosted behind Cloudflare DNS services. However, the site suffers from slow load times and lacks HTTPS support, which is a significant technical and security deficiency. Mobile optimization is good, but accessibility and SEO optimizations are basic. From a security perspective, the absence of a valid SSL certificate and HTTPS support is a critical vulnerability that exposes users to risks such as data interception. The lack of security headers, HSTS, and OCSP stapling further weakens the security posture. No privacy or cookie policies are present, indicating poor compliance with data protection regulations. Incident response and vulnerability disclosure mechanisms are also missing. Overall, the website presents moderate business credibility but requires urgent improvements in security and privacy compliance to protect users and enhance trust. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and establishing incident response contacts.

A

Aetna Group SPA

aetnagroup.com

38

Aetna Group SPA is a well-established global leader in the manufacturing of packaging machinery and end-line solutions, operating with multiple subsidiaries and a strong international presence. The company offers a broad range of packaging products and services, targeting industrial clients worldwide. The website reflects a mature business with consistent branding and good content quality. However, the technical infrastructure shows significant gaps, particularly the absence of a valid SSL certificate and modern security configurations, which poses a critical risk to user trust and data security. Performance issues such as slow load times further impact user experience. Privacy compliance is basic, with policies present but lacking comprehensive GDPR indicators. Overall, while the business credibility is strong, the security posture requires urgent improvement to align with industry best practices.

BHW Bausparkasse AG is a well-established financial institution specializing in mortgage and loan services primarily for the Italian market. The company operates with a mature domain registered since 1999 and offers a range of services including credit management and administrative support, some of which are outsourced to reputable partners like Cerved Credit Management Group. The website provides clear contact information and legal references, supporting its credibility in the finance sector. Technically, the website employs legacy technologies such as jQuery and Modernizr and demonstrates moderate performance with good mobile optimization. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. The lack of security headers and cookie consent mechanisms further highlights compliance and security gaps. From a security perspective, while SPF and DMARC records are properly configured, the missing HTTPS and security headers expose users to potential risks. The domain's WHOIS data is consistent with the business claims, showing a low expiry risk and no privacy protection, which supports legitimacy. Overall, the site requires urgent security improvements to protect user data and comply with privacy regulations. Strategic recommendations include implementing HTTPS with a valid SSL certificate, enabling security headers and HSTS, introducing cookie consent mechanisms to comply with GDPR, and enhancing domain protection. These measures will improve trust, security, and compliance, aligning the website with industry best practices.

P

Pacific Investment Management Company LLC

pimco.com

40

PIMCO is a globally recognized investment management firm specializing in providing investment solutions to institutions, financial professionals, and individual investors. The website reflects a mature and enterprise-level business with a strong focus on sustainable investing and ETFs. The company operates under multiple regulatory jurisdictions, demonstrating a high level of compliance and trustworthiness. Technically, the website employs modern technologies such as Sitecore CMS, Coveo search, and marketing tools like Marketo and Google Tag Manager, indicating a mature digital infrastructure. However, a critical security issue is the invalid or missing SSL certificate and lack of modern TLS protocols, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the website is professional, well-branded, and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions.

B

Bee Social Srl

bee-social.it

28

Bee Social Srl is a small digital marketing agency based in San Marino, founded in 2012, specializing in web marketing, social media management, SEO copywriting, online advertising, and website development. The company targets businesses and freelancers seeking practical digital marketing solutions. The website is professionally designed with rich content, clear navigation, and multiple client trust indicators including case studies and partner badges. Technically, the site is built on WordPress with common plugins and integrates analytics and marketing tools. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the business appears legitimate and consistent with its domain registration data, but the lack of HTTPS is a major risk that should be addressed immediately.