Security Directory

U

Ufficio del Turismo

visitsanmarino.com

46

The website visitsanmarino.com serves as the official tourism portal for the Republic of San Marino, providing comprehensive information on events, travel planning, cultural experiences, shopping, and outdoor activities. It targets tourists and visitors interested in exploring San Marino, positioning itself as the authoritative source for tourism-related content in the country. The business model is government-driven, focusing on promoting tourism and cultural heritage. Technically, the site is built on Magnolia CMS and served via Apache, utilizing JavaScript libraries including jQuery and Google Tag Manager for analytics and marketing. The site is multilingual and mobile-optimized, though performance data suggests potential slowness. Accessibility and SEO are basic but functional. From a security perspective, the site lacks a valid SSL certificate and HTTPS support, which is a critical vulnerability. Security headers are minimal, and no advanced security policies or incident response information are published. Cookie consent mechanisms are absent despite the use of tracking tools, indicating privacy compliance gaps. Overall, the site is legitimate and trustworthy as an official government tourism resource but requires urgent improvements in security and privacy compliance to protect users and enhance trust.

M

MédiaKlikk

mediaklikk.hu

40

MédiaKlikk is a Hungarian media platform offering live streaming of multiple TV and radio channels, program guides, and media archives primarily targeting Hungarian-speaking audiences. It operates under the umbrella of MTVA, the Hungarian public media organization, and serves as a central hub for national media content. The platform leverages WordPress CMS with a variety of plugins and integrates social login options and user account management features. The website demonstrates a consistent brand presence and good content relevance for its target audience. Technically, the site uses a modern web stack including jQuery, jQuery UI, Video.js, and ElasticPress, hosted on Telekom Hungary infrastructure. While the site is mobile-optimized and includes accessibility features, performance metrics are not explicitly available. SEO practices are implemented with proper meta tags and structured data. However, the absence of HTTPS is a critical security gap, significantly impacting the site's security posture. From a security perspective, the site lacks a valid SSL certificate, HSTS, and other modern security headers, exposing users to potential risks. It employs reCAPTCHA for form protection and uses third-party analytics and tracking services such as Facebook Pixel, Hotjar, and Gemius, indicating extensive user tracking. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Incident response and vulnerability disclosure information are not found. Overall, while MédiaKlikk is a reputable media platform with solid business credibility and content quality, its security posture requires urgent improvement, especially regarding HTTPS implementation and enhanced privacy compliance. Strategic recommendations include securing the site with SSL, enabling security headers, and implementing a cookie consent mechanism to align with GDPR requirements.

H

Helló Sajtó! Üzleti Sajtószolgálat

hellosajto.hu

40

Helló Sajtó! Üzleti Sajtószolgálat is a Hungarian online media platform specializing in publishing and distributing business press releases. Established in 2022, it serves businesses, PR agencies, and institutions primarily in Hungary, offering services such as press release publication, distribution, and effectiveness measurement. The website is built on WordPress with Elementor and uses the Smart Mag theme, hosted on a server managed by Mediacenter.hu. The platform integrates Google Tag Manager and Google Ad Manager for analytics and advertising purposes. Despite a professional design and good content quality, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, including email and phone. Social media presence is active on Facebook, LinkedIn, and Twitter. Overall, the website is functional and credible but requires urgent security improvements to protect user data and enhance trust.

R

Rete di Top Segnalatori Business Certificati

retesegnalatori.com

31

The website 'retesegnalatori.com' serves as a platform for individuals and businesses interested in becoming certified business referrers and growing within a referral network. It positions itself as a niche network focused on business introductions and certification in the Italian-speaking market. The content is minimal and primarily marketing-oriented, with limited business or legal information provided. Technically, the site is built on the Kartra platform, utilizing common web fonts and CDNs, but suffers from slow load times and lacks modern performance optimizations. Security posture is weak, with no valid SSL certificate or HTTPS support, absence of security headers, and no privacy or cookie policies, exposing users to potential risks. Overall, the site demonstrates low trustworthiness and poor compliance with privacy regulations. Strategic improvements in security, privacy compliance, and content richness are recommended to enhance credibility and user trust.

B

Banca Agricola Commerciale

baclife.sm

39

Banca Agricola Commerciale (BAC) is a well-established financial institution based in San Marino, providing a broad range of banking, investment, and insurance services to both private individuals and businesses. The website reflects a mature and professional presence with comprehensive business information, news updates, and customer resources. The company operates subsidiaries such as BAC Life S.p.A. and BAC Investments, indicating a diversified financial services group. The target audience is primarily local customers in San Marino, with services tailored to their needs including online and mobile banking solutions. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Cookiebot for compliance and marketing. It integrates Google Tag Manager and Google Maps API, showing a moderate level of digital maturity. However, performance metrics are missing, and some technical debt is evident, especially in the SSL/TLS configuration. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability exposing users to potential data interception. While some security headers are present, the absence of HTTPS and DNSSEC reduces the overall security posture significantly. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is credible and professional but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing DNS and domain protections.

E

Emaar Properties PJSC

emaar.com

57

Emaar Properties PJSC is a leading real estate developer based in Dubai, UAE, with a strong international presence. The company specializes in premium property development, community management, hospitality, and entertainment services. Their website reflects a mature digital presence with comprehensive property listings, community information, and customer engagement tools. Technically, the site is built on WordPress with modern JavaScript libraries and integrates analytics and marketing tools such as Google Tag Manager and Amplitude. However, the website suffers from a critical security flaw due to an invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts its security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates high professionalism and business credibility but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

U

Universiteit Utrecht

uu.nl

40

Universiteit Utrecht is a large, internationally recognized research university based in the Netherlands, providing higher education and research services primarily to students and academic professionals. The website is built on Drupal 10 with modern JavaScript libraries and integrates Google Tag Manager for analytics. Despite rich content and excellent design quality, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a critical security shortfall. No advanced security headers or incident response policies are publicly disclosed, indicating room for improvement in security posture. Privacy policy is present and appears GDPR compliant, but no cookie consent mechanism was detected. Overall, the website is professional and trustworthy but requires urgent security enhancements to protect user data and improve compliance.

K

KU Leuven

kuleuven.be

40

KU Leuven is a prestigious and internationally recognized university based in Belgium, offering a broad range of educational and research services. The website reflects a mature institution with a strong market position in higher education, targeting students, researchers, alumni, and staff. The digital presence is well-structured, with comprehensive content and consistent branding. Technically, the site uses the Plone CMS and modern web technologies, but suffers from critical SSL/TLS configuration issues that undermine its security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. However, the absence of a valid SSL certificate and modern TLS protocols significantly reduces the site's security score and exposes users to risks. Overall, the site is professional and trustworthy but requires urgent security improvements.

L

Libraesva

esvacloud.com

52

Libraesva is a technology company specializing in advanced email security, archiving, phishing awareness, and DMARC protection solutions. Positioned as an industry leader, the company serves a broad B2B audience seeking to protect business communications from evolving cyber threats. Their product suite integrates with major platforms like Microsoft 365 and Google, emphasizing zero-day threat prevention and compliance. The website reflects a mature digital presence with professional design, rich content, and multiple industry recognitions. However, the absence of a valid SSL certificate is a critical security flaw that undermines trust and secure communications. The technical infrastructure leverages WordPress with modern plugins and Cloudflare CDN, but performance metrics are unavailable. Security headers and content security policies are well implemented, though the lack of HTTPS significantly reduces the overall security posture. Privacy compliance is partially addressed through a cookie consent mechanism, but no explicit privacy policy or terms of service pages were found. Contact information is limited to physical addresses without direct emails or phone numbers. Overall, the site demonstrates good business credibility and technical maturity but requires urgent remediation of SSL issues to ensure secure user interactions.

T

Treviweb SAS di Spolitu Francesco & C.

treviweb.it

38

Treviweb is a small Italian technology company specializing in website creation, software development, mobile app development, web marketing, and hosting services. Established since 2005, it has a mature domain and a clear market presence targeting businesses and private clients seeking digital solutions. The website is professionally designed with good content relevance and clear navigation, supporting a positive user experience. Technically, the site uses a WordPress CMS with modern frameworks like Bootstrap and integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and Google Tag Manager. However, the absence of a valid SSL certificate and HTTPS is a critical security shortfall, exposing users to risks and impacting trust. Privacy compliance is well addressed through Iubenda policies and consent management. Overall, the business credibility is moderate, supported by clear contact information and social media presence.

T

Tonino Leardini Gelato Master School

gelatomasterschool.com

42

Gelato Master School is a specialized educational institution focused on training professional gelato makers and pastry chefs through in-person and video courses. The business operates primarily in Italy and targets individuals seeking advanced skills in gelato and related confectionery arts. The website is built on WordPress with WooCommerce and Gravity Forms, indicating a mature digital infrastructure for e-commerce and customer interaction. However, the absence of HTTPS is a critical security flaw that undermines user trust and data protection. Privacy and cookie policies are comprehensive and linked to reputable third-party domains, supporting GDPR compliance. Social media presence and partner affiliations enhance credibility. Overall, the business is legitimate and well-positioned in its niche but must urgently address security gaps to improve trust and compliance.

M

Migastone International Srl

mobileacademy.club

36

Mobileacademy.club is a website promoting a free online workshop called Mobile Marketing Expert - AI Edition, focused on teaching app creation combined with artificial intelligence using no-code technology. The business is led by Oscar Dalvit, CEO of Migastone International Srl, a recognized leader in the Italian app development market. The website content is professionally presented with good branding and clear target audience focus on technology enthusiasts and entrepreneurs. Technically, the site is built on WordPress with Elementor and uses various marketing and tracking tools such as Kartra, Facebook Pixel, TikTok Pixel, and Google Tag Manager. However, the site suffers from critical security issues including an invalid SSL certificate and lack of HTTPS enforcement, which significantly impacts its security posture and trustworthiness. Privacy and cookie policies are present and implemented via iubenda, indicating some level of GDPR compliance. The domain's DNS configuration is incomplete or misconfigured, lacking A and MX records, which raises concerns about domain management and legitimacy. Overall, the site presents a good business proposition but requires urgent technical and security improvements to enhance trust and compliance.

M

Miga Verse

migaverse.it

31

Miga Verse operates as a pioneering Italian Virtual Reality community focused on networking and education within the Metaverse. The company offers a membership model granting access to VR-based networking events, live training sessions, and a specialized academy for Metaverse professionals. Positioned as a niche leader in Italy, Miga Verse targets professionals and learners eager to leverage immersive VR technologies for business and education. Technically, the website is built on WordPress with Elementor and hosted on a LiteSpeed server, incorporating modern web technologies and multimedia content. However, the absence of a valid SSL certificate and disabled TLS protocols represent critical security weaknesses that undermine user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Contact information is clearly presented, enhancing business credibility. Strategic improvements in security infrastructure are essential to elevate the platform's trustworthiness and protect its user base.

M

Migastone International Srl

forumconnections.com

36

Forum Connections is a specialized event platform operated by Migastone International Srl, focusing on live business networking events that leverage relational marketing and speed meetings to connect agents, professionals, and small entrepreneurs with companies ranging from 1 to 50 million euros in revenue. The platform uses a proprietary algorithm (AIRA©) to optimize matchmaking and offers training and certification for opportunity reporters. Technically, the website is built on the Kartra marketing platform, utilizing modern web technologies and embedding multimedia content from Vimeo and YouTube. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. The site implements some security headers and a GDPR-compliant cookie banner, but lacks explicit security policies and incident response information. Overall, the website presents professional content and branding but requires urgent security improvements to protect user data and enhance trust.

M

Migastone International Srl

segnalazionevincente.com

40

Segnalazione Vincente, developed by Migastone International Srl, is a technology-driven referral marketing platform focused on building professional networks to reduce advertising costs and improve client acquisition. The company leverages a proprietary AI algorithm (AIRA©) and a unique mobile app to empower businesses and referral professionals. The website demonstrates strong branding, comprehensive content, and a clear business model targeting entrepreneurs and businesses in Italy and San Marino. Technically, the site is built on WordPress with Elementor and hosted on Hetzner with LiteSpeed caching, but suffers from a critical lack of a valid SSL certificate, impacting security and trust. Security headers are partially implemented, but HTTPS is not properly configured, representing a major vulnerability. Privacy compliance is moderate with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and content-rich but requires urgent security improvements to protect users and enhance credibility.

B

Banca Agricola Commerciale

bacinvestments.sm

40

Banca Agricola Commerciale (BAC) is a well-established financial institution based in San Marino, providing a broad range of banking and financial services to both private individuals and businesses. The website reflects a mature and professional organization with a strong local presence and a history dating back to 1920. The business model focuses on traditional banking services complemented by digital tools such as mobile apps and online account management. BAC maintains a consistent brand image and offers comprehensive information about its products, subsidiaries, and news updates. Technically, the website is built on WordPress with modern web technologies and includes SEO and accessibility features, although performance is moderate. Security posture is a significant concern due to the absence of a valid SSL certificate and HTTPS support, which exposes users to risks and undermines trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the domain registration data supports the legitimacy of the business, but technical security improvements are urgently needed.

Weddings by Emaar is a specialized platform offering comprehensive wedding planning resources including venues, vendors, and honeymoon destinations, primarily targeting couples in the UAE. The website is professionally designed using WordPress and Elementor, with integrations such as Google Tag Manager and New Relic for analytics and monitoring. However, the absence of HTTPS and minimal security headers represent significant security risks. The site lacks privacy and cookie policies, which impacts compliance and user trust. Overall, the business appears legitimate and well-branded, but the technical security posture requires urgent improvement to protect user data and enhance trust.

R

Rove Hotels

rovehotels.com

55

Rove Hotels is a hospitality brand offering stylish and affordable hotel accommodations primarily in Dubai and the UAE. The website presents a comprehensive portfolio of hotels, detailed descriptions, booking capabilities, and promotional offers targeting families, travelers, and business guests. The brand is positioned as a modern, accessible hotel chain with a strong digital presence and multi-language support. Technically, the website is built on WordPress, leveraging modern JavaScript frameworks and CDN services to deliver a responsive and user-friendly experience. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which poses significant risks to user data confidentiality and trust. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional and credible but requires urgent remediation of its SSL/TLS configuration to ensure secure communications.

D

Detas SpA

detasultra.com

50

Detasultra, a division of Detas SpA, specializes in patented cable gland systems and related industrial products serving multiple sectors including manufacturing, energy, and transportation. The company maintains a mature online presence with a well-structured website offering detailed product categories and multilingual support. The technical infrastructure leverages modern web technologies such as Webflow CMS, Google Tag Manager, and Weglot for translation, but suffers from a critical lack of a valid SSL certificate, exposing the site to security risks. Privacy and cookie policies are present, indicating basic GDPR compliance, and contact information is clearly provided. However, the imminent domain expiry and absence of domain protection locks present operational risks.

H

Haake Technik GmbH

haake.it

38

Haake Technik GmbH is a family-run company specializing in the development and manufacturing of industrial safety equipment, including safety edges, bumpers, mats, switches, and locking systems. With over 30 years of experience and an international presence, the company serves industrial clients focused on workplace and machine safety. The website reflects a professional business with clear product offerings and strong customer references. Technically, the site uses modern tracking and consent tools but suffers from a critical lack of a valid SSL certificate, resulting in no HTTPS support and exposing users to security risks. Performance is slow, and security headers are missing, indicating room for improvement in technical and security infrastructure. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the business credibility is strong, but the security posture requires urgent attention to protect user data and maintain trust.

ABC.com is the official website of ABC Entertainment, a leading US media company under The Walt Disney Company. The site offers extensive content including TV shows, news, live streams, and special events across multiple platforms such as Hulu, Disney+, FX, Freeform, and National Geographic. The website demonstrates a high level of digital maturity with a modern tech stack including React and comprehensive integration with analytics and advertising platforms. However, a critical security issue is the absence of a valid SSL certificate, which undermines secure HTTPS communication. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a strong commitment to user privacy. Overall, the site is professionally designed, user-friendly, and content-rich, serving a broad US audience with high-quality media content.

A

ABC News

goodmorningamerica.com

51

GoodMorningAmerica.com is the official website for Good Morning America, a flagship morning news and lifestyle program under ABC News, owned by The Walt Disney Company. The site offers a rich mix of news, entertainment, lifestyle content, and affiliate e-commerce deals, targeting a broad audience interested in current events, culture, wellness, and shopping. The website is professionally designed with consistent branding and a strong social media presence, reflecting its position as a major media enterprise in the United States. Technically, the site leverages modern web technologies including React, AWS CloudFront CDN, and tag management tools like Google Tag Manager and Ensighten. The site is mobile-optimized and SEO-friendly, with comprehensive metadata and structured content. However, the SSL/TLS configuration is currently invalid, with no valid certificate and no modern TLS protocols enabled, which poses a significant security risk and impacts user trust. From a security perspective, while the site does not exhibit common vulnerabilities such as Heartbleed or POODLE, the lack of a valid SSL certificate and absence of security headers like HSTS reduce its security posture. Privacy policies and terms of service are comprehensive and hosted on Disney domains, indicating good privacy compliance. Contact information is limited to a web form, with no direct emails or phone numbers publicly listed. Overall, the website is a high-quality, authoritative media platform with excellent content and business credibility. The primary risk lies in its SSL/TLS misconfiguration, which should be addressed promptly to ensure secure user connections and maintain trust. Strategic improvements in security configuration and enhanced accessibility features would further strengthen the site’s digital maturity and user confidence.

T

Tecno Logica SRL

tecno-logica.com

57

Tecno Logica SRL is a medium-sized manufacturing company specializing in bespoke industrial automation and robotics solutions primarily serving the wood, automotive, and industrial sectors. As part of the SCM Group, a recognized global leader in material processing technologies, Tecno Logica benefits from strong market positioning and trust. The website presents a professional and content-rich platform targeting industrial manufacturers seeking advanced automation solutions. Technically, the site uses modern technologies including Pimcore CMS, Bootstrap, and Google Tag Manager, providing a good user experience and mobile optimization. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing the site to risks and undermining user trust. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site is functional and credible but requires urgent security improvements.

SCM Foundry, part of SCM Group, is a medium-sized Italian manufacturing company specializing in grey and ductile iron castings for various industrial sectors including gear motors, machinery, pumps, compressors, agriculture, railways, and nautical industries. With over 70 years of experience and a production capacity of 12,000 tons per year, SCM Foundry offers comprehensive services from product conception to prototyping and production engineering. The website reflects a professional business presence with clear sector focus and good content quality. Technically, the site uses Pimcore CMS, Apache server, and integrates modern analytics tools such as Microsoft Clarity and Google Tag Manager, but the PHP version is outdated and performance data is unavailable. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, exposing the site to significant risks. Privacy compliance is strong with comprehensive policies managed via Iubenda. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

H

Hiteco

hiteco.net

59

Hiteco is a specialized manufacturer focused on high technology electromechanical components for machine tool manufacturers, including electrospindles, birotary heads, boring units, and aggregates. The company targets industrial clients requiring precision components and offers a comprehensive product catalog and customer service. The website is built on a Pimcore CMS platform with a modern tech stack including Apache, PHP, jQuery, and Bootstrap, but suffers from critical security shortcomings due to lack of a valid SSL certificate and disabled TLS protocols. Privacy compliance is well addressed through iubenda policies and cookie consent mechanisms. Overall, the site presents a professional business image but requires urgent security improvements to protect users and enhance trust.

S

SCM Group

cms.it

58

SCM Group operates the website cms.it, representing CMS S.p.A., a leading manufacturer of advanced machining centers, thermoforming machines, and cutting systems. Founded in 1969 and headquartered in Italy, the company serves diverse industrial sectors including aerospace, automotive, marine, and construction. The website reflects a mature business with comprehensive content, clear branding, and a global market presence. Technically, the site uses a Pimcore CMS on an Apache server with PHP 7.1 and integrates modern JavaScript libraries and consent management tools. However, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap, significantly reducing the site's security posture. Security headers are well configured but cannot compensate for the lack of encryption. Privacy compliance is strong, with detailed policies managed via Iubenda and GDPR adherence evident. Contact information is clearly presented, supporting business credibility. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions.

O

OCME S.r.l.

ocme.com

51

OCME S.r.l. is a large Italian manufacturing company specializing in advanced packaging, filling, palletizing, and intralogistics solutions for industrial production lines. The company operates primarily in the manufacturing sector, serving B2B clients requiring end-of-line automation and packaging technologies. OCME is part of the Aetna Group Holding SPA, with subsidiaries including Robopac and Aetna, reinforcing its market position as a key player in packaging manufacturing. The website presents professional branding, consistent content, and a clear focus on industrial solutions and services including remote and on-site support.

UNA is an Italian association representing communication companies, providing networking, events, training, and sector-specific hubs to its members. The website serves as a portal for members and interested parties to access services, news, and industry information. The association holds a solid market position within Italy's communication sector, targeting companies and professionals seeking collaboration and industry representation. The business model is membership-based, offering value through events, awards, and specialized hubs. Technically, the website is built on WordPress with Elementor, integrating modern marketing and analytics tools such as Google Tag Manager and Iubenda for consent management. However, the site currently lacks a valid SSL certificate and HTTPS support, which is a critical security gap. Performance data is incomplete but suggests potential slowness. Mobile optimization and SEO are adequately addressed. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the site's security posture. No advanced security headers or incident response policies are evident. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. The domain registration data aligns well with the business claims, indicating legitimacy. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling security headers, and establishing incident response protocols.

J

JobForward

jobforward.org

54

JobForward is a workforce development organization formed in 2025 by the merger of the Institute for American Apprenticeships and Training Funding Partners. It provides consulting, apprenticeship program design, grant writing, and workforce planning services targeting employers, workforce boards, educators, and job seekers. The organization manages significant workforce funding and operates nationally with a focus on registered apprenticeship programs and workforce solutions. Technically, the website is built on WordPress with modern plugins and Google Tag Manager for analytics, hosted likely on GoDaddy with Cloudflare CDN. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Privacy compliance is partial with a privacy policy present but no cookie policy or terms of service. Contact information is clearly provided including phone numbers, physical addresses, and a contact form. Social media presence on LinkedIn and Facebook supports business credibility. WHOIS data aligns well with the business claims, showing a consistent and legitimate registration. Overall, the website is professional and functional but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

M

M.M.Warburg & CO Gruppe GmbH

mmwarburggruppe.com

50

The Warburg Gruppe website represents a well-established financial holding company specializing in private banking, asset management, and investment banking services. The group operates multiple subsidiaries, each with a clear market focus, serving high-net-worth individuals and institutional clients primarily in Germany. The website content is professionally presented, targeting a sophisticated audience with detailed information about the group and its subsidiaries. Technically, the site uses a Java-based CMS (OpenCms) and integrates modern marketing and analytics tools such as Usercentrics for consent management and Google Tag Manager. However, a critical security gap exists due to the absence of HTTPS/SSL, exposing users to potential risks. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

M

M.M.Warburg & CO (AG & Co.) KGaA

mmwarburg.com

50

M.M.Warburg & CO is a well-established independent private bank in Germany with a history dating back to 1798. The bank offers a broad range of financial services including private banking, asset management, corporate and investment banking, and institutional client services. The website targets private clients, business customers, and institutional investors, emphasizing personalized service and long-term client relationships. Technically, the website uses modern web technologies such as Apache server, UserCentrics consent management, Google Analytics, and Google Tag Manager, and is built on OpenCms. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. The website is professionally designed with consistent branding and rich content, including reports and multimedia. Overall, the site reflects a reputable financial institution but urgently needs to address its SSL/TLS configuration to ensure secure communications.

G

Green & Durable Group

greenanddurablegroup.com

50

Green & Durable Group is a Belgian-based company specializing in sustainable energy solutions for both private individuals and businesses. Their business model focuses on wholesale distribution of solar and storage systems alongside installation services for energy-saving systems. The company positions itself as a leader in the green energy sector with ambitions to expand pan-Europe and achieve significant revenue growth. The website is professionally designed, multilingual, and provides clear contact information and privacy compliance via Iubenda. Technically, the site uses Google Tag Manager and Google Fonts, hosted on Combell infrastructure. However, a critical security weakness is the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture. Privacy compliance is strong with a comprehensive cookie and privacy policy and consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and trust.

O

One Srl

oneinfo.it

29

One Srl is an Italian credit management and debt recovery agency based in Treviso, operating nationally with over 35 years of experience. The company offers a range of services including contractual consultancy, courtesy calls, out-of-court and judicial debt recovery, and credit assignment solutions. The business is positioned as a trusted and certified player in the finance sector, leveraging IT solutions for client transparency and efficiency. Technically, the website uses a traditional LAMP stack with Apache and PHP 5.6, complemented by modern front-end libraries and Google marketing tools. However, the absence of HTTPS and use of outdated PHP versions represent significant security weaknesses. The company maintains comprehensive legal and privacy documentation, demonstrating good privacy compliance and business credibility. Overall, the website is professional and content-rich but requires urgent security upgrades to meet modern standards.

S

Splash

eleven.sm

35

The website eleven.sm currently serves as a minimal splash page indicating a temporary pause in service or activity. It provides very limited business information, with the only contact method being a WhatsApp chat link. The site uses modern web technologies such as Webflow for CMS, Cloudflare for hosting and CDN, Google Tag Manager for analytics, and third-party widgets like Jetboost and Elfsight. However, the content is minimal and lacks detailed business descriptions, legal information, or privacy policies. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, resulting in no HTTPS protection. Critical security headers and best practices are partially implemented but insufficient. The absence of privacy and cookie policies indicates non-compliance with GDPR and related regulations. The domain is mature and active but lacks domain protection mechanisms such as DNSSEC or CAA records, which could pose risks. Overall, the website's risk profile is elevated due to missing HTTPS, minimal content, and lack of compliance documentation. The technical infrastructure is modern but underutilized, and the business credibility is low due to the absence of clear company information. Strategic improvements in security, privacy compliance, and content development are recommended to enhance trust and operational readiness.

T

Traderlink Italia s.r.l.

traderlink.it

39

Traderlink Italia s.r.l. operates a mature and comprehensive financial information website focused on stock market quotes, news, analysis, and educational content primarily for the Italian and international financial markets. The platform targets investors, traders, and financial professionals, offering a wide range of services including market data, trading signals, video analysis, and portfolio management tools. The business model is based on providing valuable financial content supported by advertising and possibly subscription services. The company is well-established with a domain age of 28 years and clear legal presence in Italy. Technically, the website uses a modern tech stack including Bootstrap, jQuery, Vue.js, and integrates Google Tag Manager, Google Ads, and Matomo analytics. Hosting and DNS services are provided by Cloudflare, ensuring reliable performance, although the site suffers from slow load times and lacks a valid SSL certificate, which is a critical security flaw. The site is mobile-optimized and SEO-friendly with good navigation and content structure. From a security perspective, the site has SPF and DMARC records configured properly, indicating good email security practices. However, the absence of a valid SSL certificate and HTTPS support severely undermines the security posture, exposing users to risks such as data interception. Other security best practices like HSTS, OCSP stapling, and modern TLS protocols are missing. Privacy compliance is strong, with comprehensive GDPR-compliant privacy and cookie policies implemented via Iubenda, including consent mechanisms. Overall, the website is trustworthy and professional in its business presentation and content quality but requires urgent improvements in SSL/TLS security to protect user data and maintain credibility. Strategic recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, and enhancing security headers and DNS security features.

M

Migastone International Srl

migastone.com

23

Migastone International Srl is a small technology company based in San Marino specializing in custom mobile app development and mobile marketing solutions for small to medium-sized businesses. The company leverages relational marketing techniques and offers a suite of services including app development, referral network training, and digital marketing education. Their market position is supported by a mature domain and a consistent brand presence with multiple partner collaborations and customer testimonials. Technically, the website is built on the Kartra platform with Cloudflare CDN and uses modern web technologies such as Bootstrap and Google Fonts. However, the site lacks a valid SSL certificate, which severely impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is comprehensive. The security configuration requires urgent improvement to protect user data and enhance trust. Overall, the website demonstrates good content quality and business credibility but suffers from critical security shortcomings that must be addressed.

L

Leagel S.r.l.

leagel.com

40

Leagel S.r.l. is a medium-sized manufacturing company based in San Marino specializing in the production and commercialization of semi-finished products and ingredients for gelato and pastry artisans. The company has a strong international presence and a well-established brand with over 20 years of experience. Their website reflects a professional and consistent brand image, offering multilingual content, downloadable catalogs, and recipe books to support their B2B customers. Technically, the website is built on WordPress with Bootstrap and integrates modern marketing and analytics tools such as Google Tag Manager and HubSpot. However, the security posture is weak due to the absence of a valid SSL certificate and modern TLS protocols, exposing the site to risks and reducing user trust. Privacy compliance is strong, with clear GDPR-aligned policies and consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

O

Organizzazione Sammarinese degli Imprenditori

osla.sm

25

Organizzazione Sammarinese degli Imprenditori (OSLA) is a mature, small-sized association dedicated to supporting small and medium enterprises (SMEs) across multiple sectors in San Marino, including commerce, tourism, industry, services, craftsmanship, liberal professions, and agriculture. The website serves as an informational and service portal offering consultancy, legal advice, training, and representation for its members. The organization holds a key market position as a representative body for SMEs in San Marino. Technically, the website is built on Drupal 7 with an Apache server and PHP 5.4.16, indicating an outdated technology stack. The site includes modern web features such as responsive design and social media integration but suffers from slow performance and basic SEO and accessibility implementations. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS support, despite some security headers being present. Privacy compliance is partially addressed with visible privacy and cookie policies and a consent mechanism, but GDPR compliance is not fully evident. Contact information is limited to a physical address with no direct email or phone contacts displayed. Overall, the site is functional but requires significant improvements in security and technical modernization to enhance trust and compliance.

H

H.J. Opdyke Lumber Company

opdyke.com

40

H.J. Opdyke Lumber Company is a well-established regional supplier of lumber and building materials, servicing residential and multifamily properties since 1955. The company offers a broad range of products and design services including kitchens, baths, decking, doors, windows, and closets, targeting contractors, builders, and homeowners primarily in New Jersey, Pennsylvania, and New York. Their market position is solid with multiple physical locations and a medium-sized business footprint. Technically, the website is built on WordPress with modern plugins and accessibility features, but lacks a valid SSL certificate, which is a critical security shortfall. The site uses Sucuri Cloudproxy for WAF protection, Google Analytics and Tag Manager for tracking, and hCaptcha for form security. Privacy and cookie policies are present and GDPR compliant, but no terms of service or security policies are found. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

S

Stefano Boeri Architetti

stefanoboeriarchitetti.net

37

Stefano Boeri Architetti is a mature and internationally recognized architecture and urban planning firm headquartered in Milan, with offices in Shanghai and Tirana. Established in 1993, the firm specializes in innovative architectural design and urbanism, with notable projects such as the Bosco Verticale in Milan. The website reflects a professional digital presence with multilingual support and active social media engagement, targeting clients and professionals interested in architecture and urban development. Technically, the site is built on WordPress with a range of plugins for SEO, content management, and user interaction, but lacks a valid SSL certificate, which impacts security and trust. The absence of HTTPS and security headers represents a critical vulnerability that should be addressed promptly. Privacy compliance is well managed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires significant security improvements to align with best practices.

Colorificio Sammarinese is a well-established paint and coatings manufacturer based in San Marino with a history spanning approximately 80 years. The company offers a broad portfolio of products for light and professional construction, including decorative paints, industrial coatings, and innovative tintometric systems. Their market position is strong within the manufacturing sector, supported by a professional website that targets both professional and retail customers. The website is multilingual and integrates e-commerce capabilities through WooCommerce, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are present and GDPR compliant, and the company maintains active social media channels. The WHOIS data confirms the domain's legitimacy and long-term registration, consistent with the company's profile.

S

SCAVOLINI S.P.A.

scavolini.com

40

Scavolini S.P.A. is a well-established Italian furniture manufacturer specializing in kitchens, bathrooms, living rooms, walk-in wardrobes, and outdoor kitchens. The company positions itself as a premium brand with a focus on quality, sustainability, and bespoke furniture solutions. Their market presence is supported by international certifications and a broad dealer network. Technically, the website is built on ASP.NET technology, leveraging Cloudflare for CDN and security, and integrates modern marketing and accessibility tools. However, the website suffers from a critical security weakness due to the absence of a valid SSL certificate and lack of TLS protocol support, which severely impacts its security posture. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to ensure secure communications and user trust.

Aeffe Spa is an established Italian luxury goods group specializing in the production and distribution of high-end fashion products including ready-to-wear, footwear, leather goods, lingerie, and beachwear. The company operates internationally with proprietary brands such as Alberta Ferretti, Moschino, Pollini, and Philosophy di Lorenzo Serafini, positioning itself as a significant player in the luxury retail sector. The website reflects a professional corporate presence with comprehensive investor relations and governance information, targeting investors, partners, and luxury consumers. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple third-party services including Google Tag Manager and Google Analytics for analytics and marketing. Multilingual support is provided via WPML, enhancing accessibility for international audiences. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS, which impacts its security posture and user trust. Security-wise, while no critical vulnerabilities or exposed sensitive data were detected, the lack of HTTPS and modern TLS protocols, absence of HSTS, and missing DMARC records represent significant risks. The site employs basic security headers but could benefit from enhanced configurations. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern TLS protocols, and improving security headers and email authentication mechanisms.

A

Alpiq Holding Ltd.

alpiq.com

40

Alpiq Holding Ltd. is a leading Swiss electricity producer and energy service provider operating across Europe. The company focuses on electricity generation, energy trading, and renewable energy management, positioning itself as a key player in the energy sector with a large operational footprint and multiple subsidiaries in European countries. The website reflects a mature and professional business with comprehensive content and clear branding. Technically, the site is built on TYPO3 CMS and hosted on AWS infrastructure, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, lack of security headers, and no modern TLS protocols enabled. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism implemented via OneTrust. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

Qatar Airways is a globally recognized airline with a mature digital presence, offering comprehensive travel services including flight bookings, loyalty programs, and ancillary services. The website is well-designed, mobile-optimized, and provides extensive content and user engagement features. Technically, the site employs modern frameworks and analytics tools but lacks a valid SSL certificate, which is a critical security concern. The security posture is moderate due to missing HTTPS and TLS configurations, though other security headers are present. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site reflects a reputable enterprise with room for critical security improvements.

P

Pacific Investment Management Company LLC

pimco.com

40

PIMCO is a globally recognized investment management firm specializing in providing investment solutions to institutions, financial professionals, and individual investors. The website reflects a mature and enterprise-level business with a strong focus on sustainable investing and ETFs. The company operates under multiple regulatory jurisdictions, demonstrating a high level of compliance and trustworthiness. Technically, the website employs modern technologies such as Sitecore CMS, Coveo search, and marketing tools like Marketo and Google Tag Manager, indicating a mature digital infrastructure. However, a critical security issue is the invalid or missing SSL certificate and lack of modern TLS protocols, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the website is professional, well-branded, and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions.

L

Libertas Srl

libertas.sm

31

Libertas.sm is a well-established online news media outlet serving the San Marino and Rimini regions, operating since 2000. It provides daily news, stories, and information with a focus on local events, politics, culture, and sports. The website leverages WordPress CMS with a range of plugins for SEO, advertising, and user engagement, including Google Tag Manager and advertising networks. Despite a rich content offering and good user experience, the site lacks HTTPS encryption, which is a critical security vulnerability. Privacy and cookie policies are implemented with GDPR compliance, and contact information is clearly provided, supporting business credibility. The domain registration data confirms the site's legitimacy and maturity, though domain protection mechanisms are absent.

San Marino is a Peruvian real estate development specializing in luxury residential properties and marina services. The website presents a well-structured and visually appealing platform targeting buyers interested in exclusive homes, apartments, marina slips, and club memberships near Lima. The technical infrastructure relies on Apache and PHP 7.3 with integration of Google Tag Manager and TikTok Analytics for marketing and tracking purposes. However, the absence of HTTPS and a valid SSL certificate significantly undermines the site's security posture. Additionally, the lack of cookie consent mechanisms and comprehensive privacy compliance measures exposes potential regulatory risks. Overall, while the business model and market positioning are clear and credible, the website requires urgent security and privacy improvements to protect user data and enhance trust.

TITANKA! Spa is a specialized digital marketing and technology solutions provider focused on the tourism and hospitality sector, serving hotels, camping villages, and destinations primarily in Italy and San Marino. With over 25 years of experience, the company offers tailored services including web marketing, chatbot AI, performance hubs, and hospitality marketing mix solutions. The website reflects a mature business with a consistent brand and a clear target audience. Technically, the site uses a proprietary CMS and integrates multiple analytics and marketing tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a comprehensive GDPR policy and cookie consent mechanism. The security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the business appears legitimate and established, but urgent improvements in security infrastructure are recommended to protect user data and enhance trust.