Security Directory

A

ACT Alliance

actalliance.org

0

ACT Alliance is a large, global non-profit coalition comprising 152 members operating in 127 countries, focused on humanitarian aid, climate justice, gender justice, migration, peace, and advocacy. The website reflects a well-structured organization with clear thematic areas and a broad international presence. Technically, the site is built on WordPress with modern frameworks such as Bootstrap and uses various JavaScript libraries for UI and mapping functionalities. However, the security posture is weak due to the absence of a valid SSL certificate and lack of essential security headers, which exposes users to risks and undermines trust. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the site is professional and credible but requires urgent security improvements to protect user data and enhance trust.

J

JobForward

jobforward.org

0

JobForward is a workforce development organization formed in 2025 by the merger of the Institute for American Apprenticeships and Training Funding Partners. It provides consulting, apprenticeship program design, grant writing, and workforce planning services targeting employers, workforce boards, educators, and job seekers. The organization manages significant workforce funding and operates nationally with a focus on registered apprenticeship programs and workforce solutions. Technically, the website is built on WordPress with modern plugins and Google Tag Manager for analytics, hosted likely on GoDaddy with Cloudflare CDN. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Privacy compliance is partial with a privacy policy present but no cookie policy or terms of service. Contact information is clearly provided including phone numbers, physical addresses, and a contact form. Social media presence on LinkedIn and Facebook supports business credibility. WHOIS data aligns well with the business claims, showing a consistent and legitimate registration. Overall, the website is professional and functional but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

M

M.M.Warburg & CO

warburg-bank.de

0

M.M.Warburg & CO operates a professional online banking platform targeting banking customers primarily in Germany. The website offers secure login mechanisms including electronic TAN authentication and provides clear customer support phone contacts. The technical infrastructure is based on AngularJS with custom JavaScript and CSS, delivering a good user experience and mobile optimization. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent critical security vulnerabilities that undermine trust and data protection. Security headers are well implemented, but the SSL/TLS configuration requires urgent remediation. Privacy compliance is strong with a clear cookie consent mechanism and a comprehensive privacy policy. Overall, the website is functional and professional but needs immediate security improvements to meet industry standards.

M

M.M.Warburg & CO Gruppe GmbH

mmwarburggruppe.com

0

The Warburg Gruppe website represents a well-established financial holding company specializing in private banking, asset management, and investment banking services. The group operates multiple subsidiaries, each with a clear market focus, serving high-net-worth individuals and institutional clients primarily in Germany. The website content is professionally presented, targeting a sophisticated audience with detailed information about the group and its subsidiaries. Technically, the site uses a Java-based CMS (OpenCms) and integrates modern marketing and analytics tools such as Usercentrics for consent management and Google Tag Manager. However, a critical security gap exists due to the absence of HTTPS/SSL, exposing users to potential risks. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

M

M.M.Warburg & CO (AG & Co.) KGaA

mmwarburg.com

0

M.M.Warburg & CO is a well-established independent private bank in Germany with a history dating back to 1798. The bank offers a broad range of financial services including private banking, asset management, corporate and investment banking, and institutional client services. The website targets private clients, business customers, and institutional investors, emphasizing personalized service and long-term client relationships. Technically, the website uses modern web technologies such as Apache server, UserCentrics consent management, Google Analytics, and Google Tag Manager, and is built on OpenCms. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. The website is professionally designed with consistent branding and rich content, including reports and multimedia. Overall, the site reflects a reputable financial institution but urgently needs to address its SSL/TLS configuration to ensure secure communications.

G

Green & Durable Group

greenanddurablegroup.com

0

Green & Durable Group is a Belgian-based company specializing in sustainable energy solutions for both private individuals and businesses. Their business model focuses on wholesale distribution of solar and storage systems alongside installation services for energy-saving systems. The company positions itself as a leader in the green energy sector with ambitions to expand pan-Europe and achieve significant revenue growth. The website is professionally designed, multilingual, and provides clear contact information and privacy compliance via Iubenda. Technically, the site uses Google Tag Manager and Google Fonts, hosted on Combell infrastructure. However, a critical security weakness is the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture. Privacy compliance is strong with a comprehensive cookie and privacy policy and consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and trust.

O

Olaf Schmidt Coaching

olafschmidt.de

0

Olaf Schmidt Coaching is a small German-based business specializing in LinkedIn lead generation coaching, targeting self-employed professionals and companies, particularly in marketing and sales. The website presents a professional coaching service with clear offerings including personalized LinkedIn strategies, workshops, and weekly support. Technically, the site is built on WordPress with Elementor and uses common web technologies such as Apache and PHP. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security flaw. The presence of LinkedIn Insight tracking and Calendly integration indicates a moderate level of digital maturity but also raises privacy considerations. Security posture is weak due to missing HTTPS and security headers, and privacy compliance is basic with only a privacy policy found but no cookie consent mechanism. Overall, the site is functional and professionally presented but requires urgent security improvements to protect user data and improve trust.

O

One Srl

oneinfo.it

0

One Srl is an Italian credit management and debt recovery agency based in Treviso, operating nationally with over 35 years of experience. The company offers a range of services including contractual consultancy, courtesy calls, out-of-court and judicial debt recovery, and credit assignment solutions. The business is positioned as a trusted and certified player in the finance sector, leveraging IT solutions for client transparency and efficiency. Technically, the website uses a traditional LAMP stack with Apache and PHP 5.6, complemented by modern front-end libraries and Google marketing tools. However, the absence of HTTPS and use of outdated PHP versions represent significant security weaknesses. The company maintains comprehensive legal and privacy documentation, demonstrating good privacy compliance and business credibility. Overall, the website is professional and content-rich but requires urgent security upgrades to meet modern standards.

The website htamedica.com currently serves as a parked domain page hosted by Aruba.it, indicating that the domain is registered but not actively used for business purposes. The page provides no business description, services, or contact information, limiting its utility and trustworthiness. The technical infrastructure is based on Microsoft IIS 10.0 and ASP.NET, hosted by Aruba.it, but lacks modern security configurations such as a valid SSL certificate and HTTPS support. This absence significantly impacts the site's security posture and user trust. No privacy, cookie, or terms of service policies are present, and no forms or data collection mechanisms are implemented. Overall, the site is minimalistic and does not provide any meaningful content or business insights.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

&

日韩中文字幕精品视频|中文字幕有码在线播放|亚洲精品&#3259

egoteck.com

0

The website egoteck.com is a Chinese-language media content platform primarily focused on providing access to domestic Chinese animation, movies, TV series, and variety shows. It targets Chinese-speaking audiences interested in streaming and viewing domestic video content. The business model appears to be content aggregation and streaming without clear monetization or subscription details. The domain is relatively new, registered in 2023, consistent with a small media content provider. Technically, the site runs on an nginx server and uses jQuery for client-side scripting. The site lacks HTTPS support due to an invalid or missing SSL certificate, which significantly impacts security posture. Performance data is minimal, and the site shows basic mobile optimization and SEO practices. Accessibility features are limited. Security-wise, the absence of HTTPS and security headers, along with no privacy or cookie policies, indicates a low security maturity level. No vulnerabilities or WAF protections are detected, but the lack of secure communication channels and policies poses risks. The WHOIS data shows consistent registration information with no privacy protection, which supports legitimacy but also exposes registrant data. Overall, the site is functional but basic, with significant room for improvement in security, privacy compliance, and professional business presentation. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving accessibility, and enhancing trust signals.

The website laboratoiresbewell.com currently serves only a default hosting placeholder page with no accessible content, metadata, or business information. The domain is registered and hosted by OVH, a reputable provider, but lacks an SSL certificate and any HTTPS support, which severely impacts its security posture. No privacy policies, contact information, or business details are available on the site, indicating it is either under development or abandoned. The technical infrastructure is minimal, with no modern technologies or frameworks detected, and performance data is unavailable due to the lack of content. Security best practices are not implemented, with no security headers or encryption in place. Overall, the site presents a high risk for users and does not meet basic standards for professionalism, security, or compliance.

S

Studio legale e notarile

studiolegale.sm

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 25 security findings identified across all modules.

A

ALMA MATER STUDIORUM - Università di Bologna

unibo.it

0

The Università di Bologna (University of Bologna) is a historic and prestigious public university based in Italy, recognized as the oldest university in the Western world. The website serves as a comprehensive portal offering extensive academic programs, research information, student services, and community engagement resources. It targets students, researchers, academic staff, and the general public, positioning itself as a leading institution in higher education. The business model focuses on education, research, and societal contribution, with a large organizational size and a strong market position in the education sector. Technically, the website is built on the Plone CMS platform, served by an Nginx server on Ubuntu, and utilizes modern web technologies including jQuery, Leaflet.js for maps, Splide.js for carousels, and Font Awesome for icons. Analytics are handled primarily via Matomo and Contentsquare, indicating a moderate level of user tracking with privacy compliance measures in place. The site is well-structured, mobile-optimized, accessible, and SEO-friendly, providing an excellent user experience. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Other security headers like X-Frame-Options and X-Content-Type-Options are present, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. No WAF or content blocking mechanisms are detected, and no immediate vulnerabilities or exposed sensitive data are found. Overall, the site is highly credible and professional, with strong business legitimacy and comprehensive content. However, the lack of proper SSL/TLS configuration poses a significant risk that should be addressed promptly to protect user data and maintain trust.

The website pragmatainstitute.com is currently inaccessible for normal use and displays a maintenance page hosted by Aruba S.p.A. The page is a simple multilingual notification informing visitors that the service is under maintenance and directs users to Aruba's support site for assistance. There is no business or contact information, no privacy or cookie policies, and no interactive elements such as forms or scripts. The technical infrastructure is basic, relying on Aruba's proxy server without a valid SSL certificate, resulting in an insecure HTTP connection. Security headers are minimal and no advanced security configurations are present. The domain registration and DNS records are consistent with Aruba hosting, indicating a legitimate registration, but the lack of content and security features lowers the overall trust and professionalism of the site. The website currently provides no evidence of GDPR compliance or business credibility.

L

Link

linkitaly.com

0

Link S.r.l. is a mature Italian company established in 1998 specializing in the distribution and e-commerce of cables, connectors, accessories, and sanitization products. The company operates internationally with subsidiaries in the USA, UK, and France, serving diverse sectors including entertainment, civil, military, and heavy industry. Their business model focuses on B2B distribution and online sales, supported by recognized certifications such as ISO 9001-2015 and Dante level 3. The website reflects a professional presence with good content quality and consistent branding, targeting industry professionals and corporate clients. Technically, the website uses a custom or proprietary CMS platform with modern JavaScript libraries like jQuery, Bootstrap 5, and GSAP for UI effects. However, performance is slow and SEO and accessibility are basic. The hosting is managed via Register SPA with Apache server. The site lacks a valid SSL certificate and HTTPS enforcement, which is a critical security gap. Privacy and cookie policies are present and reasonably comprehensive, indicating some GDPR compliance. Security posture is weak due to missing HTTPS, lack of HSTS, DNSSEC, and domain protection locks. No explicit security or incident response policies are published. The site uses Facebook Pixel and Google Tag Manager for analytics and marketing, with moderate user tracking. Overall, the domain registration is consistent and mature, supporting legitimacy, but security improvements are urgently needed. Strategic recommendations include implementing a valid SSL certificate, enabling HSTS and DNSSEC, publishing security and incident response policies, and enhancing performance and accessibility to improve user trust and compliance.

The website for the Segreteria di Stato per la Giustizia e la Famiglia serves as the official digital presence of San Marino's Secretariat of State for Justice and Family. It provides citizens and stakeholders with access to information on justice policies, family mediation, judicial council activities, and official communications. The site targets local citizens, legal professionals, and government officials, positioning itself as a trusted government information portal. The business model is purely informational and public service-oriented, with no commercial activities. Technically, the site runs on an Apache server with a Magnolia CMS backend, utilizing jQuery and Font Awesome for frontend functionality and styling. While the site is functional and content-rich, it suffers from slow DNS resolution and lacks HTTPS, which is a significant security and trust concern. Mobile optimization and accessibility are basic but present, and SEO practices are minimal. From a security perspective, the absence of a valid SSL certificate and HTTPS is a critical vulnerability, exposing users to potential interception risks. The site lacks modern security headers such as HSTS and does not implement DNS security extensions like DNSSEC or DMARC. No cookie consent mechanisms or privacy compliance features are evident, which may pose regulatory risks under GDPR. However, the site does not appear to collect personal data via forms on the homepage, reducing immediate privacy risks. Overall, the website is a credible and authoritative government resource but requires urgent improvements in security infrastructure and privacy compliance to protect users and maintain trust. Strategic recommendations include implementing HTTPS, enhancing DNS security, adding cookie consent mechanisms, and improving security headers to align with best practices.

CISCoop is a small business established since 1982, with an online presence via a WordPress-based website using the Kubio plugin. The website content is minimal, primarily displaying the company name and founding year, with no detailed business descriptions or contact information. The technical infrastructure is basic, hosted on a PleskLin server with nginx, and uses standard web technologies such as jQuery. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. There are no privacy or cookie policies, and no contact or security incident response information is provided, indicating low maturity in compliance and security posture. Overall, the website presents a low level of professionalism and trustworthiness, with significant room for improvement in security and content completeness.

The website com-saint-martin.fr currently serves a 404 error page indicating that the requested content is not found, resulting in no accessible business information or user-facing content. The domain is mature, registered since 2007 with a French registrar, and uses Google hosting infrastructure. However, the lack of a valid SSL certificate and HTTPS support severely impacts the security posture and user trust. Minimal security headers are present but some are misconfigured, and no privacy or cookie policies are found, indicating poor compliance with data protection regulations. Overall, the site appears abandoned or misconfigured, offering no business or contact information to visitors. Technically, the site is hosted on Google infrastructure with DNS managed by eolas.fr name servers. DNSSEC and CAA records are not enabled, which could improve DNS security. The site lacks modern TLS protocols and cipher suites, and no session resumption or OCSP stapling is configured. Performance data is unavailable due to the lack of content, but the minimal HTML suggests poor user experience and SEO. Security-wise, the absence of HTTPS and a valid SSL certificate is a critical vulnerability. The X-XSS-Protection header is disabled, and no advanced security headers like Content Security Policy are present. The DMARC policy is set to quarantine, which is a positive indicator for email security. No incident response or vulnerability disclosure information is available, limiting the ability to respond to security events. Given these findings, the overall risk level is high due to the lack of content, security controls, and compliance measures. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, improving security headers, publishing privacy and cookie policies, and providing clear contact information to enhance trust and compliance.

Antao Progetti s.p.a. is a small architecture and engineering firm based in San Marino, specializing in architecture, design, engineering, renewable energies, and restoration. The company has a mature online presence with a portfolio of projects and a professional website built on WordPress. The technical infrastructure includes common web technologies and plugins but lacks modern security features such as HTTPS. The website is accessible and provides clear contact information but lacks privacy and cookie policies, which are important for GDPR compliance. The security posture is weak due to the absence of SSL/TLS and security headers, exposing the site to potential risks. Overall, the business appears legitimate and stable, but improvements in security and compliance are necessary to enhance trust and protect user data.

The website evolutionforum.it is currently a parked domain page hosted by Aruba.it, indicating the domain is registered but not actively used for business or content delivery. The page provides minimal information, only stating that the domain is already taken, with no business description, contact details, or user engagement features. The technical infrastructure is based on Microsoft IIS 10.0 with ASP.NET, hosted by Aruba.it, but lacks a valid SSL certificate and does not support HTTPS, which is a significant security shortfall. The absence of privacy, cookie, or terms of service policies further indicates the site is not operational as a business or service platform. Overall, the site has a very low digital maturity and security posture.

S

Splash

eleven.sm

0

The website eleven.sm currently serves as a minimal splash page indicating a temporary pause in service or activity. It provides very limited business information, with the only contact method being a WhatsApp chat link. The site uses modern web technologies such as Webflow for CMS, Cloudflare for hosting and CDN, Google Tag Manager for analytics, and third-party widgets like Jetboost and Elfsight. However, the content is minimal and lacks detailed business descriptions, legal information, or privacy policies. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, resulting in no HTTPS protection. Critical security headers and best practices are partially implemented but insufficient. The absence of privacy and cookie policies indicates non-compliance with GDPR and related regulations. The domain is mature and active but lacks domain protection mechanisms such as DNSSEC or CAA records, which could pose risks. Overall, the website's risk profile is elevated due to missing HTTPS, minimal content, and lack of compliance documentation. The technical infrastructure is modern but underutilized, and the business credibility is low due to the absence of clear company information. Strategic improvements in security, privacy compliance, and content development are recommended to enhance trust and operational readiness.

W

Whirlpool Corporation

whirlpoolcorp.com

0

Whirlpool Corporation is a leading global manufacturer of home appliances with a rich history spanning over 110 years. The company operates multiple well-known brands and focuses on innovation, sustainability, and social responsibility to improve life at home. Their website reflects a mature enterprise with comprehensive corporate information, investor relations, and brand portfolios targeting consumers, investors, and trade partners worldwide. Technically, the website is built on Adobe Experience Manager and delivered via Akamai CDN, using modern JavaScript libraries and cookie consent mechanisms. However, a critical security gap exists as the site lacks HTTPS support, exposing users to potential risks. Security headers are partially implemented, but the absence of SSL/TLS significantly lowers the security posture. Privacy compliance is well addressed with cookie consent and privacy policies, and business credibility is high given the consistent branding and WHOIS data. Overall, the site is professional and trustworthy but urgently requires SSL implementation to meet modern security standards.

T

Traderlink Italia s.r.l.

traderlink.it

0

Traderlink Italia s.r.l. operates a mature and comprehensive financial information website focused on stock market quotes, news, analysis, and educational content primarily for the Italian and international financial markets. The platform targets investors, traders, and financial professionals, offering a wide range of services including market data, trading signals, video analysis, and portfolio management tools. The business model is based on providing valuable financial content supported by advertising and possibly subscription services. The company is well-established with a domain age of 28 years and clear legal presence in Italy. Technically, the website uses a modern tech stack including Bootstrap, jQuery, Vue.js, and integrates Google Tag Manager, Google Ads, and Matomo analytics. Hosting and DNS services are provided by Cloudflare, ensuring reliable performance, although the site suffers from slow load times and lacks a valid SSL certificate, which is a critical security flaw. The site is mobile-optimized and SEO-friendly with good navigation and content structure. From a security perspective, the site has SPF and DMARC records configured properly, indicating good email security practices. However, the absence of a valid SSL certificate and HTTPS support severely undermines the security posture, exposing users to risks such as data interception. Other security best practices like HSTS, OCSP stapling, and modern TLS protocols are missing. Privacy compliance is strong, with comprehensive GDPR-compliant privacy and cookie policies implemented via Iubenda, including consent mechanisms. Overall, the website is trustworthy and professional in its business presentation and content quality but requires urgent improvements in SSL/TLS security to protect user data and maintain credibility. Strategic recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, and enhancing security headers and DNS security features.

S

Sgplus

sgplus.it

0

SG Plus is an Italian-based consultancy specializing in sports marketing and related services, with over 20 years of experience engaging various stakeholders including companies, public entities, and sports institutions. The website presents a professional image with clear descriptions of services such as marketing, event management, corporate social responsibility, and educational projects. Technically, the site is built on WordPress with modern plugins like Elementor and Jet, but lacks HTTPS, which significantly impacts security posture. The absence of SSL/TLS and security headers exposes the site to risks and lowers trustworthiness. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, reflecting GDPR awareness. Overall, the site is functional and informative but requires urgent security improvements to protect users and enhance credibility.

MRS is a French company specializing in corporate restaurant and employee catering services, operating multiple regional offices across France. The website currently displays a maintenance page indicating a site redesign to improve user experience. The business is established with a domain age of 26 years and a consistent registration history. Technically, the site runs on WordPress with Elementor and Yoast SEO plugins hosted on OVHcloud, but lacks HTTPS, which is a critical security deficiency. The security posture is weak due to absence of SSL/TLS, security headers, and privacy policies. Contact information and social media presence are available, but no forms or advanced privacy compliance mechanisms are implemented. Overall, the site is functional but requires significant improvements in security and privacy compliance to meet modern standards.

E

Entheos Academy

entheosacademy.org

0

Entheos Academy operates as a free public charter school serving K-8 students in Utah with two campuses. The school emphasizes experiential learning through programs like 4-H, Adventure, Discovery, and Service Learning, aiming to develop leadership and community commitment among students. The website reflects a well-established educational institution with a clear mission and community focus. Technically, the site uses modern web technologies including Bootstrap 4, jQuery, and integrates third-party services such as YouTube and Weglot for translation. However, the site suffers from a lack of a valid SSL certificate, resulting in no HTTPS protection, which is a critical security flaw. Additionally, privacy and cookie policies are absent, indicating compliance gaps with data protection regulations. The site has moderate performance and good mobile optimization but lacks advanced security headers and incident response information. Overall, the domain registration data aligns well with the website content, supporting the legitimacy of the organization.

L

Lepida S.c.p.A.

cup2000.it

0

Lepida S.c.p.A. is a well-established regional ICT consortium founded in 1997, serving the Emilia-Romagna region in Italy. It provides a broad range of digital infrastructure and software services primarily targeting public administration, healthcare, and social assistance sectors. The company holds multiple ISO certifications, indicating a strong commitment to quality, security, and environmental standards. The website reflects a mature digital presence with comprehensive content, clear navigation, and good user experience. However, the lack of a valid SSL certificate and HTTPS implementation is a significant security gap that undermines the overall security posture. Privacy and cookie policies are well implemented with consent mechanisms, and the use of Matomo analytics shows a privacy-conscious approach to user tracking. The domain is mature and consistent with the business claims, enhancing trustworthiness. Strategic improvements in SSL/TLS deployment and enhanced security configurations are recommended to elevate the security and trust levels.

D

Dauphin Telecom

dauphintelecom.fr

0

Dauphin Telecom is a regional telecommunications provider serving the French Antilles, including Saint Martin and Saint Barthélemy. The company offers a comprehensive range of services including mobile plans (unlimited, blocked, prepaid), fiber internet, TV packages, and bundled offers. With over 26 years of market presence and multiple local agencies, Dauphin Telecom holds a strong position in its regional market. The website reflects a professional and well-branded digital presence, targeting both residential and business customers in the region. Technically, the website is built on WordPress with Elementor and various Jet plugins, indicating a modern CMS-based infrastructure. However, performance metrics suggest slow loading times, and there is no SSL/TLS certificate installed, which is a significant security concern. The site is mobile-optimized and includes SEO best practices, but accessibility features are basic. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture, exposing users to potential risks. Some security headers are present, but critical improvements are needed. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is clearly provided, enhancing business credibility. Overall, while the business and content quality are strong, the lack of HTTPS is a critical issue that must be addressed immediately to protect users and improve trust. Strategic recommendations include implementing SSL, enhancing security configurations, and maintaining compliance documentation.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

M

Migastone International Srl

migastone.com

0

Migastone International Srl is a small technology company based in San Marino specializing in custom mobile app development and mobile marketing solutions for small to medium-sized businesses. The company leverages relational marketing techniques and offers a suite of services including app development, referral network training, and digital marketing education. Their market position is supported by a mature domain and a consistent brand presence with multiple partner collaborations and customer testimonials. Technically, the website is built on the Kartra platform with Cloudflare CDN and uses modern web technologies such as Bootstrap and Google Fonts. However, the site lacks a valid SSL certificate, which severely impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is comprehensive. The security configuration requires urgent improvement to protect user data and enhance trust. Overall, the website demonstrates good content quality and business credibility but suffers from critical security shortcomings that must be addressed.

L

Leagel S.r.l.

leagel.com

0

Leagel S.r.l. is a medium-sized manufacturing company based in San Marino specializing in the production and commercialization of semi-finished products and ingredients for gelato and pastry artisans. The company has a strong international presence and a well-established brand with over 20 years of experience. Their website reflects a professional and consistent brand image, offering multilingual content, downloadable catalogs, and recipe books to support their B2B customers. Technically, the website is built on WordPress with Bootstrap and integrates modern marketing and analytics tools such as Google Tag Manager and HubSpot. However, the security posture is weak due to the absence of a valid SSL certificate and modern TLS protocols, exposing the site to risks and reducing user trust. Privacy compliance is strong, with clear GDPR-aligned policies and consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

T

TITANKA! Spa

mvmedicalsolutions.com

0

The website mvmedicalsolutions.com currently serves as a minimal placeholder page indicating that TITANKA! Spa is preparing a new website. There is no substantive business content, contact information, or user engagement features present. The technical infrastructure is basic, with Apache server hosting and no SSL/TLS certificate, resulting in an insecure HTTP-only connection. The site uses Google Fonts for typography but lacks modern frameworks or CMS indications. Security posture is weak due to the absence of HTTPS, security headers, and privacy policies. No analytics or tracking mechanisms are detected, indicating minimal data collection. Overall, the site is not yet operational as a business platform and lacks essential compliance and security features.

C

Candyclouds di Danila Bigazzi

candyclouds.it

0

Candyclouds is a small creative business operated by Danila Bigazzi, specializing in web design, graphic design, and UX/UI strategy based in Bologna, Italy. The website serves as a portfolio showcasing various graphic, logo, and web projects, targeting clients seeking personalized design services. The business model includes service provision and an online shop presence via Etsy. Technically, the site is built on WordPress with common plugins such as WooCommerce, Yoast SEO, and Contact Form 7, hosted on SiteGround. While the site demonstrates good content quality and SEO optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, but no terms of service or security policies are present. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

W

Web Server's Default Page

planetservicesrl.it

0

The website planetservicesrl.it currently hosts only a default Plesk web server placeholder page with no active business content or branding. The domain is mature, registered since 2001 in Italy, but the lack of published content suggests the site is either inactive or under development. Technically, the site runs on nginx and is hosted by Italhosting, but it lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available, limiting user trust and compliance with privacy regulations. The external links lead solely to Plesk's official resources and social media channels, indicating no direct business presence on the site itself. Overall, the website's security posture is weak due to missing HTTPS and security headers, and the site shows minimal technical or content maturity.

O

Organizzazione Sammarinese degli Imprenditori

osla.sm

0

Organizzazione Sammarinese degli Imprenditori (OSLA) is a mature, small-sized association dedicated to supporting small and medium enterprises (SMEs) across multiple sectors in San Marino, including commerce, tourism, industry, services, craftsmanship, liberal professions, and agriculture. The website serves as an informational and service portal offering consultancy, legal advice, training, and representation for its members. The organization holds a key market position as a representative body for SMEs in San Marino. Technically, the website is built on Drupal 7 with an Apache server and PHP 5.4.16, indicating an outdated technology stack. The site includes modern web features such as responsive design and social media integration but suffers from slow performance and basic SEO and accessibility implementations. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS support, despite some security headers being present. Privacy compliance is partially addressed with visible privacy and cookie policies and a consent mechanism, but GDPR compliance is not fully evident. Contact information is limited to a physical address with no direct email or phone contacts displayed. Overall, the site is functional but requires significant improvements in security and technical modernization to enhance trust and compliance.

I

In Scientia Fides

inscientiafides.com

0

In Scientia Fides is a specialized healthcare biobank located in San Marino, offering private stem cell preservation services with international FACTNetCord accreditation. The company targets families and parents seeking biological insurance for their children through stem cell storage. The website is professionally designed, content-rich, and provides comprehensive information about services, accreditations, and procedures. Technically, the site is built on WordPress with common marketing and analytics tools integrated, but lacks HTTPS security, which is a critical vulnerability. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Overall, the business presents a trustworthy and professional image but must urgently address its lack of SSL to improve security posture and user trust.

H

H.J. Opdyke Lumber Company

opdyke.com

0

H.J. Opdyke Lumber Company is a well-established regional supplier of lumber and building materials, servicing residential and multifamily properties since 1955. The company offers a broad range of products and design services including kitchens, baths, decking, doors, windows, and closets, targeting contractors, builders, and homeowners primarily in New Jersey, Pennsylvania, and New York. Their market position is solid with multiple physical locations and a medium-sized business footprint. Technically, the website is built on WordPress with modern plugins and accessibility features, but lacks a valid SSL certificate, which is a critical security shortfall. The site uses Sucuri Cloudproxy for WAF protection, Google Analytics and Tag Manager for tracking, and hCaptcha for form security. Privacy and cookie policies are present and GDPR compliant, but no terms of service or security policies are found. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

K

KOITOTO

tmsap.com

0

KOITOTO operates as an online bandar toto macau platform providing real-time data on toto macau lottery results primarily targeting Indonesian-speaking users. The website claims to be the number one provider of toto macau data in 2025, offering updated and transparent lottery results with a responsive design optimized for mobile users. Technically, the site employs AMP HTML technology and is hosted behind Cloudflare CDN, which aids in content delivery and performance. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, significantly impacting its security posture. No privacy or cookie policies are present, and no contact information is provided, which further reduces trust and compliance with privacy regulations. The site links to partner domains related to gambling and prediction services but does not use analytics or tracking technologies. Overall, KOITOTO presents a basic but functional online gambling data service with significant security and compliance gaps.

B

BAUER Foundation Corp.

bauerfoundations.com

0

BAUER Foundation Corp. is a specialized foundation engineering company operating globally as part of the BAUER Group. The company offers comprehensive geotechnical solutions, construction methods, and equipment services, targeting clients with complex foundation engineering needs. Their mature domain and extensive content reflect a well-established market presence. Technically, the website is built on Drupal 10 with modern CSS frameworks but suffers from slow load times and lacks HTTPS, which is a critical security shortfall. Security posture is weak due to missing SSL certificates, absence of security headers, and no DNSSEC or HSTS implementation. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and credible but requires urgent security improvements to protect user data and enhance trust.

E

Evolved Novelties

myevolved.com

0

Evolved Novelties operates as a niche e-commerce retailer specializing in premium adult pleasure products, featuring well-known brands such as Playboy Pleasure and Gender X. The website is built on the BigCommerce platform and leverages Cloudflare for hosting and CDN services. The site demonstrates good content quality, clear navigation, and a consistent branding approach targeting adult consumers seeking luxury sexual wellness products. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the security posture, exposing users to potential data interception risks. Cookie consent mechanisms are present, indicating some level of privacy compliance, but no explicit GDPR or security policies are found. Overall, the business appears legitimate with consistent domain registration data, but urgent improvements in security infrastructure are recommended to protect customer data and enhance trust.

A

Anel Arabian company

anelarabia.com

0

Anel Arabian company is a Saudi-based business specializing in information and communication technologies and electromechanical technology services. Established in 2010, it positions itself as a leader in the Saudi market with a focus on leveraging local talent to meet customer needs. The website content is bilingual, targeting Arabic and English-speaking audiences, and is hosted on the Weebly platform with basic design and navigation features. However, the site lacks critical contact information and formal policies, which limits user trust and engagement. Technically, the website runs on an nginx server with jQuery and Weebly's platform scripts. Hosting is provided by Hostmonster. The site suffers from poor performance metrics, no mobile optimization beyond basic, and minimal SEO and accessibility features. Importantly, the site does not have a valid SSL certificate, resulting in no HTTPS support, which severely impacts security and user trust. From a security perspective, the absence of HTTPS, lack of security headers, and missing compliance policies such as privacy and cookie policies indicate a low security maturity level. No incident response or vulnerability disclosure information is provided. Analytics tools like Google Analytics and Snowplow are used, but no cookie consent mechanism is implemented, raising privacy compliance concerns. Overall, the website presents a basic online presence for the company but requires significant improvements in security, privacy compliance, and user engagement features to enhance trustworthiness and professionalism.

P

Parallels IP Holdings GmbH

teddygroup.com

0

The website teddygroup.com currently hosts a default Parallels Plesk placeholder page indicating no active website or business presence. The content describes Parallels as a leading provider of virtualization and hosting automation software, targeting businesses and cloud service providers. The site lacks any custom content, contact information, or privacy policies, which significantly limits its business credibility and user engagement potential. Technically, the site runs on nginx and Parallels Plesk but lacks a valid SSL certificate, serving content only over HTTP, which is a critical security deficiency. No modern security headers or HTTPS configurations are present, exposing the site to potential risks. Overall, the security posture is weak, and the absence of privacy compliance measures further reduces trustworthiness. The domain is registered and has DNS and mail exchange records, but no detailed WHOIS data was provided to assess domain age or registrant legitimacy. Strategic recommendations include deploying a valid SSL certificate, publishing privacy and cookie policies, adding contact information, and replacing the placeholder content with a professional website to improve business credibility and security.

The website is a parked domain landing page for isosistemi.it, offering the domain for sale with no active business content or services presented. The site primarily serves as a placeholder with advertising scripts and domain inquiry links. The technical infrastructure is minimal, hosted on Hetzner Online with nginx and Caddy components, but lacks a valid SSL certificate and modern security configurations. The absence of HTTPS and security headers significantly weakens the security posture. Privacy compliance is minimal, with only a basic privacy policy linked via a popup and no cookie consent mechanisms. No contact or business information is provided, limiting business credibility and trust. Overall, the site represents a low-risk but low-value digital asset with poor content and security maturity.

S

Stefano Boeri Architetti

stefanoboeriarchitetti.net

0

Stefano Boeri Architetti is a mature and internationally recognized architecture and urban planning firm headquartered in Milan, with offices in Shanghai and Tirana. Established in 1993, the firm specializes in innovative architectural design and urbanism, with notable projects such as the Bosco Verticale in Milan. The website reflects a professional digital presence with multilingual support and active social media engagement, targeting clients and professionals interested in architecture and urban development. Technically, the site is built on WordPress with a range of plugins for SEO, content management, and user interaction, but lacks a valid SSL certificate, which impacts security and trust. The absence of HTTPS and security headers represents a critical vulnerability that should be addressed promptly. Privacy compliance is well managed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires significant security improvements to align with best practices.

I

Impresa Pizzarotti & C. S.p.A.

pizzarotti.it

0

Impresa Pizzarotti & C. S.p.A. is a well-established Italian enterprise specializing in the design, construction, and management of large-scale infrastructure and building projects. With over a century of experience and operations in more than 20 countries, the company holds a strong market position as one of Italy's leading general contractors. Their key services span infrastructure, prefabricated structures, building construction, facility management, real estate, and smart green solutions. The website reflects a professional and comprehensive digital presence, targeting clients and partners in the construction and infrastructure sectors. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, hosted likely on SiteGround. While the site is content-rich and well-structured with good mobile optimization and accessibility, performance is somewhat slow, likely due to heavy media content. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. Analytics are handled via Matomo, indicating a privacy-conscious approach. Security posture is a concern due to the absence of a valid SSL certificate and HTTPS, lack of security headers, and no modern TLS protocols enabled. This exposes the site to significant risks and reduces trustworthiness from a security perspective. No incident response or security policy pages were found. Overall, the site is trustworthy from a business and content perspective but requires urgent security improvements. Recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, implementing security headers, improving site performance, and enhancing security policies and incident response documentation to strengthen the security posture and user trust.

T

TIM San Marino S.p.A.

tim.sm

0

TIM San Marino S.p.A. operates as a telecommunications provider in the Republic of San Marino, offering a range of services including fiber internet, mobile telephony, fixed telephony, and digital TV. The website targets residential and business customers within San Marino, positioning itself as a leading local telecom operator. The business model focuses on providing bundled telecom services and devices, supported by a professional online presence with clear service offerings and customer support channels. Technically, the website is built on WordPress 6.8.1, utilizing common libraries such as jQuery and Owl Carousel for UI components. SEO is enhanced via the Yoast SEO plugin, and the site includes structured data for improved search engine understanding. However, performance is suboptimal with a slow page load time of over 7 seconds, and accessibility features are basic. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. No modern TLS protocols or security headers are enabled, exposing users to potential risks. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, while the business and content aspects are strong and trustworthy, the security posture is weak and requires urgent remediation to protect user data and maintain trust. Strategic improvements in SSL deployment, security headers, and performance optimization are recommended to elevate the site's security and technical maturity.

Colorificio Sammarinese is a well-established paint and coatings manufacturer based in San Marino with a history spanning approximately 80 years. The company offers a broad portfolio of products for light and professional construction, including decorative paints, industrial coatings, and innovative tintometric systems. Their market position is strong within the manufacturing sector, supported by a professional website that targets both professional and retail customers. The website is multilingual and integrates e-commerce capabilities through WooCommerce, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are present and GDPR compliant, and the company maintains active social media channels. The WHOIS data confirms the domain's legitimacy and long-term registration, consistent with the company's profile.