Security Directory

T

TIM San Marino S.p.A.

tim.sm

0

TIM San Marino S.p.A. operates as a telecommunications provider in the Republic of San Marino, offering a range of services including fiber internet, mobile telephony, fixed telephony, and digital TV. The website targets residential and business customers within San Marino, positioning itself as a leading local telecom operator. The business model focuses on providing bundled telecom services and devices, supported by a professional online presence with clear service offerings and customer support channels. Technically, the website is built on WordPress 6.8.1, utilizing common libraries such as jQuery and Owl Carousel for UI components. SEO is enhanced via the Yoast SEO plugin, and the site includes structured data for improved search engine understanding. However, performance is suboptimal with a slow page load time of over 7 seconds, and accessibility features are basic. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. No modern TLS protocols or security headers are enabled, exposing users to potential risks. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, while the business and content aspects are strong and trustworthy, the security posture is weak and requires urgent remediation to protect user data and maintain trust. Strategic improvements in SSL deployment, security headers, and performance optimization are recommended to elevate the site's security and technical maturity.

Colorificio Sammarinese is a well-established paint and coatings manufacturer based in San Marino with a history spanning approximately 80 years. The company offers a broad portfolio of products for light and professional construction, including decorative paints, industrial coatings, and innovative tintometric systems. Their market position is strong within the manufacturing sector, supported by a professional website that targets both professional and retail customers. The website is multilingual and integrates e-commerce capabilities through WooCommerce, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are present and GDPR compliant, and the company maintains active social media channels. The WHOIS data confirms the domain's legitimacy and long-term registration, consistent with the company's profile.

The website goldcoin.co.in currently presents minimal content, consisting solely of a client-side redirect script to the /lander path. There is no visible business information, metadata, or user-facing content to analyze. The domain resolves to two Amazon AWS IP addresses, indicating hosting on cloud infrastructure, but lacks a valid SSL/TLS certificate and does not support HTTPS, which severely impacts security and trustworthiness. No privacy, cookie, or terms of service policies are present, and no contact information or business credentials are available on the site. This suggests the website is either under development or improperly configured. From a technical perspective, the site lacks modern web standards such as security headers, DNSSEC, and CAA records. Performance data is unavailable due to the lack of content. The absence of analytics, advertising, or tracking scripts indicates minimal digital marketing or user engagement infrastructure. The DNS setup is standard but could be improved with security enhancements. Security posture is poor, with no SSL certificate, no HTTPS support, and no security best practices implemented. This exposes visitors to risks and undermines trust. The WHOIS data shows the domain is registered and DNS is consistent, but no registrant or business information was provided to verify legitimacy. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include immediate implementation of a valid SSL certificate and HTTPS, development of meaningful website content including privacy and cookie policies, addition of contact and business information, and deployment of security headers and DNS security features. These steps are critical to improve trust, compliance, and user experience.

S

SCAVOLINI S.P.A.

scavolini.com

0

Scavolini S.P.A. is a well-established Italian furniture manufacturer specializing in kitchens, bathrooms, living rooms, walk-in wardrobes, and outdoor kitchens. The company positions itself as a premium brand with a focus on quality, sustainability, and bespoke furniture solutions. Their market presence is supported by international certifications and a broad dealer network. Technically, the website is built on ASP.NET technology, leveraging Cloudflare for CDN and security, and integrates modern marketing and accessibility tools. However, the website suffers from a critical security weakness due to the absence of a valid SSL certificate and lack of TLS protocol support, which severely impacts its security posture. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to ensure secure communications and user trust.

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 26 security findings identified across all modules.

D

Dynaset SRL

dynaset.sm

0

Dynaset SRL is a small technology company based in San Marino, specializing since 2005 in cloud-based human resources management software. Their flagship product, evohrp, offers a comprehensive suite of HR tools tailored for managers, HR professionals, and employees, positioning itself as a competitive alternative to larger HR market players. The website demonstrates a high level of digital maturity with a modern WordPress CMS, Elementor page builder, and integration of various plugins for enhanced user experience and marketing. However, the absence of a valid SSL certificate significantly undermines the security posture, exposing users to potential risks. Privacy and cookie policies are well implemented, reflecting good GDPR compliance. Overall, the site is professional, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

L

LunaLabs

lunalabs.it

0

LunaLabs is a technology-oriented website with a domain registered in Italy since 2018, indicating a mature presence. The site uses modern web technologies such as Angular and includes cookie consent mechanisms via Iubenda, but lacks critical business information such as contact details, privacy policy, and terms of service. The absence of HTTPS and a valid SSL certificate significantly undermines the security posture of the website. Technical infrastructure shows use of modern fonts and frameworks but lacks performance optimization and accessibility features. Security best practices are minimal, with no security headers or advanced configurations detected. Overall, the website presents a low trustworthiness profile due to missing compliance and security features, and limited business transparency.

S

SPACE

space.be

0

SPACE is a Belgian-based Trusted Media Agency focused on delivering agile and innovative media positioning and strategy services. The company emphasizes a mindset of connection, daring, and growth, targeting businesses seeking media agency expertise. The website reflects a professional and consistent brand image with clear contact information and a LinkedIn presence, positioning SPACE as a small but credible player in the media sector. Technically, the website employs modern frontend technologies including Bootstrap, Symfony Stimulus, and Chart.js, hosted on infrastructure linked to Gandi. However, the site suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. The absence of security headers and modern TLS protocols further weakens the security stance. From a security perspective, the lack of HTTPS is a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies are present, indicating poor compliance with GDPR and related regulations. No incident response or vulnerability disclosure mechanisms are evident, limiting transparency and responsiveness to security issues. Overall, the website is functional and professionally designed but requires urgent improvements in security and privacy compliance to enhance trustworthiness and protect user data. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, and adopting security best practices to elevate the site's security maturity and compliance posture.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website quartarone.it is currently a parked domain page primarily serving as a placeholder indicating the domain is for sale. The site lacks substantive business content, contact information, or any form of user engagement mechanisms. The target audience appears to be domain investors or buyers interested in acquiring the domain. The business model is domain parking and resale, with no active commercial operations visible on the site. From a technical perspective, the site is minimalistic, built with basic HTML and JavaScript, hosted via ParkingCrew services. Performance is slow with a load time of over 5 seconds and minimal resources. The site lacks modern web technologies, accessibility features, and SEO optimization. Mobile optimization is basic but functional. Security posture is weak, with no HTTPS/SSL certificate configured, no security headers, no DNSSEC, and no domain protection locks enabled. This exposes the domain to potential risks such as interception and domain hijacking. No privacy or cookie policies are present, indicating poor compliance with GDPR and related regulations. Overall, the site presents a low trust profile with critical security and compliance gaps. Strategic recommendations include implementing HTTPS, enabling domain protection mechanisms, adding privacy and cookie policies, and improving website content and professionalism to enhance credibility and security.

B

B Consulting

bconsulting.org

0

B Consulting is a specialized financial operations consulting firm serving high-growth startups, offering services in finance, accounting, HR, and business management. The company positions itself as a trusted partner from early-stage funding rounds through IPO, focusing on operational excellence and investor readiness. The website is built on Squarespace and integrates HubSpot for analytics and marketing automation. While the site is professionally designed and content-rich, it suffers from critical security issues including an invalid SSL certificate and lack of security headers. Privacy and cookie policies are absent, which impacts compliance posture. Contact information is limited to an email and LinkedIn profile, with no phone or physical address provided. Overall, the business appears legitimate and mature, but security and privacy improvements are necessary to enhance trust and compliance.

A

Alpiq Holding Ltd.

alpiq.com

0

Alpiq Holding Ltd. is a leading Swiss electricity producer and energy service provider operating across Europe. The company focuses on electricity generation, energy trading, and renewable energy management, positioning itself as a key player in the energy sector with a large operational footprint and multiple subsidiaries in European countries. The website reflects a mature and professional business with comprehensive content and clear branding. Technically, the site is built on TYPO3 CMS and hosted on AWS infrastructure, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, lack of security headers, and no modern TLS protocols enabled. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism implemented via OneTrust. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

The website solegiallo.it is currently a parked domain page hosted by Aruba.it, indicating the domain is registered but not actively used for business purposes. The page provides no business description, contact information, or user engagement features. Technically, the site runs on Microsoft IIS 10.0 with ASP.NET but lacks a valid SSL/TLS certificate, serving content only over HTTP, which is a significant security concern. The absence of privacy, cookie, and terms of service policies further reduces compliance and trustworthiness. Security posture is weak with no modern security headers or HTTPS enforcement. Overall, the site presents a low-risk profile due to minimal content but requires substantial improvements to be considered a professional business website.

Soundcheck B.V. is a small Dutch rental company specializing in sound and lighting equipment for events such as theater productions, festivals, concerts, TV productions, weddings, and corporate events. The company has a mature domain registered since 2002, consistent with its stated business history. The website content is basic and primarily in Dutch, targeting local event organizers and production companies. Technically, the website uses legacy HTML and JavaScript without modern frameworks or CMS, resulting in slow load times and poor mobile optimization. Critically, the site lacks HTTPS support, exposing users to security risks. No privacy or cookie policies are present, and no contact information is explicitly provided on the homepage, which impacts trust and compliance. The DNS and MX records are properly configured, but security configurations such as DNSSEC, HSTS, and security headers are missing. Overall, the website demonstrates a low security posture and basic digital maturity, requiring significant improvements to meet modern security and privacy standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 15 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The General Authority of Civil Aviation (GACA) is the official Saudi government entity responsible for civil aviation regulation and services. The website serves as a comprehensive platform offering information on aviation policies, passenger rights, safety reporting, and electronic services. It targets citizens, travelers, and aviation stakeholders within Saudi Arabia, positioning itself as the national authority in the transportation sector. The site features a professional design with consistent branding and a strong social media presence, enhancing trust and engagement. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Swiper.js, and is likely powered by the Sitecore CMS. Accessibility and digital experience tools are integrated, though performance is hindered by slow load times and a large page size. The SSL/TLS configuration is currently invalid or missing, which significantly impacts the security posture. Security-wise, the site lacks a valid HTTPS certificate and security headers, which are critical for protecting user data and ensuring secure communications. No explicit incident response or vulnerability disclosure mechanisms are evident. Privacy and cookie policies exist but are basic, with limited GDPR compliance indicators. The domain registration aligns with the Saudi government entity, supporting legitimacy. Overall, the website is functional and professional but requires urgent improvements in security configuration and performance optimization to enhance user trust and compliance with modern standards.

Qatar Airways is a globally recognized airline with a mature digital presence, offering comprehensive travel services including flight bookings, loyalty programs, and ancillary services. The website is well-designed, mobile-optimized, and provides extensive content and user engagement features. Technically, the site employs modern frameworks and analytics tools but lacks a valid SSL certificate, which is a critical security concern. The security posture is moderate due to missing HTTPS and TLS configurations, though other security headers are present. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site reflects a reputable enterprise with room for critical security improvements.

The website valorexpo.com is currently a parked domain with no active business content. It serves primarily as a placeholder page indicating the domain is for sale, targeting potential domain buyers or investors. The site is dominated by advertising scripts and lacks any meaningful business information or user engagement features. Technically, the site uses basic JavaScript and Google Adsense Domains CAF scripts, hosted likely on a parking provider's infrastructure. Performance is slow with a load time exceeding 7 seconds, and mobile optimization is minimal. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and lack of security headers or best practices. Privacy compliance is minimal with only a basic privacy policy accessible via a popup, and no cookie consent mechanism is present. Overall, the site has low trustworthiness and professionalism, reflecting its status as a parked domain rather than an active business website.

A

Aetna Group SPA

aetnagroup.com

0

Aetna Group SPA is a well-established global leader in the manufacturing of packaging machinery and end-line solutions, operating with multiple subsidiaries and a strong international presence. The company offers a broad range of packaging products and services, targeting industrial clients worldwide. The website reflects a mature business with consistent branding and good content quality. However, the technical infrastructure shows significant gaps, particularly the absence of a valid SSL certificate and modern security configurations, which poses a critical risk to user trust and data security. Performance issues such as slow load times further impact user experience. Privacy compliance is basic, with policies present but lacking comprehensive GDPR indicators. Overall, while the business credibility is strong, the security posture requires urgent improvement to align with industry best practices.

BHW Bausparkasse AG is a well-established financial institution specializing in mortgage and loan services primarily for the Italian market. The company operates with a mature domain registered since 1999 and offers a range of services including credit management and administrative support, some of which are outsourced to reputable partners like Cerved Credit Management Group. The website provides clear contact information and legal references, supporting its credibility in the finance sector. Technically, the website employs legacy technologies such as jQuery and Modernizr and demonstrates moderate performance with good mobile optimization. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. The lack of security headers and cookie consent mechanisms further highlights compliance and security gaps. From a security perspective, while SPF and DMARC records are properly configured, the missing HTTPS and security headers expose users to potential risks. The domain's WHOIS data is consistent with the business claims, showing a low expiry risk and no privacy protection, which supports legitimacy. Overall, the site requires urgent security improvements to protect user data and comply with privacy regulations. Strategic recommendations include implementing HTTPS with a valid SSL certificate, enabling security headers and HSTS, introducing cookie consent mechanisms to comply with GDPR, and enhancing domain protection. These measures will improve trust, security, and compliance, aligning the website with industry best practices.

P

Pacific Investment Management Company LLC

pimco.com

0

PIMCO is a globally recognized investment management firm specializing in providing investment solutions to institutions, financial professionals, and individual investors. The website reflects a mature and enterprise-level business with a strong focus on sustainable investing and ETFs. The company operates under multiple regulatory jurisdictions, demonstrating a high level of compliance and trustworthiness. Technically, the website employs modern technologies such as Sitecore CMS, Coveo search, and marketing tools like Marketo and Google Tag Manager, indicating a mature digital infrastructure. However, a critical security issue is the invalid or missing SSL certificate and lack of modern TLS protocols, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the website is professional, well-branded, and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions.

B

Bee Social Srl

bee-social.it

0

Bee Social Srl is a small digital marketing agency based in San Marino, founded in 2012, specializing in web marketing, social media management, SEO copywriting, online advertising, and website development. The company targets businesses and freelancers seeking practical digital marketing solutions. The website is professionally designed with rich content, clear navigation, and multiple client trust indicators including case studies and partner badges. Technically, the site is built on WordPress with common plugins and integrates analytics and marketing tools. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the business appears legitimate and consistent with its domain registration data, but the lack of HTTPS is a major risk that should be addressed immediately.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website libraindustriale.com currently serves as a security challenge or redirect page, likely protected by a Web Application Firewall (WAF) such as BitNinja. The domain is mature, registered since 2000 with a reputable registrar, but the website content is minimal and does not provide clear business information or services. The site uses outdated CMS versions (Joomla 1.5 and WordPress 2.5) indicated in meta tags, which are known to have security vulnerabilities. Critically, the site lacks a valid SSL certificate and HTTPS support, exposing visitors to potential security risks. DNS and WHOIS data show no domain protection locks or DNSSEC, which are recommended for domain security. Overall, the site’s security posture is weak, and privacy compliance is absent.

The website ejercito.mil.co represents the official online presence of the Colombian National Army, a government entity responsible for national defense and military operations. The domain is mature and registered consistently with the organization's identity, reflecting a legitimate and authoritative institution. However, the website content is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that blocks access unless JavaScript and cookies are enabled. This limits the ability to analyze the actual website content and user experience. From a technical perspective, the site is hosted behind Cloudflare, which provides security and performance services. Despite the presence of multiple security headers enforcing strict cross-origin policies, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap. The lack of HTTPS undermines secure communication and user trust. Performance metrics are unavailable due to the blocked content, but the presence of Cloudflare suggests potential for good performance once accessible. Security posture is weakened by the missing SSL certificate and disabled TLS protocols, although other security headers are well configured. No privacy, cookie, or terms of service policies are detected on the landing page, and no contact information or forms are visible, which limits transparency and user engagement. The domain WHOIS data confirms the domain's legitimacy and low expiry risk, supporting trust in the entity behind the site. Overall, the website currently presents a high risk due to inaccessibility and lack of HTTPS, which are critical for secure and trustworthy online presence. Strategic recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, improving accessibility beyond the WAF challenge, and publishing essential policies and contact information to enhance compliance and user trust.

A

Address Hotels

addresshotels.com

0

Address Hotels + Resorts is a luxury hospitality brand offering five-star hotels and resorts in iconic locations, primarily in the Middle East. The website presents a comprehensive and professional digital presence with rich content, multiple language support, and integrated booking and dining reservation systems. The technical infrastructure is based on WordPress with modern web technologies such as React, jQuery, Bootstrap, and Flickity, hosted on Azure CDN. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent critical security vulnerabilities that must be addressed to ensure secure user interactions and data protection. Privacy compliance is partially met with a comprehensive privacy policy and terms of service, but lacks explicit cookie consent mechanisms. Overall, the site demonstrates strong business credibility and branding consistency but requires urgent security improvements.

P

Petroliam Nasional Berhad (PETRONAS)

petronas.com

0

PETRONAS is a leading Malaysian national oil and gas company with a strong global presence and diversified energy portfolio. The website reflects a mature enterprise with comprehensive information on its business units, sustainability initiatives, investor relations, and corporate governance. The technical infrastructure is modern, leveraging Drupal 9 CMS, Algolia search, and Azure hosting, with good mobile optimization and SEO practices. However, the security posture is critically weakened by the absence of a valid SSL certificate and HTTPS support, which poses significant risks to user trust and data security. Privacy and cookie policies are well implemented, indicating good compliance with GDPR and related regulations. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to improve security and user confidence.

L

Libertas Srl

libertas.sm

0

Libertas.sm is a well-established online news media outlet serving the San Marino and Rimini regions, operating since 2000. It provides daily news, stories, and information with a focus on local events, politics, culture, and sports. The website leverages WordPress CMS with a range of plugins for SEO, advertising, and user engagement, including Google Tag Manager and advertising networks. Despite a rich content offering and good user experience, the site lacks HTTPS encryption, which is a critical security vulnerability. Privacy and cookie policies are implemented with GDPR compliance, and contact information is clearly provided, supporting business credibility. The domain registration data confirms the site's legitimacy and maturity, though domain protection mechanisms are absent.

P

Professional Provident Society Insurance Company

pps.co.za

0

PPS (Professional Provident Society Insurance Company) is a mature South African financial services provider specializing in insurance, investment, and healthcare solutions tailored for graduate professionals. The company operates on a mutuality model, allowing members to share in profits, and maintains a strong market position supported by professional associations and comprehensive service offerings. The website is built on Drupal 10 with modern frontend libraries and hosted behind Cloudflare, demonstrating a moderate level of digital maturity. However, the absence of a valid SSL/TLS certificate and lack of HTTPS significantly undermine the security posture. While security headers are partially implemented, critical vulnerabilities exist due to missing encryption and lack of advanced security features. Privacy compliance is basic, with no explicit cookie consent mechanism and limited GDPR indicators. Overall, the site presents professional content and good business credibility but requires urgent security improvements to protect user data and enhance trust.

F

Fondazione Unicampus San Pellegrino

fusp.it

0

Fondazione Unicampus San Pellegrino is a mature and established educational institution in Italy specializing in linguistic mediation, translation, and intercultural communication. It operates multiple campuses and offers a broad range of academic programs including bachelor's and master's degrees, executive masters, language certifications, and specialized courses. The foundation is accredited by the Italian Ministry of University and Research (MUR) and maintains active research centers, positioning itself as a key player in its niche educational market. The website reflects a professional and consistent brand image with comprehensive content tailored to students and professionals in the linguistic field. Technically, the website is built on a modern WordPress stack with Elementor, WooCommerce, and TutorLMS plugins, supporting e-learning and e-commerce functionalities. The site is mobile-optimized and SEO-friendly, though performance data suggests moderate speed. Security posture is currently weakened by an invalid SSL certificate and lack of support for modern TLS protocols, which undermines HTTPS effectiveness. Privacy and cookie policies are present and GDPR compliant, with clear contact information and a contact form secured by Google reCAPTCHA. Overall, the site is trustworthy and professionally maintained but requires urgent improvements in SSL/TLS configuration and security headers to enhance user trust and data protection. There is no evidence of a formal security policy or incident response contact, which could be areas for future enhancement.

C

CAD IT S.p.A.

caditgroup.com

0

CAD IT S.p.A. is an established Italian company specializing in software solutions for the banking, finance, public administration, and industrial sectors. Controlled by Cedacri S.p.A., a leading IT services provider for financial institutions in Italy, CAD IT holds a strong market position with a focus on financial instrument brokerage software and IT outsourcing services. The website reflects a professional business model targeting banks, financial institutions, and public entities, offering a broad portfolio of software products and services. The company is mature with over 24 years of domain registration and a large operational size.

C

Cotes

cotes.com

0

Cotes is a Denmark-based company specializing in tailor-made adsorption dehumidifiers and humidity management solutions primarily for industrial sectors such as wind energy, battery manufacturing, building drying, and food & beverage production. The company holds a strong market position with significant global offshore wind turbine market share and partnerships including UNICEF. Their website is professionally designed, leveraging HubSpot CMS and modern marketing tools, with clear navigation and multilingual support. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue that undermines user trust and data security. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Contact information and social media presence are clearly provided, enhancing business credibility.

TITANKA! Spa is a specialized digital marketing and technology solutions provider focused on the tourism and hospitality sector, serving hotels, camping villages, and destinations primarily in Italy and San Marino. With over 25 years of experience, the company offers tailored services including web marketing, chatbot AI, performance hubs, and hospitality marketing mix solutions. The website reflects a mature business with a consistent brand and a clear target audience. Technically, the site uses a proprietary CMS and integrates multiple analytics and marketing tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a comprehensive GDPR policy and cookie consent mechanism. The security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the business appears legitimate and established, but urgent improvements in security infrastructure are recommended to protect user data and enhance trust.

The website melonistore.it is currently inaccessible due to a DNS resolution error as indicated by the Cloudflare error 1001 page. This prevents any meaningful content or business information from being accessed or analyzed. The domain itself is mature, registered since 2005, and protected by DNSSEC, which suggests legitimacy. However, the absence of a valid SSL certificate and the failure to resolve DNS records result in a poor security posture and user experience. No privacy, cookie, or terms of service policies are present, and no contact information or business details are available on the page. The site relies on Cloudflare for DNS and security services but is currently misconfigured or experiencing DNS issues that block access.

O

Orienta S.r.l.

orienta.sm

0

Orienta S.r.l. is a San Marino based software house specializing in ERP and integrated business software solutions, targeting enterprises seeking to optimize organizational processes and resource management. The company offers a range of services including Business Analytics, Sales Automation, Manufacturing and Industry 4.0 solutions, Workflow management, and Project Management software. Founded in 2013, Orienta positions itself as a young and dynamic player in the local technology market, providing tailored software and consultancy services to businesses. Technically, the website is built on WordPress using the Divi theme and leverages modern PHP 8.1.32 and nginx server infrastructure. It integrates Google Analytics for tracking and Google reCAPTCHA v3 for form security. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Performance data is limited but indicates slow loading times. The site is mobile optimized and SEO friendly with Yoast SEO plugin usage. From a security perspective, the absence of HTTPS, HSTS, DNSSEC, and security headers significantly weakens the site's security posture. While no vulnerable libraries or known exploits are detected, the lack of encryption and security best practices exposes the site and its users to potential risks. Privacy and cookie policies are present but basic, with no explicit GDPR compliance indicators or incident response policies. Overall, the website demonstrates a professional business presence with good content quality and clear contact information. However, critical security improvements are necessary to protect user data and enhance trust. Strategic recommendations include immediate SSL certificate installation, enabling security headers, and improving privacy compliance measures to align with regulatory standards.

D

Denver S.p.A.

denver.sm

0

Denver S.p.A. is a medium-sized manufacturing company based in San Marino, specializing in the production of machines for stone and glass processing. Established in 1984, it has a strong market position with a global presence including a US subsidiary. The website is professionally designed using WordPress and WooCommerce, offering rich content, clear navigation, and multiple customer engagement channels including live demos and training centers. Technically, the site uses modern plugins and marketing tools but suffers from critical security issues due to lack of valid SSL/TLS certificates and missing HTTPS, which exposes visitors to risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business is credible and trustworthy, but urgent security improvements are needed to protect users and enhance trust.

D

Detas SpA

detas.com

0

Detas SpA is a mature Italian manufacturing company specializing in electronic devices for industrial automation, LED lighting, traffic signaling, and electric mobility solutions. The company operates multiple specialized divisions and subsidiaries, serving a broad industrial client base. Their website reflects a professional and consistent brand presence with clear business information and certifications such as ISO9001 and ISO14001. Technically, the website is built on modern web technologies including Webflow CMS, jQuery, and uses analytics tools like Hotjar and Plausible Analytics. However, the site suffers from slow load times and lacks a valid SSL certificate, exposing users to security risks. Security posture is weak with no HTTPS, no security headers, and no domain protection locks. Privacy compliance is minimal, with no cookie consent mechanism despite GDPR applicability. Overall, the website is functional and credible but requires urgent security and privacy improvements to protect users and enhance trust.

The website creditosammarinese.sm is currently inaccessible, serving a 403 Forbidden error page with minimal HTML content. The domain is registered and uses Cloudflare DNS services, but no valid SSL certificate is installed, resulting in no HTTPS support. The site lacks any visible content, metadata, or business information, making it impossible to assess the company's services or market position. Technically, the site performs poorly with slow load times and minimal resources. Security posture is weak due to missing SSL, lack of security headers, and no HSTS enforcement. No privacy or cookie policies are present, and no contact information is available. Overall, the site appears non-functional or restricted, significantly limiting trust and usability.

N

NatWest Group

rbs.com

0

NatWest Group is a mature, UK-focused banking institution serving over 19 million customers across retail, commercial, and private banking sectors. The website reflects a strong commitment to sustainability, governance, and investor transparency, positioning the group as a trusted financial partner. The digital infrastructure is built on Adobe Experience Manager with integrations for cookie consent and Adobe Launch for analytics, indicating a modern and enterprise-grade platform. However, the website's security posture is significantly weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a critical risk to user data and trust. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site is professional and content-rich but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

A

ASA Group

gruppoasa.com

0

ASA Group is a well-established manufacturer specializing in metal packaging for the food and chemical sectors, holding a strong market position as the largest independent group in Italy and the fourth largest in Europe. The company operates multiple production plants and subsidiaries across Italy, Switzerland, and the UK, with headquarters in San Marino. Their website reflects a professional business presence with clear branding and relevant content targeting industrial clients requiring metal packaging solutions. Technically, the website is built on Pimcore CMS with modern frontend technologies and integrates privacy management tools like Iubenda and Google Tag Manager for analytics and compliance. However, the absence of HTTPS and a valid SSL certificate represents a critical security gap, exposing users and business operations to potential risks. Security headers are minimal, and no advanced security policies are implemented, indicating room for significant improvement in security posture. Privacy and cookie policies are present and appear comprehensive, supporting GDPR compliance. Overall, the website demonstrates good business credibility and content quality but requires urgent security enhancements to protect data and build user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

San Marino Rtv

sanmarinortv.sm

0

San Marino RTV operates as the official radio and television broadcaster for the Republic of San Marino, providing live streaming services, news, sports, cultural programming, and event coverage. The website serves a diverse audience interested in local and international news, sports updates, and entertainment, positioning itself as a key media outlet within the country. The business model relies on public broadcasting complemented by advertising revenue streams. Technically, the site employs modern web technologies including nginx, Varnish caching, Fluid Player for video streaming, and integrates with major advertising and analytics platforms such as Google Analytics and Facebook Pixel. However, the absence of a valid SSL certificate and HTTPS support represents a significant security vulnerability, exposing users to potential data interception and undermining trust. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR requirements. Overall, the website demonstrates strong content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

S

SCM Group

scmgroup.com

0

SCM Group is a well-established global leader in manufacturing woodworking and industrial machinery, with a strong presence in multiple material processing sectors. The company operates through a network of specialized subsidiaries and partners, serving diverse industries such as furniture, automotive, aerospace, and construction. Their website reflects a mature business with consistent branding and good content quality. Technically, the site uses a Pimcore CMS on a CentOS Apache server with modern analytics tools, but suffers from a critical lack of valid SSL/TLS configuration, exposing it to security risks. Privacy compliance is well addressed through Iubenda policies and GDPR scripts. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect users and maintain trust.

I

Idexa web s.r.l.

idexaweb.com

0

Idexa Web is a professional web agency specializing in e-commerce, marketplace development, SEO, and web marketing services primarily targeting businesses in Rimini and San Marino. The company presents itself as experienced with 25 years in the industry and offers a comprehensive portfolio of projects and services. Technically, the website is built on WordPress with popular plugins and marketing integrations, but it lacks a valid SSL certificate, which is a critical security flaw. The absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy and cookie policies are present and GDPR compliant, with active consent mechanisms. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

B

Bioscience institute spa

bioinst.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 21 security findings identified across all modules.

I

ISS

issworld.com

0

ISS is a global leader in workplace experience and facility management services, operating in over 30 countries with more than 325,000 employees and 40,000 customers. The company offers integrated services including cleaning, food, technical, workplace, and facility management solutions designed to improve business performance and employee wellbeing. The website reflects a mature digital presence with multi-language support, comprehensive corporate and investor information, and active social media engagement. Technically, the site is built on modern frameworks such as Next.js and hosted on Vercel, with Sitecore as the CMS, indicating a robust and scalable infrastructure. However, the security posture is weakened by the absence of a valid SSL certificate and incomplete HSTS implementation, which are critical issues that need immediate remediation to protect user data and maintain trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements.

Energreen is a mature Belgian company specializing in high-quality, sustainable energy solutions including solar panels, home batteries, electric vehicle charging stations, heat pumps, and intelligent energy management systems. The company positions itself as a comprehensive provider for both residential and commercial customers, emphasizing energy independence and cost reduction. The website is built on modern technologies such as Next.js and React, hosted on AWS Cloudfront, and integrates multiple analytics and marketing tools with user consent mechanisms. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, which significantly impacts the security posture. The company provides clear contact information and maintains comprehensive privacy and cookie policies, supporting GDPR compliance. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

L

Linekit

linekit.com

0

Linekit is an established Italian company specializing in the production and online sale of office furniture and furnishings. With over 25 years of experience, the company targets businesses and professionals seeking high-quality, ergonomic, and design-oriented office solutions. Their business model focuses on direct manufacturer sales, supported by consultancy, design services, and a partner reseller program. The website is professionally designed with rich content, including product portfolios, videos, and customer testimonials, enhancing user engagement and trust. Technically, the site is built on WordPress with WooCommerce and Elementor, hosted behind Cloudflare, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. Social media presence and marketing tools like Google Tag Manager and Facebook Pixel are actively used. Overall, the site demonstrates good business credibility but requires urgent security improvements to enable HTTPS and strengthen its security posture.

M

M.M.Warburg & CO (AG & Co.) KGaA

bankhaus-plump.de

0

M.M.Warburg & CO is an established independent private bank in Germany, founded in 1798, offering a broad range of financial services including private banking, asset management, corporate finance, and institutional client services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site uses Apache server, OpenCms CMS, and integrates modern marketing and analytics tools with user consent management. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. The security posture is weak due to lack of TLS protocols and incomplete security headers. Privacy compliance is well addressed through UserCentrics CMP and a comprehensive privacy policy. Overall, the site is credible and professional but requires urgent security improvements.