Security Directory

The website com-saint-martin.fr currently serves a 404 error page indicating that the requested content is not found, resulting in no accessible business information or user-facing content. The domain is mature, registered since 2007 with a French registrar, and uses Google hosting infrastructure. However, the lack of a valid SSL certificate and HTTPS support severely impacts the security posture and user trust. Minimal security headers are present but some are misconfigured, and no privacy or cookie policies are found, indicating poor compliance with data protection regulations. Overall, the site appears abandoned or misconfigured, offering no business or contact information to visitors. Technically, the site is hosted on Google infrastructure with DNS managed by eolas.fr name servers. DNSSEC and CAA records are not enabled, which could improve DNS security. The site lacks modern TLS protocols and cipher suites, and no session resumption or OCSP stapling is configured. Performance data is unavailable due to the lack of content, but the minimal HTML suggests poor user experience and SEO. Security-wise, the absence of HTTPS and a valid SSL certificate is a critical vulnerability. The X-XSS-Protection header is disabled, and no advanced security headers like Content Security Policy are present. The DMARC policy is set to quarantine, which is a positive indicator for email security. No incident response or vulnerability disclosure information is available, limiting the ability to respond to security events. Given these findings, the overall risk level is high due to the lack of content, security controls, and compliance measures. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, improving security headers, publishing privacy and cookie policies, and providing clear contact information to enhance trust and compliance.

The website evolutionforum.it is currently a parked domain page hosted by Aruba.it, indicating the domain is registered but not actively used for business or content delivery. The page provides minimal information, only stating that the domain is already taken, with no business description, contact details, or user engagement features. The technical infrastructure is based on Microsoft IIS 10.0 with ASP.NET, hosted by Aruba.it, but lacks a valid SSL certificate and does not support HTTPS, which is a significant security shortfall. The absence of privacy, cookie, or terms of service policies further indicates the site is not operational as a business or service platform. Overall, the site has a very low digital maturity and security posture.

S

Splash

eleven.sm

0

The website eleven.sm currently serves as a minimal splash page indicating a temporary pause in service or activity. It provides very limited business information, with the only contact method being a WhatsApp chat link. The site uses modern web technologies such as Webflow for CMS, Cloudflare for hosting and CDN, Google Tag Manager for analytics, and third-party widgets like Jetboost and Elfsight. However, the content is minimal and lacks detailed business descriptions, legal information, or privacy policies. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, resulting in no HTTPS protection. Critical security headers and best practices are partially implemented but insufficient. The absence of privacy and cookie policies indicates non-compliance with GDPR and related regulations. The domain is mature and active but lacks domain protection mechanisms such as DNSSEC or CAA records, which could pose risks. Overall, the website's risk profile is elevated due to missing HTTPS, minimal content, and lack of compliance documentation. The technical infrastructure is modern but underutilized, and the business credibility is low due to the absence of clear company information. Strategic improvements in security, privacy compliance, and content development are recommended to enhance trust and operational readiness.

W

Whirlpool Corporation

whirlpoolcorp.com

0

Whirlpool Corporation is a leading global manufacturer of home appliances with a rich history spanning over 110 years. The company operates multiple well-known brands and focuses on innovation, sustainability, and social responsibility to improve life at home. Their website reflects a mature enterprise with comprehensive corporate information, investor relations, and brand portfolios targeting consumers, investors, and trade partners worldwide. Technically, the website is built on Adobe Experience Manager and delivered via Akamai CDN, using modern JavaScript libraries and cookie consent mechanisms. However, a critical security gap exists as the site lacks HTTPS support, exposing users to potential risks. Security headers are partially implemented, but the absence of SSL/TLS significantly lowers the security posture. Privacy compliance is well addressed with cookie consent and privacy policies, and business credibility is high given the consistent branding and WHOIS data. Overall, the site is professional and trustworthy but urgently requires SSL implementation to meet modern security standards.

T

Traderlink Italia s.r.l.

traderlink.it

0

Traderlink Italia s.r.l. operates a mature and comprehensive financial information website focused on stock market quotes, news, analysis, and educational content primarily for the Italian and international financial markets. The platform targets investors, traders, and financial professionals, offering a wide range of services including market data, trading signals, video analysis, and portfolio management tools. The business model is based on providing valuable financial content supported by advertising and possibly subscription services. The company is well-established with a domain age of 28 years and clear legal presence in Italy. Technically, the website uses a modern tech stack including Bootstrap, jQuery, Vue.js, and integrates Google Tag Manager, Google Ads, and Matomo analytics. Hosting and DNS services are provided by Cloudflare, ensuring reliable performance, although the site suffers from slow load times and lacks a valid SSL certificate, which is a critical security flaw. The site is mobile-optimized and SEO-friendly with good navigation and content structure. From a security perspective, the site has SPF and DMARC records configured properly, indicating good email security practices. However, the absence of a valid SSL certificate and HTTPS support severely undermines the security posture, exposing users to risks such as data interception. Other security best practices like HSTS, OCSP stapling, and modern TLS protocols are missing. Privacy compliance is strong, with comprehensive GDPR-compliant privacy and cookie policies implemented via Iubenda, including consent mechanisms. Overall, the website is trustworthy and professional in its business presentation and content quality but requires urgent improvements in SSL/TLS security to protect user data and maintain credibility. Strategic recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, and enhancing security headers and DNS security features.

E

Entheos Academy

entheosacademy.org

0

Entheos Academy operates as a free public charter school serving K-8 students in Utah with two campuses. The school emphasizes experiential learning through programs like 4-H, Adventure, Discovery, and Service Learning, aiming to develop leadership and community commitment among students. The website reflects a well-established educational institution with a clear mission and community focus. Technically, the site uses modern web technologies including Bootstrap 4, jQuery, and integrates third-party services such as YouTube and Weglot for translation. However, the site suffers from a lack of a valid SSL certificate, resulting in no HTTPS protection, which is a critical security flaw. Additionally, privacy and cookie policies are absent, indicating compliance gaps with data protection regulations. The site has moderate performance and good mobile optimization but lacks advanced security headers and incident response information. Overall, the domain registration data aligns well with the website content, supporting the legitimacy of the organization.

L

Lepida S.c.p.A.

cup2000.it

0

Lepida S.c.p.A. is a well-established regional ICT consortium founded in 1997, serving the Emilia-Romagna region in Italy. It provides a broad range of digital infrastructure and software services primarily targeting public administration, healthcare, and social assistance sectors. The company holds multiple ISO certifications, indicating a strong commitment to quality, security, and environmental standards. The website reflects a mature digital presence with comprehensive content, clear navigation, and good user experience. However, the lack of a valid SSL certificate and HTTPS implementation is a significant security gap that undermines the overall security posture. Privacy and cookie policies are well implemented with consent mechanisms, and the use of Matomo analytics shows a privacy-conscious approach to user tracking. The domain is mature and consistent with the business claims, enhancing trustworthiness. Strategic improvements in SSL/TLS deployment and enhanced security configurations are recommended to elevate the security and trust levels.

D

Dauphin Telecom

dauphintelecom.fr

0

Dauphin Telecom is a regional telecommunications provider serving the French Antilles, including Saint Martin and Saint Barthélemy. The company offers a comprehensive range of services including mobile plans (unlimited, blocked, prepaid), fiber internet, TV packages, and bundled offers. With over 26 years of market presence and multiple local agencies, Dauphin Telecom holds a strong position in its regional market. The website reflects a professional and well-branded digital presence, targeting both residential and business customers in the region. Technically, the website is built on WordPress with Elementor and various Jet plugins, indicating a modern CMS-based infrastructure. However, performance metrics suggest slow loading times, and there is no SSL/TLS certificate installed, which is a significant security concern. The site is mobile-optimized and includes SEO best practices, but accessibility features are basic. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture, exposing users to potential risks. Some security headers are present, but critical improvements are needed. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is clearly provided, enhancing business credibility. Overall, while the business and content quality are strong, the lack of HTTPS is a critical issue that must be addressed immediately to protect users and improve trust. Strategic recommendations include implementing SSL, enhancing security configurations, and maintaining compliance documentation.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

L

Leagel S.r.l.

leagel.com

0

Leagel S.r.l. is a medium-sized manufacturing company based in San Marino specializing in the production and commercialization of semi-finished products and ingredients for gelato and pastry artisans. The company has a strong international presence and a well-established brand with over 20 years of experience. Their website reflects a professional and consistent brand image, offering multilingual content, downloadable catalogs, and recipe books to support their B2B customers. Technically, the website is built on WordPress with Bootstrap and integrates modern marketing and analytics tools such as Google Tag Manager and HubSpot. However, the security posture is weak due to the absence of a valid SSL certificate and modern TLS protocols, exposing the site to risks and reducing user trust. Privacy compliance is strong, with clear GDPR-aligned policies and consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

T

TITANKA! Spa

mvmedicalsolutions.com

0

The website mvmedicalsolutions.com currently serves as a minimal placeholder page indicating that TITANKA! Spa is preparing a new website. There is no substantive business content, contact information, or user engagement features present. The technical infrastructure is basic, with Apache server hosting and no SSL/TLS certificate, resulting in an insecure HTTP-only connection. The site uses Google Fonts for typography but lacks modern frameworks or CMS indications. Security posture is weak due to the absence of HTTPS, security headers, and privacy policies. No analytics or tracking mechanisms are detected, indicating minimal data collection. Overall, the site is not yet operational as a business platform and lacks essential compliance and security features.

C

Candyclouds di Danila Bigazzi

candyclouds.it

0

Candyclouds is a small creative business operated by Danila Bigazzi, specializing in web design, graphic design, and UX/UI strategy based in Bologna, Italy. The website serves as a portfolio showcasing various graphic, logo, and web projects, targeting clients seeking personalized design services. The business model includes service provision and an online shop presence via Etsy. Technically, the site is built on WordPress with common plugins such as WooCommerce, Yoast SEO, and Contact Form 7, hosted on SiteGround. While the site demonstrates good content quality and SEO optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, but no terms of service or security policies are present. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

O

Organizzazione Sammarinese degli Imprenditori

osla.sm

0

Organizzazione Sammarinese degli Imprenditori (OSLA) is a mature, small-sized association dedicated to supporting small and medium enterprises (SMEs) across multiple sectors in San Marino, including commerce, tourism, industry, services, craftsmanship, liberal professions, and agriculture. The website serves as an informational and service portal offering consultancy, legal advice, training, and representation for its members. The organization holds a key market position as a representative body for SMEs in San Marino. Technically, the website is built on Drupal 7 with an Apache server and PHP 5.4.16, indicating an outdated technology stack. The site includes modern web features such as responsive design and social media integration but suffers from slow performance and basic SEO and accessibility implementations. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS support, despite some security headers being present. Privacy compliance is partially addressed with visible privacy and cookie policies and a consent mechanism, but GDPR compliance is not fully evident. Contact information is limited to a physical address with no direct email or phone contacts displayed. Overall, the site is functional but requires significant improvements in security and technical modernization to enhance trust and compliance.

I

In Scientia Fides

inscientiafides.com

0

In Scientia Fides is a specialized healthcare biobank located in San Marino, offering private stem cell preservation services with international FACTNetCord accreditation. The company targets families and parents seeking biological insurance for their children through stem cell storage. The website is professionally designed, content-rich, and provides comprehensive information about services, accreditations, and procedures. Technically, the site is built on WordPress with common marketing and analytics tools integrated, but lacks HTTPS security, which is a critical vulnerability. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Overall, the business presents a trustworthy and professional image but must urgently address its lack of SSL to improve security posture and user trust.

H

H.J. Opdyke Lumber Company

opdyke.com

0

H.J. Opdyke Lumber Company is a well-established regional supplier of lumber and building materials, servicing residential and multifamily properties since 1955. The company offers a broad range of products and design services including kitchens, baths, decking, doors, windows, and closets, targeting contractors, builders, and homeowners primarily in New Jersey, Pennsylvania, and New York. Their market position is solid with multiple physical locations and a medium-sized business footprint. Technically, the website is built on WordPress with modern plugins and accessibility features, but lacks a valid SSL certificate, which is a critical security shortfall. The site uses Sucuri Cloudproxy for WAF protection, Google Analytics and Tag Manager for tracking, and hCaptcha for form security. Privacy and cookie policies are present and GDPR compliant, but no terms of service or security policies are found. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

K

KOITOTO

tmsap.com

0

KOITOTO operates as an online bandar toto macau platform providing real-time data on toto macau lottery results primarily targeting Indonesian-speaking users. The website claims to be the number one provider of toto macau data in 2025, offering updated and transparent lottery results with a responsive design optimized for mobile users. Technically, the site employs AMP HTML technology and is hosted behind Cloudflare CDN, which aids in content delivery and performance. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, significantly impacting its security posture. No privacy or cookie policies are present, and no contact information is provided, which further reduces trust and compliance with privacy regulations. The site links to partner domains related to gambling and prediction services but does not use analytics or tracking technologies. Overall, KOITOTO presents a basic but functional online gambling data service with significant security and compliance gaps.

B

BAUER Foundation Corp.

bauerfoundations.com

0

BAUER Foundation Corp. is a specialized foundation engineering company operating globally as part of the BAUER Group. The company offers comprehensive geotechnical solutions, construction methods, and equipment services, targeting clients with complex foundation engineering needs. Their mature domain and extensive content reflect a well-established market presence. Technically, the website is built on Drupal 10 with modern CSS frameworks but suffers from slow load times and lacks HTTPS, which is a critical security shortfall. Security posture is weak due to missing SSL certificates, absence of security headers, and no DNSSEC or HSTS implementation. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and credible but requires urgent security improvements to protect user data and enhance trust.

E

Evolved Novelties

myevolved.com

0

Evolved Novelties operates as a niche e-commerce retailer specializing in premium adult pleasure products, featuring well-known brands such as Playboy Pleasure and Gender X. The website is built on the BigCommerce platform and leverages Cloudflare for hosting and CDN services. The site demonstrates good content quality, clear navigation, and a consistent branding approach targeting adult consumers seeking luxury sexual wellness products. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the security posture, exposing users to potential data interception risks. Cookie consent mechanisms are present, indicating some level of privacy compliance, but no explicit GDPR or security policies are found. Overall, the business appears legitimate with consistent domain registration data, but urgent improvements in security infrastructure are recommended to protect customer data and enhance trust.

The website is a parked domain landing page for isosistemi.it, offering the domain for sale with no active business content or services presented. The site primarily serves as a placeholder with advertising scripts and domain inquiry links. The technical infrastructure is minimal, hosted on Hetzner Online with nginx and Caddy components, but lacks a valid SSL certificate and modern security configurations. The absence of HTTPS and security headers significantly weakens the security posture. Privacy compliance is minimal, with only a basic privacy policy linked via a popup and no cookie consent mechanisms. No contact or business information is provided, limiting business credibility and trust. Overall, the site represents a low-risk but low-value digital asset with poor content and security maturity.

S

Stefano Boeri Architetti

stefanoboeriarchitetti.net

0

Stefano Boeri Architetti is a mature and internationally recognized architecture and urban planning firm headquartered in Milan, with offices in Shanghai and Tirana. Established in 1993, the firm specializes in innovative architectural design and urbanism, with notable projects such as the Bosco Verticale in Milan. The website reflects a professional digital presence with multilingual support and active social media engagement, targeting clients and professionals interested in architecture and urban development. Technically, the site is built on WordPress with a range of plugins for SEO, content management, and user interaction, but lacks a valid SSL certificate, which impacts security and trust. The absence of HTTPS and security headers represents a critical vulnerability that should be addressed promptly. Privacy compliance is well managed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires significant security improvements to align with best practices.

T

TIM San Marino S.p.A.

tim.sm

0

TIM San Marino S.p.A. operates as a telecommunications provider in the Republic of San Marino, offering a range of services including fiber internet, mobile telephony, fixed telephony, and digital TV. The website targets residential and business customers within San Marino, positioning itself as a leading local telecom operator. The business model focuses on providing bundled telecom services and devices, supported by a professional online presence with clear service offerings and customer support channels. Technically, the website is built on WordPress 6.8.1, utilizing common libraries such as jQuery and Owl Carousel for UI components. SEO is enhanced via the Yoast SEO plugin, and the site includes structured data for improved search engine understanding. However, performance is suboptimal with a slow page load time of over 7 seconds, and accessibility features are basic. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. No modern TLS protocols or security headers are enabled, exposing users to potential risks. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Overall, while the business and content aspects are strong and trustworthy, the security posture is weak and requires urgent remediation to protect user data and maintain trust. Strategic improvements in SSL deployment, security headers, and performance optimization are recommended to elevate the site's security and technical maturity.

Colorificio Sammarinese is a well-established paint and coatings manufacturer based in San Marino with a history spanning approximately 80 years. The company offers a broad portfolio of products for light and professional construction, including decorative paints, industrial coatings, and innovative tintometric systems. Their market position is strong within the manufacturing sector, supported by a professional website that targets both professional and retail customers. The website is multilingual and integrates e-commerce capabilities through WooCommerce, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are present and GDPR compliant, and the company maintains active social media channels. The WHOIS data confirms the domain's legitimacy and long-term registration, consistent with the company's profile.

The website goldcoin.co.in currently presents minimal content, consisting solely of a client-side redirect script to the /lander path. There is no visible business information, metadata, or user-facing content to analyze. The domain resolves to two Amazon AWS IP addresses, indicating hosting on cloud infrastructure, but lacks a valid SSL/TLS certificate and does not support HTTPS, which severely impacts security and trustworthiness. No privacy, cookie, or terms of service policies are present, and no contact information or business credentials are available on the site. This suggests the website is either under development or improperly configured. From a technical perspective, the site lacks modern web standards such as security headers, DNSSEC, and CAA records. Performance data is unavailable due to the lack of content. The absence of analytics, advertising, or tracking scripts indicates minimal digital marketing or user engagement infrastructure. The DNS setup is standard but could be improved with security enhancements. Security posture is poor, with no SSL certificate, no HTTPS support, and no security best practices implemented. This exposes visitors to risks and undermines trust. The WHOIS data shows the domain is registered and DNS is consistent, but no registrant or business information was provided to verify legitimacy. Overall, the site scores very low on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include immediate implementation of a valid SSL certificate and HTTPS, development of meaningful website content including privacy and cookie policies, addition of contact and business information, and deployment of security headers and DNS security features. These steps are critical to improve trust, compliance, and user experience.

S

SCAVOLINI S.P.A.

scavolini.com

0

Scavolini S.P.A. is a well-established Italian furniture manufacturer specializing in kitchens, bathrooms, living rooms, walk-in wardrobes, and outdoor kitchens. The company positions itself as a premium brand with a focus on quality, sustainability, and bespoke furniture solutions. Their market presence is supported by international certifications and a broad dealer network. Technically, the website is built on ASP.NET technology, leveraging Cloudflare for CDN and security, and integrates modern marketing and accessibility tools. However, the website suffers from a critical security weakness due to the absence of a valid SSL certificate and lack of TLS protocol support, which severely impacts its security posture. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to ensure secure communications and user trust.

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 26 security findings identified across all modules.

D

Dynaset SRL

dynaset.sm

0

Dynaset SRL is a small technology company based in San Marino, specializing since 2005 in cloud-based human resources management software. Their flagship product, evohrp, offers a comprehensive suite of HR tools tailored for managers, HR professionals, and employees, positioning itself as a competitive alternative to larger HR market players. The website demonstrates a high level of digital maturity with a modern WordPress CMS, Elementor page builder, and integration of various plugins for enhanced user experience and marketing. However, the absence of a valid SSL certificate significantly undermines the security posture, exposing users to potential risks. Privacy and cookie policies are well implemented, reflecting good GDPR compliance. Overall, the site is professional, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

L

LunaLabs

lunalabs.it

0

LunaLabs is a technology-oriented website with a domain registered in Italy since 2018, indicating a mature presence. The site uses modern web technologies such as Angular and includes cookie consent mechanisms via Iubenda, but lacks critical business information such as contact details, privacy policy, and terms of service. The absence of HTTPS and a valid SSL certificate significantly undermines the security posture of the website. Technical infrastructure shows use of modern fonts and frameworks but lacks performance optimization and accessibility features. Security best practices are minimal, with no security headers or advanced configurations detected. Overall, the website presents a low trustworthiness profile due to missing compliance and security features, and limited business transparency.

S

SPACE

space.be

0

SPACE is a Belgian-based Trusted Media Agency focused on delivering agile and innovative media positioning and strategy services. The company emphasizes a mindset of connection, daring, and growth, targeting businesses seeking media agency expertise. The website reflects a professional and consistent brand image with clear contact information and a LinkedIn presence, positioning SPACE as a small but credible player in the media sector. Technically, the website employs modern frontend technologies including Bootstrap, Symfony Stimulus, and Chart.js, hosted on infrastructure linked to Gandi. However, the site suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. The absence of security headers and modern TLS protocols further weakens the security stance. From a security perspective, the lack of HTTPS is a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies are present, indicating poor compliance with GDPR and related regulations. No incident response or vulnerability disclosure mechanisms are evident, limiting transparency and responsiveness to security issues. Overall, the website is functional and professionally designed but requires urgent improvements in security and privacy compliance to enhance trustworthiness and protect user data. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, and adopting security best practices to elevate the site's security maturity and compliance posture.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website quartarone.it is currently a parked domain page primarily serving as a placeholder indicating the domain is for sale. The site lacks substantive business content, contact information, or any form of user engagement mechanisms. The target audience appears to be domain investors or buyers interested in acquiring the domain. The business model is domain parking and resale, with no active commercial operations visible on the site. From a technical perspective, the site is minimalistic, built with basic HTML and JavaScript, hosted via ParkingCrew services. Performance is slow with a load time of over 5 seconds and minimal resources. The site lacks modern web technologies, accessibility features, and SEO optimization. Mobile optimization is basic but functional. Security posture is weak, with no HTTPS/SSL certificate configured, no security headers, no DNSSEC, and no domain protection locks enabled. This exposes the domain to potential risks such as interception and domain hijacking. No privacy or cookie policies are present, indicating poor compliance with GDPR and related regulations. Overall, the site presents a low trust profile with critical security and compliance gaps. Strategic recommendations include implementing HTTPS, enabling domain protection mechanisms, adding privacy and cookie policies, and improving website content and professionalism to enhance credibility and security.

B

B Consulting

bconsulting.org

0

B Consulting is a specialized financial operations consulting firm serving high-growth startups, offering services in finance, accounting, HR, and business management. The company positions itself as a trusted partner from early-stage funding rounds through IPO, focusing on operational excellence and investor readiness. The website is built on Squarespace and integrates HubSpot for analytics and marketing automation. While the site is professionally designed and content-rich, it suffers from critical security issues including an invalid SSL certificate and lack of security headers. Privacy and cookie policies are absent, which impacts compliance posture. Contact information is limited to an email and LinkedIn profile, with no phone or physical address provided. Overall, the business appears legitimate and mature, but security and privacy improvements are necessary to enhance trust and compliance.

A

Alpiq Holding Ltd.

alpiq.com

0

Alpiq Holding Ltd. is a leading Swiss electricity producer and energy service provider operating across Europe. The company focuses on electricity generation, energy trading, and renewable energy management, positioning itself as a key player in the energy sector with a large operational footprint and multiple subsidiaries in European countries. The website reflects a mature and professional business with comprehensive content and clear branding. Technically, the site is built on TYPO3 CMS and hosted on AWS infrastructure, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, lack of security headers, and no modern TLS protocols enabled. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism implemented via OneTrust. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

The website solegiallo.it is currently a parked domain page hosted by Aruba.it, indicating the domain is registered but not actively used for business purposes. The page provides no business description, contact information, or user engagement features. Technically, the site runs on Microsoft IIS 10.0 with ASP.NET but lacks a valid SSL/TLS certificate, serving content only over HTTP, which is a significant security concern. The absence of privacy, cookie, and terms of service policies further reduces compliance and trustworthiness. Security posture is weak with no modern security headers or HTTPS enforcement. Overall, the site presents a low-risk profile due to minimal content but requires substantial improvements to be considered a professional business website.

Soundcheck B.V. is a small Dutch rental company specializing in sound and lighting equipment for events such as theater productions, festivals, concerts, TV productions, weddings, and corporate events. The company has a mature domain registered since 2002, consistent with its stated business history. The website content is basic and primarily in Dutch, targeting local event organizers and production companies. Technically, the website uses legacy HTML and JavaScript without modern frameworks or CMS, resulting in slow load times and poor mobile optimization. Critically, the site lacks HTTPS support, exposing users to security risks. No privacy or cookie policies are present, and no contact information is explicitly provided on the homepage, which impacts trust and compliance. The DNS and MX records are properly configured, but security configurations such as DNSSEC, HSTS, and security headers are missing. Overall, the website demonstrates a low security posture and basic digital maturity, requiring significant improvements to meet modern security and privacy standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 15 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The General Authority of Civil Aviation (GACA) is the official Saudi government entity responsible for civil aviation regulation and services. The website serves as a comprehensive platform offering information on aviation policies, passenger rights, safety reporting, and electronic services. It targets citizens, travelers, and aviation stakeholders within Saudi Arabia, positioning itself as the national authority in the transportation sector. The site features a professional design with consistent branding and a strong social media presence, enhancing trust and engagement. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Swiper.js, and is likely powered by the Sitecore CMS. Accessibility and digital experience tools are integrated, though performance is hindered by slow load times and a large page size. The SSL/TLS configuration is currently invalid or missing, which significantly impacts the security posture. Security-wise, the site lacks a valid HTTPS certificate and security headers, which are critical for protecting user data and ensuring secure communications. No explicit incident response or vulnerability disclosure mechanisms are evident. Privacy and cookie policies exist but are basic, with limited GDPR compliance indicators. The domain registration aligns with the Saudi government entity, supporting legitimacy. Overall, the website is functional and professional but requires urgent improvements in security configuration and performance optimization to enhance user trust and compliance with modern standards.

Qatar Airways is a globally recognized airline with a mature digital presence, offering comprehensive travel services including flight bookings, loyalty programs, and ancillary services. The website is well-designed, mobile-optimized, and provides extensive content and user engagement features. Technically, the site employs modern frameworks and analytics tools but lacks a valid SSL certificate, which is a critical security concern. The security posture is moderate due to missing HTTPS and TLS configurations, though other security headers are present. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site reflects a reputable enterprise with room for critical security improvements.

The website valorexpo.com is currently a parked domain with no active business content. It serves primarily as a placeholder page indicating the domain is for sale, targeting potential domain buyers or investors. The site is dominated by advertising scripts and lacks any meaningful business information or user engagement features. Technically, the site uses basic JavaScript and Google Adsense Domains CAF scripts, hosted likely on a parking provider's infrastructure. Performance is slow with a load time exceeding 7 seconds, and mobile optimization is minimal. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and lack of security headers or best practices. Privacy compliance is minimal with only a basic privacy policy accessible via a popup, and no cookie consent mechanism is present. Overall, the site has low trustworthiness and professionalism, reflecting its status as a parked domain rather than an active business website.

A

Aetna Group SPA

aetnagroup.com

0

Aetna Group SPA is a well-established global leader in the manufacturing of packaging machinery and end-line solutions, operating with multiple subsidiaries and a strong international presence. The company offers a broad range of packaging products and services, targeting industrial clients worldwide. The website reflects a mature business with consistent branding and good content quality. However, the technical infrastructure shows significant gaps, particularly the absence of a valid SSL certificate and modern security configurations, which poses a critical risk to user trust and data security. Performance issues such as slow load times further impact user experience. Privacy compliance is basic, with policies present but lacking comprehensive GDPR indicators. Overall, while the business credibility is strong, the security posture requires urgent improvement to align with industry best practices.

BHW Bausparkasse AG is a well-established financial institution specializing in mortgage and loan services primarily for the Italian market. The company operates with a mature domain registered since 1999 and offers a range of services including credit management and administrative support, some of which are outsourced to reputable partners like Cerved Credit Management Group. The website provides clear contact information and legal references, supporting its credibility in the finance sector. Technically, the website employs legacy technologies such as jQuery and Modernizr and demonstrates moderate performance with good mobile optimization. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. The lack of security headers and cookie consent mechanisms further highlights compliance and security gaps. From a security perspective, while SPF and DMARC records are properly configured, the missing HTTPS and security headers expose users to potential risks. The domain's WHOIS data is consistent with the business claims, showing a low expiry risk and no privacy protection, which supports legitimacy. Overall, the site requires urgent security improvements to protect user data and comply with privacy regulations. Strategic recommendations include implementing HTTPS with a valid SSL certificate, enabling security headers and HSTS, introducing cookie consent mechanisms to comply with GDPR, and enhancing domain protection. These measures will improve trust, security, and compliance, aligning the website with industry best practices.

P

Pacific Investment Management Company LLC

pimco.com

0

PIMCO is a globally recognized investment management firm specializing in providing investment solutions to institutions, financial professionals, and individual investors. The website reflects a mature and enterprise-level business with a strong focus on sustainable investing and ETFs. The company operates under multiple regulatory jurisdictions, demonstrating a high level of compliance and trustworthiness. Technically, the website employs modern technologies such as Sitecore CMS, Coveo search, and marketing tools like Marketo and Google Tag Manager, indicating a mature digital infrastructure. However, a critical security issue is the invalid or missing SSL certificate and lack of modern TLS protocols, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the website is professional, well-branded, and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions.

B

Bee Social Srl

bee-social.it

0

Bee Social Srl is a small digital marketing agency based in San Marino, founded in 2012, specializing in web marketing, social media management, SEO copywriting, online advertising, and website development. The company targets businesses and freelancers seeking practical digital marketing solutions. The website is professionally designed with rich content, clear navigation, and multiple client trust indicators including case studies and partner badges. Technically, the site is built on WordPress with common plugins and integrates analytics and marketing tools. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the business appears legitimate and consistent with its domain registration data, but the lack of HTTPS is a major risk that should be addressed immediately.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website libraindustriale.com currently serves as a security challenge or redirect page, likely protected by a Web Application Firewall (WAF) such as BitNinja. The domain is mature, registered since 2000 with a reputable registrar, but the website content is minimal and does not provide clear business information or services. The site uses outdated CMS versions (Joomla 1.5 and WordPress 2.5) indicated in meta tags, which are known to have security vulnerabilities. Critically, the site lacks a valid SSL certificate and HTTPS support, exposing visitors to potential security risks. DNS and WHOIS data show no domain protection locks or DNSSEC, which are recommended for domain security. Overall, the site’s security posture is weak, and privacy compliance is absent.

The website ejercito.mil.co represents the official online presence of the Colombian National Army, a government entity responsible for national defense and military operations. The domain is mature and registered consistently with the organization's identity, reflecting a legitimate and authoritative institution. However, the website content is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that blocks access unless JavaScript and cookies are enabled. This limits the ability to analyze the actual website content and user experience. From a technical perspective, the site is hosted behind Cloudflare, which provides security and performance services. Despite the presence of multiple security headers enforcing strict cross-origin policies, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap. The lack of HTTPS undermines secure communication and user trust. Performance metrics are unavailable due to the blocked content, but the presence of Cloudflare suggests potential for good performance once accessible. Security posture is weakened by the missing SSL certificate and disabled TLS protocols, although other security headers are well configured. No privacy, cookie, or terms of service policies are detected on the landing page, and no contact information or forms are visible, which limits transparency and user engagement. The domain WHOIS data confirms the domain's legitimacy and low expiry risk, supporting trust in the entity behind the site. Overall, the website currently presents a high risk due to inaccessibility and lack of HTTPS, which are critical for secure and trustworthy online presence. Strategic recommendations include immediate installation of a valid SSL certificate, enabling HTTPS, improving accessibility beyond the WAF challenge, and publishing essential policies and contact information to enhance compliance and user trust.

A

Address Hotels

addresshotels.com

0

Address Hotels + Resorts is a luxury hospitality brand offering five-star hotels and resorts in iconic locations, primarily in the Middle East. The website presents a comprehensive and professional digital presence with rich content, multiple language support, and integrated booking and dining reservation systems. The technical infrastructure is based on WordPress with modern web technologies such as React, jQuery, Bootstrap, and Flickity, hosted on Azure CDN. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent critical security vulnerabilities that must be addressed to ensure secure user interactions and data protection. Privacy compliance is partially met with a comprehensive privacy policy and terms of service, but lacks explicit cookie consent mechanisms. Overall, the site demonstrates strong business credibility and branding consistency but requires urgent security improvements.

P

Petroliam Nasional Berhad (PETRONAS)

petronas.com

0

PETRONAS is a leading Malaysian national oil and gas company with a strong global presence and diversified energy portfolio. The website reflects a mature enterprise with comprehensive information on its business units, sustainability initiatives, investor relations, and corporate governance. The technical infrastructure is modern, leveraging Drupal 9 CMS, Algolia search, and Azure hosting, with good mobile optimization and SEO practices. However, the security posture is critically weakened by the absence of a valid SSL certificate and HTTPS support, which poses significant risks to user trust and data security. Privacy and cookie policies are well implemented, indicating good compliance with GDPR and related regulations. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to improve security and user confidence.

L

Libertas Srl

libertas.sm

0

Libertas.sm is a well-established online news media outlet serving the San Marino and Rimini regions, operating since 2000. It provides daily news, stories, and information with a focus on local events, politics, culture, and sports. The website leverages WordPress CMS with a range of plugins for SEO, advertising, and user engagement, including Google Tag Manager and advertising networks. Despite a rich content offering and good user experience, the site lacks HTTPS encryption, which is a critical security vulnerability. Privacy and cookie policies are implemented with GDPR compliance, and contact information is clearly provided, supporting business credibility. The domain registration data confirms the site's legitimacy and maturity, though domain protection mechanisms are absent.