Security Directory

I

Interstudio

interstudio.dk

46

Interstudio is a Danish interior design and retail company specializing in high-quality design furniture and interior consultancy services for both private homes and businesses. Established in 1996, the company maintains a niche market position with a focus on premium international design brands. Their digital presence includes a WordPress-based website with WooCommerce for online shopping, supported by Elementor for content management and Google Tag Manager for analytics. The website is well-structured, mobile-optimized, and provides clear navigation and contact information, including social media channels and a newsletter subscription with GDPR-compliant consent. From a technical perspective, the website employs modern web technologies and plugins, ensuring a good user experience and moderate performance. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though there is room for improvement by enabling DNSSEC and implementing additional security headers. Privacy compliance is addressed through a cookie policy and consent mechanism, but lacks explicit security policies or incident response information. Overall, Interstudio demonstrates a solid business and technical foundation with a professional online presence. The security posture is reasonable but could be enhanced to meet higher standards. Strategic recommendations include strengthening domain security, publishing security policies, and continuous monitoring of third-party scripts to mitigate risks.

Mandalay Bay is a premier luxury resort and casino located on the Las Vegas Strip, operated by MGM Resorts International. The website showcases a comprehensive range of services including hotel accommodations, casino gaming, entertainment, dining, pool and wellness amenities, and nightlife options. The site targets leisure travelers and entertainment seekers, positioning itself as a major player in the hospitality industry with a strong brand presence and extensive offerings. Technically, the website is built using modern web technologies such as React and Next.js, supported by robust content delivery networks and analytics tools including Adobe Launch and Branch.io. The site demonstrates excellent performance, mobile optimization, and accessibility, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, implements key security headers, and provides cookie consent mechanisms aligned with privacy regulations. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not publicly available, representing areas for improvement. Overall, the website is professional, trustworthy, and compliant with privacy standards, with a high security posture and strong business credibility. The absence of WHOIS data for the subdomain is typical and does not detract from legitimacy. Strategic recommendations include publishing detailed security policies and terms of service to enhance transparency and trust.

V

Vibo SpA

viboitaly.com

54

Vibo SpA is an established Italian manufacturer specializing in innovative fittings for kitchens and wardrobes, serving the furniture industry with a focus on design and quality. The company has a strong market position supported by a well-structured website that targets industry professionals and consumers seeking high-quality Italian-made products. The website demonstrates a good level of digital maturity with modern JavaScript libraries, responsive design, and clear navigation. Cookiebot is implemented for cookie consent management, reflecting compliance with privacy regulations. Security posture is solid with HTTPS, CSRF protection, and domain transfer restrictions, although DNSSEC is not enabled and security headers could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

S

Saltfoss

seaborg.co

53

Saltfoss is a newly founded company (2025) focused on innovating nuclear energy technology by developing a fundamentally different nuclear power plant concept. Their flagship product is the Compact Molten Salt Reactor (CMSR) deployed on modular floating power barges designed for sustainability, safety, and cost-effectiveness. The company targets energy market stakeholders and aims to revolutionize energy markets by providing abundant, affordable, and low-emission energy solutions. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms policies. Contact information is not explicitly provided, which may impact user trust. Overall, the website and domain registration indicate a legitimate and transparent business entity with room for improvement in security and compliance documentation.

C

Capital Investment

capitalinvestment.dk

50

Capital Investment is a Danish real estate investment and asset management company specializing in the Greater Copenhagen property market. Established in 2013, it serves international investors seeking exposure to Danish real estate through comprehensive property management, asset management, and letting solutions. The company positions itself as a trusted local partner with deep market knowledge and a commitment to sustainable value creation. Technically, the website is built on WordPress using the Avada theme and integrates modern SEO and analytics tools such as Yoast SEO, Google Tag Manager, and Hotjar. The site is mobile optimized and provides a professional user experience with clear navigation and branding consistency. Security-wise, the website uses HTTPS with good SSL configuration but lacks advanced security headers and explicit security policies or incident response contacts. Privacy compliance is addressed with a privacy and cookie policy including a consent mechanism, though GDPR compliance details are basic. Overall, the website reflects a credible and professional business presence with room for improvement in security and compliance transparency.

W

WellPerform

wellperform.com

55

WellPerform is a specialized consultancy and engineering firm operating primarily in the energy sector, offering services in well management, drilling and completion engineering, exploration, and development operations. Their portfolio includes projects in Oil & Gas, Geothermal, Carbon Capture Storage, and Salt Cavern wells, serving over 100 international clients with more than 600 completed projects. The company also provides recruitment services tailored to the energy industry. Technically, the website is built on Webflow and integrates modern web technologies such as Lottie animations, Cookiebot for cookie consent, and live chat tools, reflecting a moderate to good digital maturity. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms but lacks published privacy and terms of service policies, which are critical for compliance and trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the professional content and contact details suggest a legitimate business presence. Overall, the website is well-designed and functional but would benefit from enhanced transparency and compliance documentation.

A

Absalon & Co

absalon-co.dk

56

Absalon & Co is a Danish real estate advisory company specializing in bridging the gap between the property and retail sectors by offering services focused on optimizing retail leases and enhancing property values. The company emphasizes a holistic and independent advisory approach, targeting property owners, buyers, sellers, and developers. The website is professionally designed using the One.com Web Editor platform and hosted on One.com infrastructure, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enabled but lacking security headers and privacy policies, which impacts compliance and trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content is accessible and professional. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and security.

C

c-bed.nl

c-bed.nl

38

The website c-bed.nl is currently a parked domain with minimal content primarily consisting of advertising blocks and a domain sales iframe. There is no active business presence or clear service offering visible on the site. The WHOIS data provided is inconsistent, showing a domain creation date in the future (2025-05-11), which suggests placeholder or inaccurate registration information. The site lacks HTTPS, security headers, and any meaningful privacy or cookie consent mechanisms, indicating a low level of technical and security maturity. Overall, the site does not present trustworthy or professional business information and appears to be monetizing traffic through advertising rather than providing direct services or products.

L

Lexsos

lexsos.dk

59

Lexsos operates a website hosted on the Squarespace platform, targeting a Danish audience with multilingual support via Weglot. The site presents a professional design with clear navigation but lacks detailed business descriptions and contact information. The technical infrastructure is modern, leveraging standard web technologies including jQuery and Cookiebot for cookie consent management. Security posture is solid with HTTPS and HSTS enabled, though additional security headers could enhance protection. Privacy compliance is addressed through a comprehensive cookie consent mechanism, but a dedicated privacy policy page is not explicitly found. The absence of WHOIS data limits domain legitimacy verification, posing a moderate risk. Overall, the website is functional and moderately secure but would benefit from enhanced transparency and business information.

M

MESSAGE

message.dk

71

MESSAGE.dk is an established Danish e-commerce retailer specializing in trendy clothing, shoes, and accessories. Operating since 1997, it serves primarily Danish consumers through its official online shop. The website leverages an enterprise-grade Sitecore Commerce platform and integrates multiple advanced marketing and analytics tools such as Google Analytics, Microsoft Clarity, Visual Website Optimizer, and Klaviyo, indicating a mature digital infrastructure. The site enforces HTTPS and provides a comprehensive cookie consent mechanism aligned with GDPR requirements, enhancing user privacy and compliance. However, the absence of explicit terms of service, visible contact information, and security headers suggests areas for improvement in legal completeness and security hardening.

G

Grumsen Development ApS

grumsendev.dk

61

Grumsen Development ApS is a Danish technology company specializing in custom software development, including app development, web development, and system integrations. Established in 2018 and headquartered in Esbjerg, Denmark, the company serves a nationwide business clientele with tailored digital solutions. Their market position is that of a trusted local provider with a diverse portfolio of projects and satisfied clients. The website reflects a professional and modern digital presence, showcasing their expertise and project experience effectively. Technically, the website is built using modern frameworks such as React and Next.js, with TypeScript and mobile app technologies like Swift and Flutter for iOS and Android platforms. The site is fast, mobile-optimized, and SEO-friendly, indicating a mature digital infrastructure. The presence of cookie consent mechanisms and privacy policy indicates attention to privacy compliance. From a security perspective, the site enforces HTTPS and uses secure forms, but lacks some advanced security headers and explicit security policies. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business claims, supporting legitimacy and trustworthiness. Overall, the website and business demonstrate a strong digital maturity and security posture suitable for their market segment. Strategic improvements in security policy transparency and DNS security could further enhance trust and compliance.

V

Val Controls

valcontrols.com

64

Val Controls is a company specializing in the manufacture and development of intelligent valve positioners and controllers, targeting industrial sectors such as oil & gas, mining, and power plants. The website positions the company as a world leader in this niche, offering safer, environmentally friendly, and cost-efficient solutions. The business model is primarily B2B, leveraging an e-commerce platform with quote request capabilities to facilitate customer engagement and sales. Technically, the website is built on the Shopify platform using a modern theme (Impact 5.3.0) and employs contemporary web technologies including JavaScript ES modules, Google Tag Manager, and hCaptcha for form security. The site is hosted on Shopify's CDN, ensuring fast performance and excellent mobile optimization. SEO and accessibility practices are implemented at a good level, with structured data enhancing search engine understanding. From a security perspective, the site enforces HTTPS and uses hCaptcha to protect forms, but lacks explicit security headers and published security policies. No privacy or cookie policies were detected, and no direct company contact emails or phone numbers are visible, which limits transparency. The WHOIS lookup failed to retrieve domain registration data, raising concerns about domain legitimacy and ownership verification. Overall, the website demonstrates solid technical implementation and business presentation but has notable gaps in privacy compliance, security transparency, and domain legitimacy. Strategic improvements in these areas would enhance trustworthiness and regulatory adherence.

N

Norm Invest

nord.investments

68

Norm Invest is a Danish financial services company offering automated, low-cost investment solutions targeted at Danish investors seeking simple and worry-free investment options. The company positions itself as a trustworthy and accessible platform with a strong customer satisfaction rating on Trustpilot. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, and various marketing and analytics tools such as Mixpanel and AdRoll. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. The absence of WHOIS registration data is a notable concern and warrants further verification. Overall, the website demonstrates a mature digital presence but could enhance privacy transparency by publishing explicit privacy and terms of service policies.

A

Audo Copenhagen

bylassen.com

71

Audo Copenhagen is a small, premium e-commerce business specializing in Danish design audio products, reflecting a blend of traditional craftsmanship and modern global outlook. The company operates primarily through a Shopify-based online storefront with regional subdomains for the US and Japan, indicating a global market approach. The website content is professionally designed with good branding consistency and clear navigation, targeting consumers interested in high-quality, design-focused audio equipment. Technically, the site leverages modern e-commerce technologies including Shopify's Dawn theme, Cloudflare DNS, and multiple marketing and analytics tools such as Klaviyo, Google Tag Manager, and Microsoft Clarity. Security measures include HTTPS enforcement, clientTransferProhibited domain status, and hCaptcha for form protection, although DNSSEC is not enabled and some security headers are not explicitly detected. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service found in the analyzed content. Overall, the website demonstrates a moderate to good security posture and technical maturity but would benefit from enhanced privacy and security documentation.

S

ScandiSales

scandi.dk

44

ScandiSales is a well-established Danish company specializing in supplying specialty films, foils, and printing inks primarily to the Scandinavian graphic and packaging industries. As a subsidiary of Ubro A/S and with acquisitions such as the Swedish company Systemprint, ScandiSales holds a leading market position in Scandinavia. Their website reflects a professional B2B supplier model with a broad product portfolio and strong industry expertise. The company targets wholesalers and businesses requiring high-quality packaging materials and printing solutions. Technically, the website is built on WordPress with the Avada theme and related plugins, offering a modern and responsive user experience with good SEO and accessibility basics. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Privacy compliance is good with clear privacy and cookie policies, though cookie consent mechanisms could be enhanced. Overall, the domain and business information are consistent and trustworthy, supporting a medium-sized manufacturing entity with a solid digital presence.

V

Van Gogh Museum

vangoghmuseum.nl

69

The Van Gogh Museum website serves as the official digital presence for the renowned cultural institution in Amsterdam dedicated to Vincent van Gogh. It provides visitors with information about exhibitions, ticket purchasing, and educational content. The site targets art enthusiasts, tourists, and the general public interested in Van Gogh's life and work. The museum holds a strong market position as a leading art museum in the Netherlands with a large audience. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Cookiebot for consent management, ensuring a good user experience and compliance with privacy regulations. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though additional security headers and explicit security policies could enhance protection. Privacy compliance is partially addressed through cookie consent mechanisms, but lacks visible privacy policy and terms of service pages. Overall, the website is professional, trustworthy, and well-branded, supporting the museum's mission and business model effectively.

The domain dk-export.dk is registered since 2004 and currently active with a registration expiry in August 2025. However, the website content is inaccessible, returning an HTTP 404 Not Found error with minimal HTML content and no metadata, forms, or links. This lack of content prevents any meaningful analysis of the business operations or digital presence. The absence of HTTPS and security headers further indicates a poor security posture. No privacy, cookie, or terms of service policies are present, and no contact or business information is available on the site. Overall, the website is effectively non-functional and does not provide any trust or compliance signals. From a technical perspective, the site lacks any detectable technology stack, frameworks, or CMS. The performance and user experience cannot be assessed due to the missing content. Security best practices are not observed, and the domain does not use DNSSEC. The WHOIS data shows a consistent and long-standing registration, which suggests legitimacy of the domain ownership, but the lack of website content and security features significantly reduces trustworthiness. The security posture is weak with no HTTPS, no security headers, and no visible incident response or vulnerability disclosure mechanisms. Privacy compliance is absent, and no GDPR-related policies or data protection officer information is found. The overall risk is high due to the lack of accessible content and security controls, which could expose the domain to misuse or reputational damage. Strategic recommendations include enabling HTTPS, deploying standard security headers, publishing privacy and cookie policies, providing clear contact and business information, and improving website content and technical implementation to establish trust and compliance.