Security Directory

W

Western Digital Corporation

mycloud.com

60

My Cloud, operated by Western Digital Corporation, provides personal cloud storage and NAS device management solutions targeting consumers and small businesses. The website reflects a mature and established brand with a domain age of 26 years and consistent branding aligned with Western Digital. The technical infrastructure leverages modern JavaScript frameworks and Adobe Launch for marketing and analytics, hosted on Amazon AWS infrastructure. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts user trust and security posture. Additionally, while privacy and terms policies are present, there is no cookie consent mechanism despite extensive tracking scripts, indicating partial privacy compliance. Overall, the site is professional and functional but requires urgent security improvements to meet modern standards.

W

Western Digital - US

wdc.com

63

Western Digital is a leading enterprise in the technology sector specializing in digital storage solutions including HDDs, NAS, gaming drives, and data center storage. The company maintains a strong market position with a comprehensive product portfolio and a well-structured e-commerce platform targeting both consumers and business customers. Their website reflects a mature digital infrastructure with advanced analytics and marketing tools integrated. However, the current lack of a valid SSL certificate and absence of HTTPS significantly undermines their security posture, posing risks to user data and trust. Despite this, their privacy and cookie policies are comprehensive and GDPR compliant, demonstrating a commitment to privacy compliance. Overall, the website is professional and trustworthy but requires urgent security improvements to align with best practices.

W

Western Digital - US

westerndigital.com

57

Western Digital is a leading enterprise in the technology sector specializing in digital storage solutions including hard disk drives (HDDs), data center storage, and network attached storage (NAS). The company has a strong market position supported by a mature domain and a comprehensive product portfolio targeting both consumer and business markets. Their website reflects a professional and well-structured e-commerce platform with extensive product information and support services. Technically, the site employs modern frameworks such as Adobe Experience Manager and utilizes various analytics and marketing tools including Adobe Launch, Bazaarvoice, and Facebook Pixel. However, a critical security gap is the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear policies and active consent mechanisms. Overall, Western Digital demonstrates high business credibility and trustworthiness, but must urgently address its SSL configuration to enhance security and user trust.

The website trodo.lv is currently inaccessible to general users due to a Cloudflare Web Application Firewall (WAF) challenge page requiring human verification. This prevents access to any substantive business content, contact information, or policies. The domain is registered and active with DNS and mail configurations indicating use of Microsoft Outlook mail protection and Google-related services. The SSL certificate is valid but short-lived, and no advanced security headers or DNSSEC are enabled. The lack of visible privacy or cookie policies and absence of contact details limit the ability to assess compliance and business credibility. Overall, the site appears to be protected by Cloudflare but lacks publicly accessible content for full evaluation.

Z

ZAAO

zaao.lv

36

ZAAO is a Latvian waste management company providing comprehensive services including collection, sorting, transportation, and disposal of various waste types in an environmentally friendly manner. The company targets private individuals, businesses, farmers, and public event organizers within its regional operational area. The website reflects a medium-sized enterprise with a clear business model focused on waste management and recycling services. Technically, the site is built on WordPress with Elementor, hosted on Google Cloud infrastructure, and uses modern web technologies and analytics tools. However, the absence of a valid SSL certificate significantly impacts the security posture, exposing users to potential risks. While cookie consent and privacy policies are well implemented, the lack of HTTPS and security headers are critical vulnerabilities. Overall, the domain registration is consistent and trustworthy, but security improvements are urgently needed to protect user data and enhance trust.

D

Dateks

dateks.lv

39

Dateks.lv operates as a medium-sized e-commerce retailer based in Latvia, specializing in a broad range of technology and consumer electronics products. The website offers extensive product categories including computers, components, office equipment, and home appliances, targeting both consumers and businesses in the Baltic region. The company maintains partnerships with major technology brands such as Asus, Dell, Intel, Lenovo, and Nvidia, reinforcing its market position as a reputable regional retailer. From a technical perspective, the website employs modern tracking and marketing technologies including Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. However, the site suffers from slow performance due to a large page size and numerous resources. Mobile optimization is good, but accessibility features are basic. The lack of a valid SSL certificate is a critical security shortfall, impacting user trust and data protection. Security posture reveals several vulnerabilities including missing DMARC, DNSSEC, and CAA records, and no domain protection locks, which collectively increase risk exposure. While HSTS is enabled, the absence of a valid SSL certificate and other security best practices lowers the overall security score. Privacy and cookie policies are present and GDPR compliant, with clear contact information provided. Overall, Dateks.lv presents a professional and content-rich e-commerce platform with moderate technical maturity and security posture. Strategic improvements in SSL/TLS implementation, email security, and DNS hardening are recommended to enhance trust and compliance.

A

anime-wear.com

anime-wear.com

70

Anime-wear.com is a specialized e-commerce platform offering anime-inspired apparel, accessories, and collectibles targeted at anime fans worldwide. The business operates primarily through direct product sales and affiliate marketing partnerships with major platforms like AliExpress and Amazon. The website demonstrates a consistent brand presence with active social media channels and a good content offering including product listings and blog posts. Technically, the site is built on WordPress with WooCommerce and uses Cloudflare for DNS and CDN services, integrating Google Analytics and Tag Manager for tracking. Security posture is adequate with HTTPS, SPF, and DMARC configured, but lacks some advanced headers like HSTS and CSP. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and moderately secure but could improve in privacy and security best practices.

P

Product-Led Growth Collective

productled.org

51

The Product-Led Growth Collective operates as a community-driven educational platform focused on product-led growth strategies for professionals in product management, marketing, sales, and customer success. Founded in 2019 and supported by Appcues, it offers articles, interviews, assessments, and newsletters to its audience. The website is hosted on Amazon AWS and built using Webflow CMS, integrating multiple third-party analytics and marketing tools such as Google Tag Manager, Segment, and Hotjar. Despite a professional design and relevant content, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy and cookie policies are not found, indicating potential compliance gaps. The domain is mature and well-protected via privacy services, aligning with the business's legitimacy. Overall, the site presents a moderate risk profile with recommendations to improve security and privacy compliance.

E

efficy

tribecrm.es

40

Tribe CRM, operated under the parent company efficy, offers a highly adaptable CRM platform designed to help businesses grow by integrating sales, marketing, and customer service functions with AI capabilities. The website targets Spanish-speaking businesses seeking customizable CRM solutions with seamless integrations and workflow automation. The company positions itself as a modern, customer-centric CRM provider with a growing client base exceeding 10,000 users. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Piwik PRO, and Cookiebot for consent management. However, the site suffers from a lack of valid SSL/TLS certificates, resulting in insecure HTTP connections and no HTTPS enforcement, which is a critical security concern. Performance is suboptimal with slow load times and a large page size, though mobile optimization and content quality are strong. Security posture is weak due to missing HTTPS, lack of security headers, and no DMARC record, exposing the site to potential risks. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism in place. Business credibility is supported by clear contact information, professional content, and trust signals such as testimonials and partner links. Overall, while the business and content aspects are strong, the security deficiencies significantly impact the risk profile. Immediate remediation of SSL/TLS and security headers is recommended to protect user data and improve trust.

E

efficy

tribecrm.se

40

Tribe CRM, operated by efficy, offers a comprehensive, customizable CRM platform designed to help businesses grow by streamlining customer relationship management, sales, marketing, and project management processes. The platform integrates AI-driven tools and supports seamless integration with popular business applications, targeting medium-sized enterprises primarily in Sweden and surrounding markets. The website is professionally designed with rich content, multiple language support, and clear calls to action, reflecting a mature digital presence. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and HTTPS, which severely undermines user trust and data security. Despite extensive use of analytics and marketing tools with consent mechanisms, the lack of HTTPS and security headers poses significant risks. Overall, the business appears legitimate and well-positioned in the CRM market, but urgent improvements in security posture are necessary to protect users and comply with best practices.

E

efficy

tribecrm.no

59

Tribe CRM, operated by efficy, is a modern, no-code CRM platform designed to help businesses grow by providing customizable tools for sales, marketing, and customer service. The platform integrates AI features and workflow automation to enhance productivity and customer engagement. Positioned as a flexible and scalable solution, Tribe CRM serves over 10,000 customers and offers tiered subscription plans with a free trial option. Technically, the website is built on WordPress with a suite of modern plugins and analytics tools, including Piwik PRO and Cookiebot for privacy compliance. However, a critical security gap exists as the site lacks a valid SSL certificate and does not serve content over HTTPS, exposing users to potential risks. The site is well-designed, mobile-optimized, and provides comprehensive privacy and cookie policies, reflecting a strong commitment to GDPR compliance. Overall, while the business and technical maturity are solid, urgent improvements in security infrastructure are necessary to protect user data and enhance trust.

E

efficy

tribecrm.eu

40

Tribe CRM is a technologically advanced, no-code CRM platform designed to empower businesses with customizable sales, marketing, and customer service tools integrated with AI capabilities. The platform targets medium-sized businesses seeking scalable and adaptable CRM solutions. The website is professionally designed, multilingual, and rich in content, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. The site employs multiple third-party analytics and marketing tools, including Piwik PRO, Google Analytics, and Cookiebot, with a comprehensive cookie consent mechanism ensuring GDPR compliance. Overall, while the business and technical maturity are strong, the security posture requires urgent improvement to meet industry standards and protect user data effectively.

E

efficy

tribecrm.fr

40

Tribe CRM is a French-language SaaS CRM platform operated by efficy, targeting businesses seeking a flexible, AI-powered CRM solution. The website presents a professional, content-rich experience with clear business offerings, pricing, and multilingual support. Technically, the site is built on WordPress with modern marketing and analytics integrations, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which severely impacts security posture. Privacy compliance is well addressed with comprehensive cookie consent and privacy policies. Overall, the business appears legitimate and well-positioned in the CRM market, but the security weaknesses pose risks that should be urgently addressed.

P

PerfectView CRM Online

perfectview.nl

40

PerfectView CRM Online is a well-established Dutch CRM software provider with over 36 years of experience and a strong customer base exceeding 5,200 clients. The company offers a comprehensive SaaS CRM platform targeting Dutch businesses, emphasizing data privacy by hosting data within the Netherlands and maintaining ISO 27001 certification. The website reflects a professional and consistent brand presence with good content quality and clear navigation. Technically, the site is built on WordPress using common frameworks like Bootstrap and jQuery, with integration of marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Hotjar, and LinkedIn Insight Tag. However, the website suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture and user trust. Other security best practices like HSTS and security headers are also missing. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

E

efficy

tribecrm.dk

57

Tribe CRM, operated by efficy, is a modern, AI-enhanced CRM platform designed to support businesses in sales, marketing, customer service, and project management. The platform targets medium-sized businesses seeking flexible and integrated CRM solutions with advanced automation and AI capabilities. The website demonstrates a professional and consistent brand presence with comprehensive content and multilingual support. Technically, the site is built on WordPress with several marketing and analytics integrations, including Piwik PRO, Google Analytics, and VWO, indicating a mature digital marketing approach. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. The site implements GDPR-compliant privacy and cookie policies with a robust consent mechanism, reflecting good privacy practices. Overall, while the business and content aspects are strong, the security posture requires urgent improvement to meet modern standards.

E

efficy

tribecrm.nl

59

Tribe CRM is a Dutch-based SaaS company offering a customizable CRM platform integrated with AI features, targeting businesses seeking to grow customer loyalty and optimize sales and marketing processes. The company operates under the parent company efficy and has a mature domain with consistent registration data. Technically, the website is built on WordPress with modern marketing and analytics tools such as Piwik PRO, Cookiebot, and VWO, supporting multiple languages and SEO best practices. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support and lack of security headers, which significantly impacts the security posture. Privacy compliance is well addressed with comprehensive cookie and privacy policies and consent mechanisms. Overall, the website presents a professional and trustworthy business front but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

APSIS Pro is a mature email marketing and newsletter management platform with a regional focus in Asia and international presence. The website provides login access to its platform and detailed support contact information for Hong Kong, Singapore, and international customers. The business operates on a SaaS model targeting business users requiring email marketing solutions. Technically, the site uses older JavaScript libraries and is hosted on Amazon AWS infrastructure but suffers from slow load times and lacks modern web performance optimizations. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, no security headers, and missing advanced security configurations, although SPF and DMARC email protections are properly configured. Privacy and cookie policies are not present, indicating compliance gaps. WHOIS data confirms a long-established domain with strong registration protections, supporting business legitimacy. Overall, the site requires urgent improvements in security and privacy compliance to meet modern standards.

E

efficy

efficy.com

68

efficy is a leading European CRM software provider offering modular, GDPR-compliant solutions tailored to businesses of all sizes. The company emphasizes flexible, scalable platforms that centralize customer data, automate sales, and enhance customer engagement. With a strong market presence and over 13,500 customers, efficy positions itself as a trusted partner in the CRM and marketing automation space. The website reflects a mature digital infrastructure with advanced analytics and A/B testing capabilities, although performance optimization is needed due to slow load times. Security posture is currently weak due to an invalid SSL certificate and lack of modern TLS protocols, which poses a critical risk. Privacy compliance is well addressed with comprehensive cookie and privacy policies, including a consent mechanism. Overall, the site demonstrates professionalism and trustworthiness but requires urgent security improvements.

C

Civilstyrelsen

lovtidende.dk

40

Lovtidende.dk is the official Danish government platform for publishing laws and regulations, managed by Civilstyrelsen. It serves as a critical resource for government officials, legal professionals, and the public to access official legal documents. The website provides structured access to legal publications and links to other official government legal information portals. Technically, the site is built using modern frontend technologies such as React and employs SVG icons and CSS-in-JS styling. However, the site suffers from significant security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. The site also lacks security headers and cookie consent mechanisms, although it claims not to use cookies. Overall, the website is content-rich and professionally presented but requires urgent security improvements to protect user data and ensure trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2, sslTls. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

APSIS

apsis.no

59

APSIS operates a modern marketing platform, Apsis One, focused on AI-driven email marketing and automation to help businesses grow through personalized customer experiences. The platform integrates multiple marketing tools including email, SMS, surveys, and event management, targeting marketers and enterprises seeking an all-in-one solution. The website is professionally designed using Drupal 10 and integrates popular marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, demonstrating a mature digital marketing infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policy or incident response information is provided. Overall, the site is content-rich and credible but requires urgent security improvements to protect user data and maintain trust.

A

APSIS

apsis.dk

40

APSIS is a Denmark-based technology company specializing in AI-driven email marketing and marketing automation solutions through its flagship platform, Apsis One. The platform offers a comprehensive suite of marketing tools including email marketing, AI assistant, SMS marketing, CRM, and integrations designed to empower marketers to create personalized and data-driven customer experiences. The company operates under the parent company Efficy and serves a medium-sized market segment with a strong focus on seamless user experience and advanced marketing capabilities. Technically, the website is built on Drupal 10 and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, the website currently suffers from a critical security issue due to an invalid or missing SSL certificate and lack of modern TLS protocol support, which significantly impacts its security posture. Despite this, the site maintains good privacy and cookie policies with consent mechanisms, and no exposed sensitive data was detected. Overall, APSIS presents a professional and trustworthy marketing technology provider with room for improvement in its security infrastructure.

A

APSIS

apsis.se

40

APSIS is a Swedish technology company specializing in marketing technology solutions, offering a comprehensive SaaS platform called Apsis One that integrates AI-driven email marketing, marketing automation, SMS marketing, event management, and CRM integrations. The company targets modern marketers and businesses seeking to optimize their digital marketing efforts with data-driven tools. The website is professionally designed, content-rich, and well-structured, providing clear navigation and multiple calls to action such as free trials and demos. Technically, the site uses Drupal 10 CMS and integrates popular marketing and tracking technologies including Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Security headers are present but the absence of TLS protocols and valid certificates significantly lowers the security posture. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms implemented. Contact information is primarily via contact forms; no explicit emails or phone numbers were found. WHOIS data is consistent with the business claims, showing no suspicious registration patterns. Overall, the site demonstrates good business credibility and privacy compliance but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

A

APSIS

apsis.com

53

Apsis is a Swedish-based technology company providing a comprehensive AI-driven marketing platform called Apsis One. The platform offers tools for email marketing, marketing automation, SMS, surveys, forms, event management, and CRM integrations, targeting marketers and businesses seeking to optimize customer engagement and campaign effectiveness. The website is professionally designed with excellent content quality and clear navigation, supporting a strong market position in the marketing technology sector. Technically, the site uses Drupal 10 CMS and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the security posture. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policies or incident response information is found. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness.

C

Civilstyrelsen

statstidende.dk

40

Statstidende.dk is an official Danish government website operated by Civilstyrelsen under the Ministry of Justice. It serves as the official publication platform for legally mandated notices, allowing users to search, read, subscribe to, and submit official announcements. The site targets Danish citizens and organizations required to publish legal notices, positioning itself as a critical government information service. Technically, the site is built using modern JavaScript frameworks such as React and Webpack, providing a responsive and user-friendly interface. However, performance is suboptimal with a slow load time and large page size, indicating potential optimization opportunities. From a security perspective, the site lacks a valid SSL certificate and HTTPS support, which is a critical vulnerability for any public-facing website, especially a government platform. Additionally, no security headers or incident response policies are evident, and cookie consent mechanisms are absent, raising compliance concerns. Overall, while the business credibility and content quality are strong due to official government backing, the technical and security posture require urgent improvements to ensure user trust and regulatory compliance.

U

UVdata A/S

uvdata.dk

37

UVdata A/S is a Danish software company specializing in providing comprehensive software solutions for private and free schools, afterschools, and educational institutions in Denmark. Their product portfolio includes school management systems, payroll solutions, guidance software, and time management tools, positioning them as a key player in the Danish education technology sector. The company operates under the parent company KMD, enhancing its market credibility and reach. The website content is well-structured, primarily in Danish, and targets educational institutions with relevant services and support information. Technically, the website is built on WordPress using the Avada theme and integrates several JavaScript libraries and plugins, including Matomo for analytics. However, the site suffers from performance issues with slow load times and a large number of resources. Security-wise, the website lacks a valid SSL certificate, serving content without HTTPS, which is a critical vulnerability. Additionally, it lacks essential security headers and advanced SSL features such as HSTS and OCSP stapling. Privacy compliance is addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Overall, while the business and content aspects are strong and credible, the technical and security posture require significant improvements to ensure user trust and data protection.

S

Sekoia

sekoia.dk

33

Sekoia is a Danish healthcare software company providing a specialized app for care centers and social service providers to improve planning, documentation, and communication. The company is well-established with a mature domain and a clear market position supported by integrations with KMD Nexus and usage by multiple municipalities. The website is built on WordPress with modern marketing and analytics tools integrated, including consent management for GDPR compliance. However, the site currently lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are well implemented, and contact information is clearly presented. Overall, the business demonstrates good digital maturity but requires urgent security improvements to meet modern standards.

B

Banqsoft AS

banqsoft.com

63

Banqsoft AS is a medium-sized Norwegian company specializing in financial software solutions for the Nordic market, focusing on asset finance, digital banking, and credit management. The company offers comprehensive software suites and add-on services designed to digitize and optimize financial operations for its clients. Banqsoft holds recognized certifications such as ISO 14001 and ISO 27001, underscoring its commitment to sustainability and information security. The website reflects a professional and consistent brand presence with good content quality and user experience.

E

Edlund A/S

edlund.dk

40

Edlund A/S is a Danish company specializing in flexible software solutions and consulting services for the life and pension insurance sector. Established in 1998, the company offers modular standard software and expert consulting to help clients modernize and optimize their insurance administration systems. The website reflects a professional and consistent brand presence targeting Danish life and pension companies. Technically, the site uses ASP.NET with Umbraco CMS, modern JavaScript modules, and is hosted behind Cloudflare. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. Privacy and cookie policies are present with consent mechanisms, and contact information is comprehensive. Analytics and marketing tools are actively used, indicating a moderate level of user tracking. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

NEC Corporation operates a comprehensive global website showcasing its leadership in ICT, 5G, AI, biometrics, and digital government solutions. The company targets global enterprises and governments, offering advanced technology and consulting services. The website content is rich, professionally designed, and well-structured, reflecting NEC's enterprise-level market position. Technically, the site uses modern JavaScript libraries, Akamai CDN, and Adobe tag management, indicating a mature digital infrastructure. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability for a global technology company. Privacy and cookie policies are present and GDPR compliant, supporting good privacy practices. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

C

Civilstyrelsen

civilstyrelsen.dk

40

Civilstyrelsen is a Danish government agency under the Ministry of Justice, responsible for ensuring the fundamental principles of the rule of law. The agency provides a wide range of public services including legal aid, permissions for property acquisition, compensation claims, and oversight of various legal and administrative functions. The website targets Danish citizens, legal professionals, and organizations requiring governmental legal services. It operates as an official government entity with a medium organizational size and a consistent brand presence. The content is well-structured and relevant, supporting the agency's mission and services effectively. Technically, the website is built on the GoBasic CMS platform with jQuery and uses embedded Vimeo videos. Hosting appears to be on cloud infrastructure with IPv4 and IPv6 addresses. However, the website suffers from slow performance with a load time exceeding 15 seconds and a relatively large page size. Mobile optimization and accessibility are good, but SEO optimization is basic. The site lacks modern security configurations, notably missing a valid SSL certificate and HTTPS support, which is a critical vulnerability. From a security perspective, the absence of HTTPS and TLS protocols, lack of security headers, and missing DNS security features expose the site to potential risks. No incident response or vulnerability disclosure mechanisms are evident. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Contact information is clearly provided, enhancing trust and credibility. Overall, while the website serves its governmental purpose with good content and user experience, the critical lack of HTTPS and modern security measures significantly lowers its security posture and trustworthiness. Addressing these issues is paramount to protect user data and maintain public trust.

K

KMD A/S

kmd.dk

40

KMD A/S is a leading Danish IT and software company specializing in delivering comprehensive IT solutions to the public sector and businesses, with a strong focus on sectors such as energy, education, healthcare, and government. The company operates as a subsidiary of NEC Corporation and offers a broad portfolio of services including HR and payroll systems, data analytics, electronic document management, IT security, and SAP services. The website reflects a mature, well-established enterprise with extensive content and a professional digital presence. Technically, the website utilizes modern web technologies including ASP.NET, JavaScript modules, and is hosted behind Cloudflare with Umbraco CMS. It employs multiple security headers and analytics tools such as Google Analytics and Siteimprove. However, the absence of a valid SSL certificate and lack of enabled TLS protocols represent significant security weaknesses that must be addressed to ensure secure communications. From a security perspective, the site has implemented strong security headers and a strict DMARC policy, indicating good email security practices. Yet, the invalid SSL configuration and missing modern TLS support severely impact the overall security posture. Privacy compliance is well managed with clear privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, KMD's website demonstrates high business credibility and professionalism but requires urgent remediation of its SSL/TLS configuration to protect user data and maintain trust. Strategic improvements in security infrastructure will enhance the company's risk management and compliance stance.

U

Ubivox Technologies ApS

ubivox.com

40

Ubivox Technologies ApS operates a GDPR-compliant SaaS platform specializing in newsletters, email campaigns, and transactional emails, targeting companies, webshops, and governmental institutions primarily in Denmark. The company has a strong market presence with over 1,000 clients including notable Danish government bodies. Their platform emphasizes user-friendliness, legal compliance, and integration capabilities with over 1,000 external systems. Technically, the website is built on WordPress with the Avada theme and incorporates modern JavaScript libraries and marketing tools such as Matomo, Facebook Pixel, and LinkedIn Insight Tag. Security measures include TLS 1.3 support and OCSP stapling, though improvements like enabling HSTS and DNSSEC are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, with a moderate to good security posture and strong business credibility.

APSIS Pro operates as a specialized platform focused on email marketing and newsletter management, serving a broad Nordic and Hong Kong customer base. The company is part of the Efficy group and maintains regional support offices with dedicated contact points, indicating a medium-sized, established business with a clear B2B SaaS model. The website content is minimal but functional, primarily providing login access and customer support information. Technically, the site is hosted on AWS and uses legacy JavaScript libraries, with moderate performance and basic SEO and accessibility features. However, the absence of a valid SSL certificate and HTTPS support severely undermines the security posture, exposing users to risks and reducing trust. No privacy or cookie policies are present, indicating compliance gaps. The domain is mature and well-registered, supporting the legitimacy of the business. Strategic improvements in security, privacy compliance, and modernization of the technology stack are recommended to enhance trust and operational resilience.

D

Danish Research Institute for Economic Analysis and Modelling

dreamgruppen.dk

40

DREAMgruppen.dk represents the Danish Research Institute for Economic Analysis and Modelling, an independent institution specializing in economic modeling and analysis of the Danish economy. The organization offers a suite of economic and demographic models and provides services such as policy evaluation, custom analyses, and training. The website is professionally designed with comprehensive content targeting public and private sector stakeholders interested in economic data-driven decision making. Technically, the site is built on ASP.NET with GoBasic CMS and uses jQuery, but suffers from slow load times and lacks modern security implementations such as HTTPS. Security posture is weak due to the absence of a valid SSL certificate, no TLS protocols enabled, and missing security headers, which poses a significant risk to user data and trust. Privacy compliance is adequate with clear privacy and cookie policies, though no explicit consent mechanism is observed. Overall, the site is credible and trustworthy from a business perspective but requires urgent security improvements to protect visitors and maintain institutional reputation.

M

Medarbejder- og Kompetencestyrelsen

medst.dk

40

Medarbejder- og Kompetencestyrelsen is a Danish government agency under the Ministry of Finance focused on labor agreements, HR education, and development activities within the public sector. The agency provides tools, advisory services, and regulatory information to state employers and HR professionals. The website serves as an authoritative platform for state HR matters, offering educational programs, circulars, and practical tools. Technically, the site is built on the Umbraco CMS platform, uses modern JavaScript libraries such as Swiper.js for UI components, and integrates Cookiebot for cookie consent management. However, the site suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines secure HTTPS access. Other security best practices such as HSTS, DNSSEC, and security headers are absent, indicating room for improvement in security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent SSL remediation to ensure secure user interactions.

S

Statens Administration

statens-adm.dk

40

Statens Administration is a Danish government entity providing centralized administrative services focusing on payroll, accounting, reimbursement, and support portals for public sector organizations. The website reflects a professional government service portal with clear navigation and relevant content for its target audience. Technically, the site uses Umbraco CMS and integrates third-party analytics and search tools, but suffers from a critical security flaw due to the absence of a valid SSL certificate, impacting HTTPS availability. Privacy compliance is well addressed with Cookiebot consent management and comprehensive cookie and privacy policies. The security posture is weak due to missing HTTPS and security headers, posing risks to user data confidentiality and integrity. Overall, the site is functional and trustworthy but requires urgent security improvements to meet modern standards.

S

Statens It

statens-it.dk

40

Statens It is a Danish government IT organization established in 2008, providing a range of IT services including workplace solutions, security, IT operations, servicedesk, and development of shared services primarily for public sector entities. The website reflects a mature and consistent government presence with clear contact information and compliance with GDPR through comprehensive privacy and cookie policies. Technically, the site uses modern tools such as Cookiebot for consent management and Cludo for search functionality, and is built on the Umbraco CMS platform. However, the security posture is weakened by the absence of a valid SSL certificate and HTTPS support, lack of security headers, and missing DNSSEC, which are critical for protecting user data and ensuring secure communications. The domain registration data aligns well with the official government entity, showing a long-standing and legitimate presence.

B

Briteweb - B Corp Creative Agency Dedicated to Social Change

briteweb.com

65

Security assessment completed with an overall score of 0/100 (unknown risk). 8 high-priority issues should be addressed promptly. Total of 30 security findings identified across all modules.

T

Trees for the Future

trees2024impact.org

40

Trees for the Future is a well-established non-profit organization dedicated to sustainable agroforestry and land restoration, as evidenced by their 2024 Impact Report website. The organization focuses on empowering farmers in challenging environments through their Forest Garden Approach, which promotes environmental restoration, food security, and economic growth. The website demonstrates a strong market position with notable recognitions such as the UN World Restoration Flagship Award and a clear commitment to community and environmental impact. Technically, the website is built using modern technologies like Framer and supports secure protocols such as TLS 1.3, but it suffers from slow load times and lacks some advanced security features like HSTS and OCSP stapling. Security posture is good with no critical vulnerabilities detected, but privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy, though it would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

The website statens-tilskudspuljer.dk currently serves a 404 Not Found error page, indicating that the content is inaccessible or missing. There is no visible business information, metadata, or user-facing content to analyze. The domain is mature, registered since 2017, and shows no suspicious WHOIS patterns, but the lack of domain protection and DNSSEC is a minor concern. Technically, the site lacks HTTPS support and security headers, which significantly impacts its security posture and trustworthiness. Overall, the site is not operational in its current state, limiting any meaningful business or security analysis.

4

404 Siden blev ikke fundet

perst.dk

40

The website at perst.dk currently serves only a 404 error page indicating that the requested content is not found. There is no business or service information available on the site. The domain is mature, registered since 2000, and associated with Statens IT infrastructure in Denmark, suggesting it is an institutional or government-related domain. The technical infrastructure includes a proxy server, valid SPF and DMARC email policies, and TLS 1.2 with a strong cipher suite, but lacks modern SSL/TLS features such as HSTS, OCSP stapling, and TLS 1.3. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available on the page. No analytics or tracking technologies are detected, indicating minimal user tracking.

Ø

Økonomistyrelsen

oes.dk

40

Økonomistyrelsen is a Danish government agency focused on economic management, public procurement, and digital solutions for state institutions. It serves as a key authority supporting efficient public sector operations and financial governance. The website reflects a mature government entity with a clear focus on providing guidance, advisory services, and digital support to public institutions. The agency maintains a professional online presence with detailed content and official contact information. Technically, the site uses Umbraco CMS and integrates third-party tools like Cookiebot for consent management and Cludo for search functionality. Performance is moderate, and accessibility and SEO are well addressed. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Email authentication via SPF and DMARC is properly configured, enhancing email security. Overall, the site is trustworthy and compliant with GDPR, but urgent improvements in SSL/TLS implementation are necessary to enhance security posture and user trust.

Naalakkersuisut.gl is the official government website of Greenland, serving as the primary portal for government news, departmental information, and public resources. The site targets Greenlandic citizens, government officials, and media, providing authoritative and up-to-date information about governmental activities and services. The business model is public service oriented, with a focus on transparency and communication. Technically, the website employs standard web technologies including JavaScript and CSS, and uses Matomo for analytics. The site is moderately performant and mobile-optimized, but lacks modern security implementations such as HTTPS and security headers, which significantly impacts its security posture. From a security perspective, the absence of a valid SSL certificate and HTTPS support is a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies were found, indicating gaps in compliance with GDPR and other privacy regulations. The site does not display any incident response or security policies, which could affect trust and readiness for security events. Overall, while the website fulfills its role as a government information portal with good content quality and user experience, the lack of fundamental security measures and privacy compliance lowers its trustworthiness and exposes it to risks. Strategic improvements in security infrastructure and privacy transparency are recommended to enhance user trust and regulatory compliance.

T

Trees for the Future

trees.org

57

Trees for the Future is a well-established nonprofit organization dedicated to land restoration and sustainable agriculture in developing communities worldwide. The organization is recognized as a United Nations World Restoration Flagship, highlighting its leadership in ecosystem restoration efforts. Their business model relies on donations, corporate partnerships, and community engagement to support farmers and combat hunger, poverty, and environmental degradation. The website effectively communicates their mission, impact, and opportunities for involvement, targeting donors, environmental advocates, and strategic partners. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and various marketing and fundraising tools. While the site is well-structured, mobile-optimized, and SEO-friendly, it suffers from slow load times and lacks a valid SSL certificate, which is a critical security deficiency. The absence of HTTPS and security headers exposes the site and its users to potential risks. From a security perspective, the site has significant vulnerabilities including no active SSL/TLS encryption, no HSTS, no DNSSEC, and no security headers. Although privacy and cookie policies are present with consent mechanisms, the site uses multiple third-party trackers which may impact user privacy. The domain is mature and protected by privacy proxy services, which is justified for a nonprofit entity. Overall, the security posture is weak and requires urgent improvements. The overall risk assessment indicates a trustworthy and professional nonprofit with excellent content and business credibility but with critical security gaps. Strategic recommendations include immediate SSL deployment, enhanced security headers, DNS security improvements, and a formal vulnerability disclosure policy to strengthen trust and compliance.

G

GetWhy A/S

preely.com

62

Preely is a Denmark-based technology company offering a SaaS platform focused on enhancing product decision-making through remote user testing and continuous discovery. Their platform supports testing of prototypes across devices and integrates AI (ChatGPT) for advanced test analysis. The company targets product teams, UX professionals, and businesses seeking efficient user feedback mechanisms. The website demonstrates a professional presence with trusted clients and active social media engagement. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging Cloudflare for DNS and CDN services. It employs standard marketing and analytics tools including Google Analytics, Facebook Pixel, and Cookiebot for GDPR-compliant cookie management. While the SSL certificate is valid, the site lacks advanced security headers and HSTS, and performance metrics indicate a slower load time. Security posture is moderate with no critical vulnerabilities detected, but improvements are recommended in HTTP security headers and DNSSEC implementation. Privacy compliance is strong, supported by a comprehensive privacy policy and cookie consent mechanism. Business credibility is reinforced by clear company information, testimonials, and client logos. Overall, Preely presents a trustworthy and functional online presence with room for technical and security enhancements to further strengthen its posture and user trust.

O

Oqaasileriffik

kukkuniiaat.gl

41

Oqaasileriffik operates the website kukkuniiaat.gl, providing the Greenlandic spell checker tool Kukkuniiaat. This service supports multiple office platforms including Google Docs, Microsoft Office, Adobe InDesign, LibreOffice, and Apache OpenOffice, targeting Greenlandic language users and institutions. The organization is a government language secretariat, positioning itself as the official provider of Greenlandic language technology and resources. The website content is well-structured, multilingual, and professionally presented, supporting accessibility and user engagement. Technically, the website employs modern front-end technologies such as Bootstrap 5 and jQuery, hosted by Hosting.gl ApS. It integrates Matomo and Google Analytics for user tracking and performance monitoring. However, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Performance is moderate with a page load time of approximately 4.5 seconds and a moderate number of resources. From a security perspective, the absence of HTTPS and modern TLS protocols significantly undermines user data protection and trust. While SPF and DMARC records are correctly configured for email security, the lack of security headers, HSTS, and OCSP stapling further weakens the security posture. Privacy compliance is basic with a privacy policy present but lacking explicit GDPR compliance statements or cookie consent mechanisms. Overall, the website is functional and credible but requires urgent security improvements, especially SSL/TLS deployment, to protect users and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing security headers, and enhancing privacy compliance to meet regulatory standards.

O

Oqaasileriffik

nutserut.gl

42

Nutserut is a specialized online platform operated by Oqaasileriffik, the Language Secretariat of Greenland, providing machine translation and language learning tools focused on the Greenlandic language. The website offers multiple AI-based translation methods and educational annotation tools aimed at language learners, translators, and researchers interested in Greenlandic. The service is positioned as a niche governmental resource with a clear public service mission. Technically, the website employs modern frontend technologies including Bootstrap 5.3, jQuery, and Matomo analytics. However, the site suffers from slow load times and lacks HTTPS support due to an invalid or missing SSL certificate, which significantly impacts security and user trust. The site is hosted via Hosting.gl ApS with DNS managed through Google Domains, reflecting a stable infrastructure. From a security perspective, the absence of HTTPS and security headers presents a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies are present, indicating poor privacy compliance. Analytics tools are used without visible privacy disclosures, and no incident response or security policy information is provided. The domain registration is mature and consistent with the governmental nature of the site, supporting legitimacy. Overall, while the website provides valuable language services with good content and business credibility, its security posture is weak and privacy compliance is lacking. Strategic improvements in SSL deployment, security headers, and privacy policies are essential to enhance trust and protect users.