Security Directory

The website dohlmann.eu is currently non-functional, displaying a database connection error page with no accessible content or metadata. This prevents any meaningful analysis of the business, services, or security posture from the website itself. The domain is registered through a reputable registrar, One.com A/S, indicating legitimate domain ownership, but the lack of operational website content severely limits trust and credibility. The technical infrastructure appears to have critical backend issues that must be resolved to restore service. Security posture is weak due to absence of HTTPS and security headers, and no privacy or cookie policies are present. Overall, the site is currently at high risk due to unavailability and lack of security controls.

D

Den Sociale Retshjælps Fond

socialeretshjaelp.dk

0

Den Sociale Retshjælps Fond is a Danish non-profit organization dedicated to providing free legal aid and debt counseling services across Denmark. The website clearly targets Danish citizens seeking assistance with legal and financial issues, positioning itself as a trusted social aid foundation. The business model revolves around offering free advisory services, supported by a consistent brand presence and active social media engagement. The website's content is relevant and professionally presented, supporting its mission effectively. Technically, the website is built on WordPress using a modern stack including Elementor for design, Yoast SEO for optimization, and Cookiebot for cookie consent management. Hosting appears to be provided by One.com, and the site demonstrates moderate performance with good mobile optimization. Accessibility features are basic but present, and SEO practices are well implemented. From a security perspective, the site employs HTTPS and includes a cookie consent mechanism, enhancing privacy compliance. The presence of security plugins like Stop User Enumeration indicates awareness of security best practices. However, the absence of explicit security headers and a privacy policy page suggests room for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a solid risk profile with a good security posture and trustworthy business legitimacy. Strategic recommendations include adding comprehensive privacy and terms of service pages, enhancing security headers, and publishing a vulnerability disclosure policy to further strengthen compliance and trust.

The website at udstillingsdesign.dk is currently inaccessible, presenting only a generic 'Site Currently Unavailable' error page with no substantive content or business information. This indicates either a hosting issue or the site is offline. The lack of any contact details, privacy policies, or terms of service severely limits the ability to assess the business or its compliance posture. Technically, the site uses basic HTML and CSS with Google Fonts but lacks modern security features such as HTTPS and security headers. No analytics or tracking technologies are detected, suggesting minimal digital maturity. The WHOIS data is consistent and indicates a Danish registration, but the absence of website content reduces trust and credibility. Overall, the site is not operational and scores very low on content quality, security, and privacy compliance.

M

MERQUR

merqur.dk

0

MERQUR is a Danish service provider specializing in accounting, administration, bookkeeping, and consulting services. The company positions itself as a quality-focused provider delivering careful craftsmanship at competitive pricing. The website is built on WordPress using the Enfold theme and includes modern analytics tools such as Google Analytics and Matomo, indicating a moderate level of digital maturity. The site is mobile optimized and provides a cookie consent mechanism with detailed user controls, reflecting awareness of privacy compliance requirements. However, explicit privacy policies, terms of service, and contact information are not present in the analyzed content, which may impact user trust and compliance completeness. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and incident response information.

The website avatao.com is currently inaccessible to normal users due to a Cloudflare Web Application Firewall (WAF) challenge page implementing a proof-of-work captcha mechanism. This security measure blocks automated access and requires computational challenge completion before granting access to the actual site content. As a result, no business-related content, contact information, or policies are visible for analysis. The domain is registered with Cloudflare, Inc. since 2013, indicating a mature and legitimate registration. However, the lack of DNSSEC and absence of visible security headers suggest room for improvement in domain security configuration. The site does not provide privacy, cookie, or terms of service policies on the challenge page, which limits compliance assessment. Overall, the security posture is focused on access control via WAF but lacks transparency in user-facing security and privacy documentation.

E

Engskov Maskinfabrik A/S

engskov.dk

0

Engskov Maskinfabrik A/S is a Danish manufacturing company specializing in metal fabrication and machining services, with over 50 years of industry experience. The company targets industrial clients requiring high-quality smede- and maskinfabrik services. The website reflects a professional B2B business model with a clear focus on quality and timely delivery. Technically, the site is built on WordPress using the Astra theme, incorporating modern web technologies and standard SEO practices. It is mobile-optimized and includes cookie consent mechanisms aligned with GDPR requirements. Security posture is strong with HTTPS enforced and appropriate security headers, though the absence of a public security policy and incident response details suggests room for improvement. The lack of WHOIS data limits domain trust assessment, but the website's professional presentation supports its legitimacy. Overall, the site is well-structured and trustworthy, serving its target audience effectively.

F

Fibertex Nonwovens A/S

fibertex.com

0

Fibertex Nonwovens A/S is a well-established manufacturer specializing in nonwoven and performance materials serving diverse industrial sectors such as automotive, construction, filtration, and healthcare. With over 50 years of industry experience and a global footprint including multiple subsidiaries, Fibertex positions itself as a leader in delivering high-performance, sustainable solutions. The company targets industrial clients requiring specialized materials and emphasizes innovation and partnership in its business approach. Technically, the website is built on Drupal 10, leveraging modern web technologies and includes a cookie consent mechanism, indicating a mature digital presence. Security-wise, the site enforces HTTPS and uses consent management but lacks explicit published security policies or incident response information, which could be improved. The absence of WHOIS registration data is a notable gap but does not detract significantly from the overall legitimacy given the comprehensive business content and certifications. Strategic recommendations include enhancing security transparency, publishing incident response contacts, and improving WHOIS registration visibility to bolster trust.

C

CIFF

ciff.dk

0

CIFF is a well-established international fashion trade show organizer based in Denmark, operating since 1998. The company hosts bi-annual events that serve as major platforms for the fashion industry, targeting exhibitors and buyers globally. Their website reflects a professional and modern digital presence built on Next.js and React, with strong mobile optimization and user experience. Privacy compliance is robust, featuring a comprehensive privacy policy linked to their parent company Bella Group and a fully integrated Cookiebot consent mechanism. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, CIFF demonstrates a mature business and digital infrastructure with high trustworthiness and compliance.

R

Rosneft

rosneft.com

0

Rosneft is a leading Russian integrated oil and gas company with a strong market position and a comprehensive portfolio of upstream and downstream operations. The website reflects a mature enterprise with clear business focus on energy production, refining, and investor relations. The technical infrastructure uses standard web technologies including jQuery and Yandex Maps API, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with no explicit cookie consent or detailed privacy policy pages detected. Overall, the website is professional and trustworthy, but could improve in security and privacy transparency.

N

Norwegian Refugee Council

nrc.no

0

The Norwegian Refugee Council (NRC) is a well-established independent humanitarian organization based in Norway, operating globally in over 40 countries to assist displaced persons and refugees. The website reflects a mature digital presence with comprehensive content about their mission, latest news, and global projects. The organization targets donors, partners, and the general public interested in humanitarian aid. Their business model is non-profit, focusing on aid delivery and expert deployment through their NORCAP program. The site is professionally designed with consistent branding and clear trust indicators such as certifications and social media presence. Technically, the website employs a modern technology stack including jQuery, Google Tag Manager, Facebook Pixel, Matomo Analytics, Hotjar, and Azure Application Insights, indicating a sophisticated approach to analytics and user engagement. The CMS appears to be Episerver, supporting a structured and scalable content management environment. Performance and mobile optimization are good, with accessibility and SEO features well implemented. From a security perspective, the site enforces HTTPS and uses multiple security best practices, although explicit security headers were not fully confirmed in the HTML. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Contact information is transparent and verified, enhancing business credibility. The lack of public WHOIS data suggests privacy protection, which is justified for this type of organization. Overall, the NRC website demonstrates a high level of professionalism, security, and compliance suitable for a large humanitarian NGO. Strategic recommendations include enhancing visible security headers, publishing a vulnerability disclosure policy, and maintaining ongoing security audits of third-party scripts to mitigate risks.

S

Spejder Sport A/S

spejdersport.dk

0

Spejder Sport A/S is Denmark's first and largest outdoor retail store, established in 1945, specializing in outdoor clothing and equipment with a strong e-commerce presence. The website targets outdoor enthusiasts, families, and youth, offering a broad range of products and customer guidance. The company holds a solid market position within the Danish retail sector for outdoor goods. Technically, the website is built on a modern stack including Shopware CMS, Google Tag Manager, Google reCAPTCHA v3, and Cloudflare for hosting and security. It employs a comprehensive cookie consent mechanism compliant with GDPR, integrates multiple analytics and marketing tools, and demonstrates good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS, uses bot protection, and provides detailed cookie disclosures. However, explicit security headers like X-Frame-Options and Content Security Policy are not confirmed and could be improved. No incident response or vulnerability disclosure information is publicly available, which could enhance trust. Overall, the website presents a professional and trustworthy digital presence with moderate to good security posture and privacy compliance. The absence of direct contact information and terms of service pages are minor gaps. Strategic improvements in security headers and transparency around incident response would strengthen the security and compliance profile.

I

Interstudio

interstudio.dk

0

Interstudio is a Danish interior design and retail company specializing in high-quality design furniture and interior consultancy services for both private homes and businesses. Established in 1996, the company maintains a niche market position with a focus on premium international design brands. Their digital presence includes a WordPress-based website with WooCommerce for online shopping, supported by Elementor for content management and Google Tag Manager for analytics. The website is well-structured, mobile-optimized, and provides clear navigation and contact information, including social media channels and a newsletter subscription with GDPR-compliant consent. From a technical perspective, the website employs modern web technologies and plugins, ensuring a good user experience and moderate performance. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though there is room for improvement by enabling DNSSEC and implementing additional security headers. Privacy compliance is addressed through a cookie policy and consent mechanism, but lacks explicit security policies or incident response information. Overall, Interstudio demonstrates a solid business and technical foundation with a professional online presence. The security posture is reasonable but could be enhanced to meet higher standards. Strategic recommendations include strengthening domain security, publishing security policies, and continuous monitoring of third-party scripts to mitigate risks.

Mandalay Bay is a premier luxury resort and casino located on the Las Vegas Strip, operated by MGM Resorts International. The website showcases a comprehensive range of services including hotel accommodations, casino gaming, entertainment, dining, pool and wellness amenities, and nightlife options. The site targets leisure travelers and entertainment seekers, positioning itself as a major player in the hospitality industry with a strong brand presence and extensive offerings. Technically, the website is built using modern web technologies such as React and Next.js, supported by robust content delivery networks and analytics tools including Adobe Launch and Branch.io. The site demonstrates excellent performance, mobile optimization, and accessibility, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, implements key security headers, and provides cookie consent mechanisms aligned with privacy regulations. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not publicly available, representing areas for improvement. Overall, the website is professional, trustworthy, and compliant with privacy standards, with a high security posture and strong business credibility. The absence of WHOIS data for the subdomain is typical and does not detract from legitimacy. Strategic recommendations include publishing detailed security policies and terms of service to enhance transparency and trust.

Vibo SpA is an established Italian manufacturer specializing in innovative fittings for kitchens and wardrobes, serving the furniture industry with a focus on design and quality. The company has a strong market position supported by a well-structured website that targets industry professionals and consumers seeking high-quality Italian-made products. The website demonstrates a good level of digital maturity with modern JavaScript libraries, responsive design, and clear navigation. Cookiebot is implemented for cookie consent management, reflecting compliance with privacy regulations. Security posture is solid with HTTPS, CSRF protection, and domain transfer restrictions, although DNSSEC is not enabled and security headers could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

S

Saltfoss

seaborg.co

0

Saltfoss is a newly founded company (2025) focused on innovating nuclear energy technology by developing a fundamentally different nuclear power plant concept. Their flagship product is the Compact Molten Salt Reactor (CMSR) deployed on modular floating power barges designed for sustainability, safety, and cost-effectiveness. The company targets energy market stakeholders and aims to revolutionize energy markets by providing abundant, affordable, and low-emission energy solutions. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms policies. Contact information is not explicitly provided, which may impact user trust. Overall, the website and domain registration indicate a legitimate and transparent business entity with room for improvement in security and compliance documentation.

C

Capital Investment

capitalinvestment.dk

0

Capital Investment is a Danish real estate investment and asset management company specializing in the Greater Copenhagen property market. Established in 2013, it serves international investors seeking exposure to Danish real estate through comprehensive property management, asset management, and letting solutions. The company positions itself as a trusted local partner with deep market knowledge and a commitment to sustainable value creation. Technically, the website is built on WordPress using the Avada theme and integrates modern SEO and analytics tools such as Yoast SEO, Google Tag Manager, and Hotjar. The site is mobile optimized and provides a professional user experience with clear navigation and branding consistency. Security-wise, the website uses HTTPS with good SSL configuration but lacks advanced security headers and explicit security policies or incident response contacts. Privacy compliance is addressed with a privacy and cookie policy including a consent mechanism, though GDPR compliance details are basic. Overall, the website reflects a credible and professional business presence with room for improvement in security and compliance transparency.

W

WellPerform

wellperform.com

0

WellPerform is a specialized consultancy and engineering firm operating primarily in the energy sector, offering services in well management, drilling and completion engineering, exploration, and development operations. Their portfolio includes projects in Oil & Gas, Geothermal, Carbon Capture Storage, and Salt Cavern wells, serving over 100 international clients with more than 600 completed projects. The company also provides recruitment services tailored to the energy industry. Technically, the website is built on Webflow and integrates modern web technologies such as Lottie animations, Cookiebot for cookie consent, and live chat tools, reflecting a moderate to good digital maturity. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms but lacks published privacy and terms of service policies, which are critical for compliance and trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the professional content and contact details suggest a legitimate business presence. Overall, the website is well-designed and functional but would benefit from enhanced transparency and compliance documentation.

A

Absalon & Co

absalon-co.dk

0

Absalon & Co is a Danish real estate advisory company specializing in bridging the gap between the property and retail sectors by offering services focused on optimizing retail leases and enhancing property values. The company emphasizes a holistic and independent advisory approach, targeting property owners, buyers, sellers, and developers. The website is professionally designed using the One.com Web Editor platform and hosted on One.com infrastructure, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enabled but lacking security headers and privacy policies, which impacts compliance and trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content is accessible and professional. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and security.

C

c-bed.nl

c-bed.nl

0

The website c-bed.nl is currently a parked domain with minimal content primarily consisting of advertising blocks and a domain sales iframe. There is no active business presence or clear service offering visible on the site. The WHOIS data provided is inconsistent, showing a domain creation date in the future (2025-05-11), which suggests placeholder or inaccurate registration information. The site lacks HTTPS, security headers, and any meaningful privacy or cookie consent mechanisms, indicating a low level of technical and security maturity. Overall, the site does not present trustworthy or professional business information and appears to be monetizing traffic through advertising rather than providing direct services or products.

L

Lexsos

lexsos.dk

0

Lexsos operates a website hosted on the Squarespace platform, targeting a Danish audience with multilingual support via Weglot. The site presents a professional design with clear navigation but lacks detailed business descriptions and contact information. The technical infrastructure is modern, leveraging standard web technologies including jQuery and Cookiebot for cookie consent management. Security posture is solid with HTTPS and HSTS enabled, though additional security headers could enhance protection. Privacy compliance is addressed through a comprehensive cookie consent mechanism, but a dedicated privacy policy page is not explicitly found. The absence of WHOIS data limits domain legitimacy verification, posing a moderate risk. Overall, the website is functional and moderately secure but would benefit from enhanced transparency and business information.

M

MESSAGE

message.dk

0

MESSAGE.dk is an established Danish e-commerce retailer specializing in trendy clothing, shoes, and accessories. Operating since 1997, it serves primarily Danish consumers through its official online shop. The website leverages an enterprise-grade Sitecore Commerce platform and integrates multiple advanced marketing and analytics tools such as Google Analytics, Microsoft Clarity, Visual Website Optimizer, and Klaviyo, indicating a mature digital infrastructure. The site enforces HTTPS and provides a comprehensive cookie consent mechanism aligned with GDPR requirements, enhancing user privacy and compliance. However, the absence of explicit terms of service, visible contact information, and security headers suggests areas for improvement in legal completeness and security hardening.