Security Directory

E

efficy

tribecrm.dk

0

Tribe CRM, operated by efficy, is a modern, AI-enhanced CRM platform designed to support businesses in sales, marketing, customer service, and project management. The platform targets medium-sized businesses seeking flexible and integrated CRM solutions with advanced automation and AI capabilities. The website demonstrates a professional and consistent brand presence with comprehensive content and multilingual support. Technically, the site is built on WordPress with several marketing and analytics integrations, including Piwik PRO, Google Analytics, and VWO, indicating a mature digital marketing approach. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. The site implements GDPR-compliant privacy and cookie policies with a robust consent mechanism, reflecting good privacy practices. Overall, while the business and content aspects are strong, the security posture requires urgent improvement to meet modern standards.

E

efficy

tribecrm.nl

0

Tribe CRM is a Dutch-based SaaS company offering a customizable CRM platform integrated with AI features, targeting businesses seeking to grow customer loyalty and optimize sales and marketing processes. The company operates under the parent company efficy and has a mature domain with consistent registration data. Technically, the website is built on WordPress with modern marketing and analytics tools such as Piwik PRO, Cookiebot, and VWO, supporting multiple languages and SEO best practices. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support and lack of security headers, which significantly impacts the security posture. Privacy compliance is well addressed with comprehensive cookie and privacy policies and consent mechanisms. Overall, the website presents a professional and trustworthy business front but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

APSIS Pro is a mature email marketing and newsletter management platform with a regional focus in Asia and international presence. The website provides login access to its platform and detailed support contact information for Hong Kong, Singapore, and international customers. The business operates on a SaaS model targeting business users requiring email marketing solutions. Technically, the site uses older JavaScript libraries and is hosted on Amazon AWS infrastructure but suffers from slow load times and lacks modern web performance optimizations. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, no security headers, and missing advanced security configurations, although SPF and DMARC email protections are properly configured. Privacy and cookie policies are not present, indicating compliance gaps. WHOIS data confirms a long-established domain with strong registration protections, supporting business legitimacy. Overall, the site requires urgent improvements in security and privacy compliance to meet modern standards.

E

efficy

efficy.com

0

efficy is a leading European CRM software provider offering modular, GDPR-compliant solutions tailored to businesses of all sizes. The company emphasizes flexible, scalable platforms that centralize customer data, automate sales, and enhance customer engagement. With a strong market presence and over 13,500 customers, efficy positions itself as a trusted partner in the CRM and marketing automation space. The website reflects a mature digital infrastructure with advanced analytics and A/B testing capabilities, although performance optimization is needed due to slow load times. Security posture is currently weak due to an invalid SSL certificate and lack of modern TLS protocols, which poses a critical risk. Privacy compliance is well addressed with comprehensive cookie and privacy policies, including a consent mechanism. Overall, the site demonstrates professionalism and trustworthiness but requires urgent security improvements.

C

Civilstyrelsen

lovtidende.dk

0

Lovtidende.dk is the official Danish government platform for publishing laws and regulations, managed by Civilstyrelsen. It serves as a critical resource for government officials, legal professionals, and the public to access official legal documents. The website provides structured access to legal publications and links to other official government legal information portals. Technically, the site is built using modern frontend technologies such as React and employs SVG icons and CSS-in-JS styling. However, the site suffers from significant security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. The site also lacks security headers and cookie consent mechanisms, although it claims not to use cookies. Overall, the website is content-rich and professionally presented but requires urgent security improvements to protect user data and ensure trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2, sslTls. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

APSIS

apsis.no

0

APSIS operates a modern marketing platform, Apsis One, focused on AI-driven email marketing and automation to help businesses grow through personalized customer experiences. The platform integrates multiple marketing tools including email, SMS, surveys, and event management, targeting marketers and enterprises seeking an all-in-one solution. The website is professionally designed using Drupal 10 and integrates popular marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, demonstrating a mature digital marketing infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policy or incident response information is provided. Overall, the site is content-rich and credible but requires urgent security improvements to protect user data and maintain trust.

A

APSIS

apsis.dk

0

APSIS is a Denmark-based technology company specializing in AI-driven email marketing and marketing automation solutions through its flagship platform, Apsis One. The platform offers a comprehensive suite of marketing tools including email marketing, AI assistant, SMS marketing, CRM, and integrations designed to empower marketers to create personalized and data-driven customer experiences. The company operates under the parent company Efficy and serves a medium-sized market segment with a strong focus on seamless user experience and advanced marketing capabilities. Technically, the website is built on Drupal 10 and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, the website currently suffers from a critical security issue due to an invalid or missing SSL certificate and lack of modern TLS protocol support, which significantly impacts its security posture. Despite this, the site maintains good privacy and cookie policies with consent mechanisms, and no exposed sensitive data was detected. Overall, APSIS presents a professional and trustworthy marketing technology provider with room for improvement in its security infrastructure.

A

APSIS

apsis.se

0

APSIS is a Swedish technology company specializing in marketing technology solutions, offering a comprehensive SaaS platform called Apsis One that integrates AI-driven email marketing, marketing automation, SMS marketing, event management, and CRM integrations. The company targets modern marketers and businesses seeking to optimize their digital marketing efforts with data-driven tools. The website is professionally designed, content-rich, and well-structured, providing clear navigation and multiple calls to action such as free trials and demos. Technically, the site uses Drupal 10 CMS and integrates popular marketing and tracking technologies including Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Security headers are present but the absence of TLS protocols and valid certificates significantly lowers the security posture. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms implemented. Contact information is primarily via contact forms; no explicit emails or phone numbers were found. WHOIS data is consistent with the business claims, showing no suspicious registration patterns. Overall, the site demonstrates good business credibility and privacy compliance but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

A

APSIS

apsis.com

0

Apsis is a Swedish-based technology company providing a comprehensive AI-driven marketing platform called Apsis One. The platform offers tools for email marketing, marketing automation, SMS, surveys, forms, event management, and CRM integrations, targeting marketers and businesses seeking to optimize customer engagement and campaign effectiveness. The website is professionally designed with excellent content quality and clear navigation, supporting a strong market position in the marketing technology sector. Technically, the site uses Drupal 10 CMS and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the security posture. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policies or incident response information is found. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness.

C

Civilstyrelsen

statstidende.dk

0

Statstidende.dk is an official Danish government website operated by Civilstyrelsen under the Ministry of Justice. It serves as the official publication platform for legally mandated notices, allowing users to search, read, subscribe to, and submit official announcements. The site targets Danish citizens and organizations required to publish legal notices, positioning itself as a critical government information service. Technically, the site is built using modern JavaScript frameworks such as React and Webpack, providing a responsive and user-friendly interface. However, performance is suboptimal with a slow load time and large page size, indicating potential optimization opportunities. From a security perspective, the site lacks a valid SSL certificate and HTTPS support, which is a critical vulnerability for any public-facing website, especially a government platform. Additionally, no security headers or incident response policies are evident, and cookie consent mechanisms are absent, raising compliance concerns. Overall, while the business credibility and content quality are strong due to official government backing, the technical and security posture require urgent improvements to ensure user trust and regulatory compliance.

U

UVdata A/S

uvdata.dk

0

UVdata A/S is a Danish software company specializing in providing comprehensive software solutions for private and free schools, afterschools, and educational institutions in Denmark. Their product portfolio includes school management systems, payroll solutions, guidance software, and time management tools, positioning them as a key player in the Danish education technology sector. The company operates under the parent company KMD, enhancing its market credibility and reach. The website content is well-structured, primarily in Danish, and targets educational institutions with relevant services and support information. Technically, the website is built on WordPress using the Avada theme and integrates several JavaScript libraries and plugins, including Matomo for analytics. However, the site suffers from performance issues with slow load times and a large number of resources. Security-wise, the website lacks a valid SSL certificate, serving content without HTTPS, which is a critical vulnerability. Additionally, it lacks essential security headers and advanced SSL features such as HSTS and OCSP stapling. Privacy compliance is addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Overall, while the business and content aspects are strong and credible, the technical and security posture require significant improvements to ensure user trust and data protection.

S

Sekoia

sekoia.dk

0

Sekoia is a Danish healthcare software company providing a specialized app for care centers and social service providers to improve planning, documentation, and communication. The company is well-established with a mature domain and a clear market position supported by integrations with KMD Nexus and usage by multiple municipalities. The website is built on WordPress with modern marketing and analytics tools integrated, including consent management for GDPR compliance. However, the site currently lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are well implemented, and contact information is clearly presented. Overall, the business demonstrates good digital maturity but requires urgent security improvements to meet modern standards.

B

Banqsoft AS

banqsoft.com

0

Banqsoft AS is a medium-sized Norwegian company specializing in financial software solutions for the Nordic market, focusing on asset finance, digital banking, and credit management. The company offers comprehensive software suites and add-on services designed to digitize and optimize financial operations for its clients. Banqsoft holds recognized certifications such as ISO 14001 and ISO 27001, underscoring its commitment to sustainability and information security. The website reflects a professional and consistent brand presence with good content quality and user experience.

E

Edlund A/S

edlund.dk

0

Edlund A/S is a Danish company specializing in flexible software solutions and consulting services for the life and pension insurance sector. Established in 1998, the company offers modular standard software and expert consulting to help clients modernize and optimize their insurance administration systems. The website reflects a professional and consistent brand presence targeting Danish life and pension companies. Technically, the site uses ASP.NET with Umbraco CMS, modern JavaScript modules, and is hosted behind Cloudflare. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. Privacy and cookie policies are present with consent mechanisms, and contact information is comprehensive. Analytics and marketing tools are actively used, indicating a moderate level of user tracking. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

NEC Corporation operates a comprehensive global website showcasing its leadership in ICT, 5G, AI, biometrics, and digital government solutions. The company targets global enterprises and governments, offering advanced technology and consulting services. The website content is rich, professionally designed, and well-structured, reflecting NEC's enterprise-level market position. Technically, the site uses modern JavaScript libraries, Akamai CDN, and Adobe tag management, indicating a mature digital infrastructure. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability for a global technology company. Privacy and cookie policies are present and GDPR compliant, supporting good privacy practices. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

C

Civilstyrelsen

civilstyrelsen.dk

0

Civilstyrelsen is a Danish government agency under the Ministry of Justice, responsible for ensuring the fundamental principles of the rule of law. The agency provides a wide range of public services including legal aid, permissions for property acquisition, compensation claims, and oversight of various legal and administrative functions. The website targets Danish citizens, legal professionals, and organizations requiring governmental legal services. It operates as an official government entity with a medium organizational size and a consistent brand presence. The content is well-structured and relevant, supporting the agency's mission and services effectively. Technically, the website is built on the GoBasic CMS platform with jQuery and uses embedded Vimeo videos. Hosting appears to be on cloud infrastructure with IPv4 and IPv6 addresses. However, the website suffers from slow performance with a load time exceeding 15 seconds and a relatively large page size. Mobile optimization and accessibility are good, but SEO optimization is basic. The site lacks modern security configurations, notably missing a valid SSL certificate and HTTPS support, which is a critical vulnerability. From a security perspective, the absence of HTTPS and TLS protocols, lack of security headers, and missing DNS security features expose the site to potential risks. No incident response or vulnerability disclosure mechanisms are evident. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Contact information is clearly provided, enhancing trust and credibility. Overall, while the website serves its governmental purpose with good content and user experience, the critical lack of HTTPS and modern security measures significantly lowers its security posture and trustworthiness. Addressing these issues is paramount to protect user data and maintain public trust.

K

KMD A/S

kmd.dk

0

KMD A/S is a leading Danish IT and software company specializing in delivering comprehensive IT solutions to the public sector and businesses, with a strong focus on sectors such as energy, education, healthcare, and government. The company operates as a subsidiary of NEC Corporation and offers a broad portfolio of services including HR and payroll systems, data analytics, electronic document management, IT security, and SAP services. The website reflects a mature, well-established enterprise with extensive content and a professional digital presence. Technically, the website utilizes modern web technologies including ASP.NET, JavaScript modules, and is hosted behind Cloudflare with Umbraco CMS. It employs multiple security headers and analytics tools such as Google Analytics and Siteimprove. However, the absence of a valid SSL certificate and lack of enabled TLS protocols represent significant security weaknesses that must be addressed to ensure secure communications. From a security perspective, the site has implemented strong security headers and a strict DMARC policy, indicating good email security practices. Yet, the invalid SSL configuration and missing modern TLS support severely impact the overall security posture. Privacy compliance is well managed with clear privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, KMD's website demonstrates high business credibility and professionalism but requires urgent remediation of its SSL/TLS configuration to protect user data and maintain trust. Strategic improvements in security infrastructure will enhance the company's risk management and compliance stance.

U

Ubivox Technologies ApS

ubivox.com

0

Ubivox Technologies ApS operates a GDPR-compliant SaaS platform specializing in newsletters, email campaigns, and transactional emails, targeting companies, webshops, and governmental institutions primarily in Denmark. The company has a strong market presence with over 1,000 clients including notable Danish government bodies. Their platform emphasizes user-friendliness, legal compliance, and integration capabilities with over 1,000 external systems. Technically, the website is built on WordPress with the Avada theme and incorporates modern JavaScript libraries and marketing tools such as Matomo, Facebook Pixel, and LinkedIn Insight Tag. Security measures include TLS 1.3 support and OCSP stapling, though improvements like enabling HSTS and DNSSEC are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, with a moderate to good security posture and strong business credibility.

APSIS Pro operates as a specialized platform focused on email marketing and newsletter management, serving a broad Nordic and Hong Kong customer base. The company is part of the Efficy group and maintains regional support offices with dedicated contact points, indicating a medium-sized, established business with a clear B2B SaaS model. The website content is minimal but functional, primarily providing login access and customer support information. Technically, the site is hosted on AWS and uses legacy JavaScript libraries, with moderate performance and basic SEO and accessibility features. However, the absence of a valid SSL certificate and HTTPS support severely undermines the security posture, exposing users to risks and reducing trust. No privacy or cookie policies are present, indicating compliance gaps. The domain is mature and well-registered, supporting the legitimacy of the business. Strategic improvements in security, privacy compliance, and modernization of the technology stack are recommended to enhance trust and operational resilience.

D

Danish Research Institute for Economic Analysis and Modelling

dreamgruppen.dk

0

DREAMgruppen.dk represents the Danish Research Institute for Economic Analysis and Modelling, an independent institution specializing in economic modeling and analysis of the Danish economy. The organization offers a suite of economic and demographic models and provides services such as policy evaluation, custom analyses, and training. The website is professionally designed with comprehensive content targeting public and private sector stakeholders interested in economic data-driven decision making. Technically, the site is built on ASP.NET with GoBasic CMS and uses jQuery, but suffers from slow load times and lacks modern security implementations such as HTTPS. Security posture is weak due to the absence of a valid SSL certificate, no TLS protocols enabled, and missing security headers, which poses a significant risk to user data and trust. Privacy compliance is adequate with clear privacy and cookie policies, though no explicit consent mechanism is observed. Overall, the site is credible and trustworthy from a business perspective but requires urgent security improvements to protect visitors and maintain institutional reputation.

M

Medarbejder- og Kompetencestyrelsen

medst.dk

0

Medarbejder- og Kompetencestyrelsen is a Danish government agency under the Ministry of Finance focused on labor agreements, HR education, and development activities within the public sector. The agency provides tools, advisory services, and regulatory information to state employers and HR professionals. The website serves as an authoritative platform for state HR matters, offering educational programs, circulars, and practical tools. Technically, the site is built on the Umbraco CMS platform, uses modern JavaScript libraries such as Swiper.js for UI components, and integrates Cookiebot for cookie consent management. However, the site suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines secure HTTPS access. Other security best practices such as HSTS, DNSSEC, and security headers are absent, indicating room for improvement in security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent SSL remediation to ensure secure user interactions.

S

Statens Administration

statens-adm.dk

0

Statens Administration is a Danish government entity providing centralized administrative services focusing on payroll, accounting, reimbursement, and support portals for public sector organizations. The website reflects a professional government service portal with clear navigation and relevant content for its target audience. Technically, the site uses Umbraco CMS and integrates third-party analytics and search tools, but suffers from a critical security flaw due to the absence of a valid SSL certificate, impacting HTTPS availability. Privacy compliance is well addressed with Cookiebot consent management and comprehensive cookie and privacy policies. The security posture is weak due to missing HTTPS and security headers, posing risks to user data confidentiality and integrity. Overall, the site is functional and trustworthy but requires urgent security improvements to meet modern standards.

S

Statens It

statens-it.dk

0

Statens It is a Danish government IT organization established in 2008, providing a range of IT services including workplace solutions, security, IT operations, servicedesk, and development of shared services primarily for public sector entities. The website reflects a mature and consistent government presence with clear contact information and compliance with GDPR through comprehensive privacy and cookie policies. Technically, the site uses modern tools such as Cookiebot for consent management and Cludo for search functionality, and is built on the Umbraco CMS platform. However, the security posture is weakened by the absence of a valid SSL certificate and HTTPS support, lack of security headers, and missing DNSSEC, which are critical for protecting user data and ensuring secure communications. The domain registration data aligns well with the official government entity, showing a long-standing and legitimate presence.

B

Briteweb - B Corp Creative Agency Dedicated to Social Change

briteweb.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 8 high-priority issues should be addressed promptly. Total of 30 security findings identified across all modules.

T

Trees for the Future

trees2024impact.org

0

Trees for the Future is a well-established non-profit organization dedicated to sustainable agroforestry and land restoration, as evidenced by their 2024 Impact Report website. The organization focuses on empowering farmers in challenging environments through their Forest Garden Approach, which promotes environmental restoration, food security, and economic growth. The website demonstrates a strong market position with notable recognitions such as the UN World Restoration Flagship Award and a clear commitment to community and environmental impact. Technically, the website is built using modern technologies like Framer and supports secure protocols such as TLS 1.3, but it suffers from slow load times and lacks some advanced security features like HSTS and OCSP stapling. Security posture is good with no critical vulnerabilities detected, but privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy, though it would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

The website statens-tilskudspuljer.dk currently serves a 404 Not Found error page, indicating that the content is inaccessible or missing. There is no visible business information, metadata, or user-facing content to analyze. The domain is mature, registered since 2017, and shows no suspicious WHOIS patterns, but the lack of domain protection and DNSSEC is a minor concern. Technically, the site lacks HTTPS support and security headers, which significantly impacts its security posture and trustworthiness. Overall, the site is not operational in its current state, limiting any meaningful business or security analysis.

4

404 Siden blev ikke fundet

perst.dk

0

The website at perst.dk currently serves only a 404 error page indicating that the requested content is not found. There is no business or service information available on the site. The domain is mature, registered since 2000, and associated with Statens IT infrastructure in Denmark, suggesting it is an institutional or government-related domain. The technical infrastructure includes a proxy server, valid SPF and DMARC email policies, and TLS 1.2 with a strong cipher suite, but lacks modern SSL/TLS features such as HSTS, OCSP stapling, and TLS 1.3. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available on the page. No analytics or tracking technologies are detected, indicating minimal user tracking.

Ø

Økonomistyrelsen

oes.dk

0

Økonomistyrelsen is a Danish government agency focused on economic management, public procurement, and digital solutions for state institutions. It serves as a key authority supporting efficient public sector operations and financial governance. The website reflects a mature government entity with a clear focus on providing guidance, advisory services, and digital support to public institutions. The agency maintains a professional online presence with detailed content and official contact information. Technically, the site uses Umbraco CMS and integrates third-party tools like Cookiebot for consent management and Cludo for search functionality. Performance is moderate, and accessibility and SEO are well addressed. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Email authentication via SPF and DMARC is properly configured, enhancing email security. Overall, the site is trustworthy and compliant with GDPR, but urgent improvements in SSL/TLS implementation are necessary to enhance security posture and user trust.

Naalakkersuisut.gl is the official government website of Greenland, serving as the primary portal for government news, departmental information, and public resources. The site targets Greenlandic citizens, government officials, and media, providing authoritative and up-to-date information about governmental activities and services. The business model is public service oriented, with a focus on transparency and communication. Technically, the website employs standard web technologies including JavaScript and CSS, and uses Matomo for analytics. The site is moderately performant and mobile-optimized, but lacks modern security implementations such as HTTPS and security headers, which significantly impacts its security posture. From a security perspective, the absence of a valid SSL certificate and HTTPS support is a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies were found, indicating gaps in compliance with GDPR and other privacy regulations. The site does not display any incident response or security policies, which could affect trust and readiness for security events. Overall, while the website fulfills its role as a government information portal with good content quality and user experience, the lack of fundamental security measures and privacy compliance lowers its trustworthiness and exposes it to risks. Strategic improvements in security infrastructure and privacy transparency are recommended to enhance user trust and regulatory compliance.

Trees for the Future is a well-established nonprofit organization dedicated to land restoration and sustainable agriculture in developing communities worldwide. The organization is recognized as a United Nations World Restoration Flagship, highlighting its leadership in ecosystem restoration efforts. Their business model relies on donations, corporate partnerships, and community engagement to support farmers and combat hunger, poverty, and environmental degradation. The website effectively communicates their mission, impact, and opportunities for involvement, targeting donors, environmental advocates, and strategic partners. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and various marketing and fundraising tools. While the site is well-structured, mobile-optimized, and SEO-friendly, it suffers from slow load times and lacks a valid SSL certificate, which is a critical security deficiency. The absence of HTTPS and security headers exposes the site and its users to potential risks. From a security perspective, the site has significant vulnerabilities including no active SSL/TLS encryption, no HSTS, no DNSSEC, and no security headers. Although privacy and cookie policies are present with consent mechanisms, the site uses multiple third-party trackers which may impact user privacy. The domain is mature and protected by privacy proxy services, which is justified for a nonprofit entity. Overall, the security posture is weak and requires urgent improvements. The overall risk assessment indicates a trustworthy and professional nonprofit with excellent content and business credibility but with critical security gaps. Strategic recommendations include immediate SSL deployment, enhanced security headers, DNS security improvements, and a formal vulnerability disclosure policy to strengthen trust and compliance.

G

GetWhy A/S

preely.com

0

Preely is a Denmark-based technology company offering a SaaS platform focused on enhancing product decision-making through remote user testing and continuous discovery. Their platform supports testing of prototypes across devices and integrates AI (ChatGPT) for advanced test analysis. The company targets product teams, UX professionals, and businesses seeking efficient user feedback mechanisms. The website demonstrates a professional presence with trusted clients and active social media engagement. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging Cloudflare for DNS and CDN services. It employs standard marketing and analytics tools including Google Analytics, Facebook Pixel, and Cookiebot for GDPR-compliant cookie management. While the SSL certificate is valid, the site lacks advanced security headers and HSTS, and performance metrics indicate a slower load time. Security posture is moderate with no critical vulnerabilities detected, but improvements are recommended in HTTP security headers and DNSSEC implementation. Privacy compliance is strong, supported by a comprehensive privacy policy and cookie consent mechanism. Business credibility is reinforced by clear company information, testimonials, and client logos. Overall, Preely presents a trustworthy and functional online presence with room for technical and security enhancements to further strengthen its posture and user trust.

O

Oqaasileriffik

kukkuniiaat.gl

0

Oqaasileriffik operates the website kukkuniiaat.gl, providing the Greenlandic spell checker tool Kukkuniiaat. This service supports multiple office platforms including Google Docs, Microsoft Office, Adobe InDesign, LibreOffice, and Apache OpenOffice, targeting Greenlandic language users and institutions. The organization is a government language secretariat, positioning itself as the official provider of Greenlandic language technology and resources. The website content is well-structured, multilingual, and professionally presented, supporting accessibility and user engagement. Technically, the website employs modern front-end technologies such as Bootstrap 5 and jQuery, hosted by Hosting.gl ApS. It integrates Matomo and Google Analytics for user tracking and performance monitoring. However, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Performance is moderate with a page load time of approximately 4.5 seconds and a moderate number of resources. From a security perspective, the absence of HTTPS and modern TLS protocols significantly undermines user data protection and trust. While SPF and DMARC records are correctly configured for email security, the lack of security headers, HSTS, and OCSP stapling further weakens the security posture. Privacy compliance is basic with a privacy policy present but lacking explicit GDPR compliance statements or cookie consent mechanisms. Overall, the website is functional and credible but requires urgent security improvements, especially SSL/TLS deployment, to protect users and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing security headers, and enhancing privacy compliance to meet regulatory standards.

O

Oqaasileriffik

nutserut.gl

0

Nutserut is a specialized online platform operated by Oqaasileriffik, the Language Secretariat of Greenland, providing machine translation and language learning tools focused on the Greenlandic language. The website offers multiple AI-based translation methods and educational annotation tools aimed at language learners, translators, and researchers interested in Greenlandic. The service is positioned as a niche governmental resource with a clear public service mission. Technically, the website employs modern frontend technologies including Bootstrap 5.3, jQuery, and Matomo analytics. However, the site suffers from slow load times and lacks HTTPS support due to an invalid or missing SSL certificate, which significantly impacts security and user trust. The site is hosted via Hosting.gl ApS with DNS managed through Google Domains, reflecting a stable infrastructure. From a security perspective, the absence of HTTPS and security headers presents a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies are present, indicating poor privacy compliance. Analytics tools are used without visible privacy disclosures, and no incident response or security policy information is provided. The domain registration is mature and consistent with the governmental nature of the site, supporting legitimacy. Overall, while the website provides valuable language services with good content and business credibility, its security posture is weak and privacy compliance is lacking. Strategic improvements in SSL deployment, security headers, and privacy policies are essential to enhance trust and protect users.

O

Oqaasileriffik

ordbog.gl

0

Oqaasileriffik operates as the official Language Secretariat of Greenland, providing comprehensive Greenlandic dictionaries and language resources online. The website serves a niche audience including Greenlandic speakers, researchers, and students, offering multiple historical and modern dictionaries in Greenlandic, Danish, and English. The business model is non-commercial and government-supported, positioning it as a key language resource provider in Greenland. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, and SQL.js, and supports a Progressive Web App for offline access. However, performance is slow with a high page load time and large page size. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, and missing security headers, which significantly impacts user trust and data protection. Privacy compliance is minimal, with no privacy or cookie policies present, and moderate user tracking via Matomo and Google Tag Manager. Overall, the site is legitimate and consistent with its stated purpose but requires urgent improvements in security and privacy to enhance trust and compliance.

The website lovgivning.gl serves as an official Greenland government portal providing access to Greenlandic legislation and administrative regulations. It targets residents and legal professionals in Greenland, primarily Danish-speaking users, offering a searchable legal database and updates on recent laws. The site is operated under the Greenland Self-Government authority, with hosting and domain registration managed by Modulo ApS, a Danish registrar. The content is professionally presented with consistent branding and clear navigation, supporting a medium-sized government service model founded in 2008. Technically, the site uses modern frontend technologies including Vue.js and JavaScript, with a moderate performance profile and good mobile optimization. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall. The site lacks security headers, HSTS, and DNSSEC, which exposes it to potential risks. No analytics or tracking tools are detected, indicating minimal user tracking and a privacy-respecting approach, though no formal privacy or cookie policies are published. From a security perspective, the site’s lack of HTTPS and security best practices significantly lowers its security posture score. The domain is mature and consistent with official government use, enhancing trustworthiness. However, the absence of incident response contacts, security policies, and vulnerability disclosures suggests room for improvement in security governance. Overall, the site is functional and credible as a government resource but requires urgent security enhancements to protect user data and ensure trust. Strategic recommendations include immediate implementation of HTTPS with a valid SSL certificate, enabling security headers and DNSSEC, publishing privacy and cookie policies to comply with GDPR, and establishing clear incident response channels. These steps will improve security, compliance, and user trust, aligning the site with best practices for government digital services.

S

Statsministeriet

stm.dk

0

Statsministeriet.dk is the official website of the Danish Prime Minister's Office, serving as a primary information portal for government activities, press releases, speeches, and legislative programs. The site targets Danish citizens, government officials, media, and international visitors interested in Denmark's executive branch. It operates as a government public service entity with a large organizational footprint and a mature digital presence dating back over 30 years. Technically, the website uses modern web technologies including React and the Umbraco CMS, hosted via Sitnet infrastructure. The site demonstrates good content quality, clear navigation, and accessibility features, with moderate performance metrics. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks. From a security perspective, the site benefits from properly configured SPF and DMARC email policies, reducing spoofing risks. Yet, the lack of DNSSEC, security headers, HSTS, and TLS support significantly weakens its security posture. Privacy compliance is well addressed with accessible privacy and cookie policies, though no active cookie consent mechanism is present. Overall, the site is trustworthy and authoritative but requires urgent security improvements, especially regarding HTTPS implementation and enhanced transport security measures, to protect user data and maintain government digital trust.

B

Breinify Inc.

breinify.ai

0

Breinify Inc. operates a mature AI-powered personalization platform targeting D2C marketers in e-commerce, retail, grocery, and CPG sectors. The company offers omnichannel personalization solutions that automate consumer engagement across web, email, SMS, app, and APIs. The website is professionally designed, content-rich, and demonstrates strong branding consistency with trust signals such as customer testimonials and industry recognitions. Technically, the site is built on HubSpot CMS with modern marketing and analytics tools integrated, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy, although no terms of service or explicit security policies are found. The domain registration is consistent with the business information, indicating legitimacy. Overall, the site presents a credible business front but requires urgent security improvements to protect user data and enhance trust.

N

Namminersorlutik Oqartussat

nalunaarutit.gl

0

The website 'nalunaarutit.gl' serves as the official Greenland government portal for legislative announcements and legal notifications. It provides access to government-issued legal documents and updates primarily targeted at Greenlandic citizens, legal professionals, and government officials. The site offers search functionality to locate specific legislative texts and maintains a consistent government branding with official logos and domain usage. Technically, the site is built using Vue.js and custom CSS, delivering a moderate performance experience with a load time of approximately 4.5 seconds. Mobile optimization is good, and the site supports Greenlandic and Danish languages. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. No advanced security headers or privacy policies are present, and no analytics or advertising tools are detected, indicating minimal user tracking. Contact information is clearly provided with an official government email and physical address. Overall, the site is credible as an official government resource but requires urgent security improvements to protect user data and enhance trust.

e-Boks Group operates Denmark's leading digital mailbox platform, serving millions of users with secure digital post and document management services. The company is well-established, owned by reputable parent companies Nets and PostNord, and targets both private individuals and businesses. Their platform supports secure communication with public authorities and private entities, leveraging MitID for authentication and providing mobile app access for convenience. Technically, the website employs modern JavaScript frameworks and integrates Cookiebot for privacy compliance, but critically lacks a valid SSL certificate, exposing users to security risks. The absence of HTTPS and security headers significantly lowers the security posture score. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a strong commitment to user privacy. Overall, the website is professionally designed with excellent content quality and user experience, but urgent improvements in SSL/TLS configuration and security headers are necessary to enhance trust and security.

Oqaasileriffik is the official Greenlandic Language Secretariat, providing authoritative language resources, terminology, and policy information primarily for the Greenlandic language. The website serves as a central hub for language tools, dictionaries, news, and educational materials targeting Greenlandic speakers, researchers, and government stakeholders. The organization operates as a governmental or non-profit entity focused on language preservation and development. Technically, the website is built on WordPress with Elementor and several plugins, including multilingual support via WPML. The infrastructure uses Apache on Ubuntu, but suffers from critical SSL issues with an invalid certificate and no modern TLS protocols enabled, which undermines secure communications. Performance data is limited, but the site appears content-rich and mobile-optimized with basic accessibility features. Security posture is weak due to the invalid SSL certificate, lack of HSTS, missing security headers, and absence of vulnerability disclosure or security policies. Privacy compliance is minimal, with no visible privacy or cookie policies. Contact information is clearly provided, including email, phone, and physical address, along with active social media channels. Overall, the site is functional and content-rich but requires urgent improvements in SSL configuration, security best practices, and privacy compliance to enhance trust and protect users. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS, publishing privacy and cookie policies, and implementing security headers and vulnerability disclosure mechanisms.

C

Certified Senders Alliance

certified-senders.org

0

Certified Senders Alliance (CSA) is a technology-focused organization operating as a central whitelisting authority for commercial email senders and mailbox providers. Their primary mission is to improve the quality and deliverability of commercial emails such as newsletters, invoices, and order confirmations, while protecting recipients from spam and abuse. CSA offers certification services, monitoring tools, and data insights to help email service providers and senders maintain high reputation and compliance standards. The organization is positioned as a trusted intermediary in the email marketing ecosystem, supported by testimonials from major industry players and operated under the eco Association of the Internet Industry in Germany. Technically, the website is built on WordPress with common web technologies including Bootstrap, jQuery, and Font Awesome. It uses plugins for cookie consent (Borlabs Cookie) and bot protection (hCaptcha). However, the site suffers from a lack of a valid SSL certificate and does not support modern TLS protocols, which is a critical security shortfall. Performance is suboptimal with a slow page load time and a large page size, though mobile optimization and SEO practices are generally good. From a security perspective, the site implements DMARC with reporting and provides abuse contact emails, indicating some level of incident response readiness. However, the absence of HTTPS, security headers, and OCSP stapling significantly weakens the security posture. No explicit security policy or vulnerability disclosure mechanism is found. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, while the business credibility and content quality are strong, the technical and security implementations require urgent improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS, adding security headers, and optimizing site performance.

The website acquiaacademy.com appears to be a learning management platform powered by Docebo technologies, hosted on AWS infrastructure. However, the current accessible content is minimal, showing only a loading spinner with no visible business or user content, indicating the site is either blocked, under maintenance, or improperly configured. The technical infrastructure includes modern Docebo UI components but lacks proper SSL/TLS configuration, resulting in no HTTPS availability. Security headers are partially present but critical HTTPS enforcement and HSTS are missing, exposing the site to potential security risks. No privacy, cookie, or terms of service policies are detectable, and no contact information is available, which impacts trust and compliance. Overall, the site’s security posture is weak due to missing SSL and inaccessible content, and the business credibility is low based on the available data.

B

Breinify Inc.

breinify.com

0

Breinify Inc. operates a sophisticated AI-powered personalization platform targeting D2C marketers in e-commerce, retail, grocery, and CPG sectors. The company positions itself as a trusted partner enabling strategic omnichannel personalization to drive customer engagement and revenue growth. The website is professionally designed, content-rich, and well-branded, reflecting a medium-sized technology company with a strong market presence and reputable client base. Technically, the website is built on HubSpot CMS and leverages modern marketing and analytics tools including Google Analytics 4, Facebook Pixel, and LinkedIn Insight Tag. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. Performance is also suboptimal with a high page load time. Security-wise, the lack of HTTPS and security headers exposes the site to risks and undermines user trust. Privacy compliance is addressed with a cookie consent banner and a comprehensive privacy policy, but no terms of service or explicit security policies are found. Contact information is limited to a contact form with no direct emails or phone numbers. Overall, while the business and content quality are strong, the security deficiencies and slow performance present significant risks. Strategic improvements in SSL deployment, security headers, and site optimization are recommended to enhance trust and compliance.

Sullissivik.gl is the official government portal for public services in Greenland, targeting both citizens and businesses. It provides a centralized platform for accessing self-service forms, information on cultural, housing, equality, and transport topics, and digital communication channels. The site is primarily in Greenlandic with options for Danish and English, reflecting its public service nature. The portal is positioned as a key digital interface for government-citizen interaction in Greenland. Technically, the site uses modern JavaScript libraries, SVG icons, and integrates Matomo analytics for user tracking. However, the site suffers from a critical lack of a valid SSL certificate and HTTPS enforcement, which severely impacts its security posture. No advanced security headers or policies are detected, and privacy compliance is basic with only a cookie policy present. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and build trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

DMARC Advisor

dmarcadvisor.com

0

DMARC Advisor is a specialized technology company focused on providing DMARC and related email security services to businesses primarily in Europe and Africa. Their market position is strong as leading DMARC service experts, offering a comprehensive suite of tools and managed services including DMARC reporting, SPF management, DKIM validation, and BIMI hosting. The company emphasizes protecting domains against email abuse and phishing, targeting organizations that require robust email authentication solutions. Technically, the website is built on WordPress with modern JavaScript frameworks like Vue.js, and integrates various marketing and analytics tools such as Google Tag Manager and Microsoft Clarity. However, the website currently lacks a valid SSL certificate and modern TLS protocol support, which is a critical security gap. The security posture is further impacted by missing DNSSEC and improperly configured CAA records, though DMARC policies are correctly set to reject unauthorized emails. Privacy compliance is well addressed with GDPR-aligned cookie consent mechanisms and a comprehensive privacy policy. Overall, the company demonstrates a professional and trustworthy online presence but should urgently address SSL/TLS and DNS security to enhance trust and security.

S

Statistikbanken

statistikbanken.dk

0

Statistikbanken.dk is a Danish government-operated statistical data platform providing access to statistical tables and datasets relevant to researchers, policymakers, and the public. The website serves as an official national statistics repository, offering free access to data but currently presents minimal content with an outdated technical implementation. The site uses legacy HTML frameset technology and lacks modern web design and accessibility features. Technically, the site is hosted via one.com with DNS and mail services properly configured but lacks HTTPS encryption, exposing users to insecure connections. Security posture is weak with no SSL certificate, no security headers, and no DNSSEC, which poses risks to data integrity and user privacy. No privacy or cookie policies are present, indicating non-compliance with GDPR and related regulations. Overall, the site is functional but outdated and insecure, requiring urgent improvements in security and privacy compliance to protect users and enhance trust.