Security Directory

M

Medarbejder- og Kompetencestyrelsen

medst.dk

0

Medarbejder- og Kompetencestyrelsen is a Danish government agency under the Ministry of Finance focused on labor agreements, HR education, and development activities within the public sector. The agency provides tools, advisory services, and regulatory information to state employers and HR professionals. The website serves as an authoritative platform for state HR matters, offering educational programs, circulars, and practical tools. Technically, the site is built on the Umbraco CMS platform, uses modern JavaScript libraries such as Swiper.js for UI components, and integrates Cookiebot for cookie consent management. However, the site suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines secure HTTPS access. Other security best practices such as HSTS, DNSSEC, and security headers are absent, indicating room for improvement in security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent SSL remediation to ensure secure user interactions.

S

Statens Administration

statens-adm.dk

0

Statens Administration is a Danish government entity providing centralized administrative services focusing on payroll, accounting, reimbursement, and support portals for public sector organizations. The website reflects a professional government service portal with clear navigation and relevant content for its target audience. Technically, the site uses Umbraco CMS and integrates third-party analytics and search tools, but suffers from a critical security flaw due to the absence of a valid SSL certificate, impacting HTTPS availability. Privacy compliance is well addressed with Cookiebot consent management and comprehensive cookie and privacy policies. The security posture is weak due to missing HTTPS and security headers, posing risks to user data confidentiality and integrity. Overall, the site is functional and trustworthy but requires urgent security improvements to meet modern standards.

S

Statens It

statens-it.dk

0

Statens It is a Danish government IT organization established in 2008, providing a range of IT services including workplace solutions, security, IT operations, servicedesk, and development of shared services primarily for public sector entities. The website reflects a mature and consistent government presence with clear contact information and compliance with GDPR through comprehensive privacy and cookie policies. Technically, the site uses modern tools such as Cookiebot for consent management and Cludo for search functionality, and is built on the Umbraco CMS platform. However, the security posture is weakened by the absence of a valid SSL certificate and HTTPS support, lack of security headers, and missing DNSSEC, which are critical for protecting user data and ensuring secure communications. The domain registration data aligns well with the official government entity, showing a long-standing and legitimate presence.

T

Trees for the Future

trees2024impact.org

0

Trees for the Future is a well-established non-profit organization dedicated to sustainable agroforestry and land restoration, as evidenced by their 2024 Impact Report website. The organization focuses on empowering farmers in challenging environments through their Forest Garden Approach, which promotes environmental restoration, food security, and economic growth. The website demonstrates a strong market position with notable recognitions such as the UN World Restoration Flagship Award and a clear commitment to community and environmental impact. Technically, the website is built using modern technologies like Framer and supports secure protocols such as TLS 1.3, but it suffers from slow load times and lacks some advanced security features like HSTS and OCSP stapling. Security posture is good with no critical vulnerabilities detected, but privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy, though it would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

The website statens-tilskudspuljer.dk currently serves a 404 Not Found error page, indicating that the content is inaccessible or missing. There is no visible business information, metadata, or user-facing content to analyze. The domain is mature, registered since 2017, and shows no suspicious WHOIS patterns, but the lack of domain protection and DNSSEC is a minor concern. Technically, the site lacks HTTPS support and security headers, which significantly impacts its security posture and trustworthiness. Overall, the site is not operational in its current state, limiting any meaningful business or security analysis.

4

404 Siden blev ikke fundet

perst.dk

0

The website at perst.dk currently serves only a 404 error page indicating that the requested content is not found. There is no business or service information available on the site. The domain is mature, registered since 2000, and associated with Statens IT infrastructure in Denmark, suggesting it is an institutional or government-related domain. The technical infrastructure includes a proxy server, valid SPF and DMARC email policies, and TLS 1.2 with a strong cipher suite, but lacks modern SSL/TLS features such as HSTS, OCSP stapling, and TLS 1.3. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available on the page. No analytics or tracking technologies are detected, indicating minimal user tracking.

Ø

Økonomistyrelsen

oes.dk

0

Økonomistyrelsen is a Danish government agency focused on economic management, public procurement, and digital solutions for state institutions. It serves as a key authority supporting efficient public sector operations and financial governance. The website reflects a mature government entity with a clear focus on providing guidance, advisory services, and digital support to public institutions. The agency maintains a professional online presence with detailed content and official contact information. Technically, the site uses Umbraco CMS and integrates third-party tools like Cookiebot for consent management and Cludo for search functionality. Performance is moderate, and accessibility and SEO are well addressed. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Email authentication via SPF and DMARC is properly configured, enhancing email security. Overall, the site is trustworthy and compliant with GDPR, but urgent improvements in SSL/TLS implementation are necessary to enhance security posture and user trust.

Naalakkersuisut.gl is the official government website of Greenland, serving as the primary portal for government news, departmental information, and public resources. The site targets Greenlandic citizens, government officials, and media, providing authoritative and up-to-date information about governmental activities and services. The business model is public service oriented, with a focus on transparency and communication. Technically, the website employs standard web technologies including JavaScript and CSS, and uses Matomo for analytics. The site is moderately performant and mobile-optimized, but lacks modern security implementations such as HTTPS and security headers, which significantly impacts its security posture. From a security perspective, the absence of a valid SSL certificate and HTTPS support is a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies were found, indicating gaps in compliance with GDPR and other privacy regulations. The site does not display any incident response or security policies, which could affect trust and readiness for security events. Overall, while the website fulfills its role as a government information portal with good content quality and user experience, the lack of fundamental security measures and privacy compliance lowers its trustworthiness and exposes it to risks. Strategic improvements in security infrastructure and privacy transparency are recommended to enhance user trust and regulatory compliance.

O

Oqaasileriffik

kukkuniiaat.gl

0

Oqaasileriffik operates the website kukkuniiaat.gl, providing the Greenlandic spell checker tool Kukkuniiaat. This service supports multiple office platforms including Google Docs, Microsoft Office, Adobe InDesign, LibreOffice, and Apache OpenOffice, targeting Greenlandic language users and institutions. The organization is a government language secretariat, positioning itself as the official provider of Greenlandic language technology and resources. The website content is well-structured, multilingual, and professionally presented, supporting accessibility and user engagement. Technically, the website employs modern front-end technologies such as Bootstrap 5 and jQuery, hosted by Hosting.gl ApS. It integrates Matomo and Google Analytics for user tracking and performance monitoring. However, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Performance is moderate with a page load time of approximately 4.5 seconds and a moderate number of resources. From a security perspective, the absence of HTTPS and modern TLS protocols significantly undermines user data protection and trust. While SPF and DMARC records are correctly configured for email security, the lack of security headers, HSTS, and OCSP stapling further weakens the security posture. Privacy compliance is basic with a privacy policy present but lacking explicit GDPR compliance statements or cookie consent mechanisms. Overall, the website is functional and credible but requires urgent security improvements, especially SSL/TLS deployment, to protect users and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing security headers, and enhancing privacy compliance to meet regulatory standards.

O

Oqaasileriffik

nutserut.gl

0

Nutserut is a specialized online platform operated by Oqaasileriffik, the Language Secretariat of Greenland, providing machine translation and language learning tools focused on the Greenlandic language. The website offers multiple AI-based translation methods and educational annotation tools aimed at language learners, translators, and researchers interested in Greenlandic. The service is positioned as a niche governmental resource with a clear public service mission. Technically, the website employs modern frontend technologies including Bootstrap 5.3, jQuery, and Matomo analytics. However, the site suffers from slow load times and lacks HTTPS support due to an invalid or missing SSL certificate, which significantly impacts security and user trust. The site is hosted via Hosting.gl ApS with DNS managed through Google Domains, reflecting a stable infrastructure. From a security perspective, the absence of HTTPS and security headers presents a critical vulnerability, exposing users to potential data interception risks. No privacy or cookie policies are present, indicating poor privacy compliance. Analytics tools are used without visible privacy disclosures, and no incident response or security policy information is provided. The domain registration is mature and consistent with the governmental nature of the site, supporting legitimacy. Overall, while the website provides valuable language services with good content and business credibility, its security posture is weak and privacy compliance is lacking. Strategic improvements in SSL deployment, security headers, and privacy policies are essential to enhance trust and protect users.

O

Oqaasileriffik

ordbog.gl

0

Oqaasileriffik operates as the official Language Secretariat of Greenland, providing comprehensive Greenlandic dictionaries and language resources online. The website serves a niche audience including Greenlandic speakers, researchers, and students, offering multiple historical and modern dictionaries in Greenlandic, Danish, and English. The business model is non-commercial and government-supported, positioning it as a key language resource provider in Greenland. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, and SQL.js, and supports a Progressive Web App for offline access. However, performance is slow with a high page load time and large page size. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, and missing security headers, which significantly impacts user trust and data protection. Privacy compliance is minimal, with no privacy or cookie policies present, and moderate user tracking via Matomo and Google Tag Manager. Overall, the site is legitimate and consistent with its stated purpose but requires urgent improvements in security and privacy to enhance trust and compliance.

S

Statsministeriet

stm.dk

0

Statsministeriet.dk is the official website of the Danish Prime Minister's Office, serving as a primary information portal for government activities, press releases, speeches, and legislative programs. The site targets Danish citizens, government officials, media, and international visitors interested in Denmark's executive branch. It operates as a government public service entity with a large organizational footprint and a mature digital presence dating back over 30 years. Technically, the website uses modern web technologies including React and the Umbraco CMS, hosted via Sitnet infrastructure. The site demonstrates good content quality, clear navigation, and accessibility features, with moderate performance metrics. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks. From a security perspective, the site benefits from properly configured SPF and DMARC email policies, reducing spoofing risks. Yet, the lack of DNSSEC, security headers, HSTS, and TLS support significantly weakens its security posture. Privacy compliance is well addressed with accessible privacy and cookie policies, though no active cookie consent mechanism is present. Overall, the site is trustworthy and authoritative but requires urgent security improvements, especially regarding HTTPS implementation and enhanced transport security measures, to protect user data and maintain government digital trust.

e-Boks Group operates Denmark's leading digital mailbox platform, serving millions of users with secure digital post and document management services. The company is well-established, owned by reputable parent companies Nets and PostNord, and targets both private individuals and businesses. Their platform supports secure communication with public authorities and private entities, leveraging MitID for authentication and providing mobile app access for convenience. Technically, the website employs modern JavaScript frameworks and integrates Cookiebot for privacy compliance, but critically lacks a valid SSL certificate, exposing users to security risks. The absence of HTTPS and security headers significantly lowers the security posture score. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a strong commitment to user privacy. Overall, the website is professionally designed with excellent content quality and user experience, but urgent improvements in SSL/TLS configuration and security headers are necessary to enhance trust and security.

Oqaasileriffik is the official Greenlandic Language Secretariat, providing authoritative language resources, terminology, and policy information primarily for the Greenlandic language. The website serves as a central hub for language tools, dictionaries, news, and educational materials targeting Greenlandic speakers, researchers, and government stakeholders. The organization operates as a governmental or non-profit entity focused on language preservation and development. Technically, the website is built on WordPress with Elementor and several plugins, including multilingual support via WPML. The infrastructure uses Apache on Ubuntu, but suffers from critical SSL issues with an invalid certificate and no modern TLS protocols enabled, which undermines secure communications. Performance data is limited, but the site appears content-rich and mobile-optimized with basic accessibility features. Security posture is weak due to the invalid SSL certificate, lack of HSTS, missing security headers, and absence of vulnerability disclosure or security policies. Privacy compliance is minimal, with no visible privacy or cookie policies. Contact information is clearly provided, including email, phone, and physical address, along with active social media channels. Overall, the site is functional and content-rich but requires urgent improvements in SSL configuration, security best practices, and privacy compliance to enhance trust and protect users. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS, publishing privacy and cookie policies, and implementing security headers and vulnerability disclosure mechanisms.

The website acquiaacademy.com appears to be a learning management platform powered by Docebo technologies, hosted on AWS infrastructure. However, the current accessible content is minimal, showing only a loading spinner with no visible business or user content, indicating the site is either blocked, under maintenance, or improperly configured. The technical infrastructure includes modern Docebo UI components but lacks proper SSL/TLS configuration, resulting in no HTTPS availability. Security headers are partially present but critical HTTPS enforcement and HSTS are missing, exposing the site to potential security risks. No privacy, cookie, or terms of service policies are detectable, and no contact information is available, which impacts trust and compliance. Overall, the site’s security posture is weak due to missing SSL and inaccessible content, and the business credibility is low based on the available data.

Sullissivik.gl is the official government portal for public services in Greenland, targeting both citizens and businesses. It provides a centralized platform for accessing self-service forms, information on cultural, housing, equality, and transport topics, and digital communication channels. The site is primarily in Greenlandic with options for Danish and English, reflecting its public service nature. The portal is positioned as a key digital interface for government-citizen interaction in Greenland. Technically, the site uses modern JavaScript libraries, SVG icons, and integrates Matomo analytics for user tracking. However, the site suffers from a critical lack of a valid SSL certificate and HTTPS enforcement, which severely impacts its security posture. No advanced security headers or policies are detected, and privacy compliance is basic with only a cookie policy present. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and build trust.

S

Statistikbanken

statistikbanken.dk

0

Statistikbanken.dk is a Danish government-operated statistical data platform providing access to statistical tables and datasets relevant to researchers, policymakers, and the public. The website serves as an official national statistics repository, offering free access to data but currently presents minimal content with an outdated technical implementation. The site uses legacy HTML frameset technology and lacks modern web design and accessibility features. Technically, the site is hosted via one.com with DNS and mail services properly configured but lacks HTTPS encryption, exposing users to insecure connections. Security posture is weak with no SSL certificate, no security headers, and no DNSSEC, which poses risks to data integrity and user privacy. No privacy or cookie policies are present, indicating non-compliance with GDPR and related regulations. Overall, the site is functional but outdated and insecure, requiring urgent improvements in security and privacy compliance to protect users and enhance trust.

D

Digitaliseringsstyrelsen

mitid-erhverv.dk

0

MitID Erhverv is a Danish government digital identity platform designed to provide secure access for businesses, associations, and authorities to self-service portals such as tax reporting and digital post. The website is professionally designed with clear navigation and content targeted at organizational users in Denmark. The platform is operated under the Digitaliseringsstyrelsen, reflecting a strong government affiliation and trustworthiness. Technically, the site uses a custom CMS likely related to NemLog-in and is hosted by Sitnet, with moderate performance and good mobile optimization. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security flaw. No modern TLS protocols or security headers are implemented, exposing users to potential risks. Privacy and cookie policies are present and comprehensive, supporting GDPR compliance, but no explicit security or incident response policies are published. Overall, the site is functional and credible but requires urgent security improvements to protect user data and maintain trust.

S

Statens It

govcloud.dk

0

Statens It operates GovCloud, a specialized cloud service platform designed to host governmental applications and data securely within Denmark. The service targets public sector organizations, offering cloud infrastructure hosted in Danish data centers. The website reflects a government-affiliated entity with clear contact information and a focus on compliance with privacy regulations, including GDPR. However, the absence of a valid SSL certificate undermines secure communications, which is a critical security gap. Technically, the site uses modern web technologies including Umbraco CMS, responsive design, and Cookiebot for cookie consent management. Performance is moderate, and accessibility features are adequately implemented. Analytics are minimal and privacy-conscious, using Silktide analytics and Cookiebot tracking pixels. Security posture is weak due to the lack of HTTPS, missing security headers, and absence of DNSSEC and CAA records. No explicit security or incident response policies are published. The domain registration is consistent with the business identity, showing a mature domain age and no suspicious discrepancies. Overall, the site is professional and trustworthy from a business perspective but requires urgent improvements in SSL deployment and security hardening to protect user data and maintain trust.

D

Danmarks Statistik

dst.dk

0

Danmarks Statistik is the central authority responsible for collecting, processing, and publishing official statistics about Danish society. As a government entity, it holds a strong market position as the authoritative source of statistical data in Denmark, serving researchers, government agencies, businesses, and the general public. The website provides comprehensive statistical data, thematic articles, and support services for data reporters and customers. Technically, the site employs modern JavaScript libraries such as jQuery and uses Monsido for accessibility and analytics. However, the website suffers from a critical security weakness due to the absence of a valid SSL certificate and lack of HTTPS, which significantly impacts its security posture. Other security features like HSTS, DNSSEC, and security headers are also missing, indicating room for improvement in securing the digital infrastructure. Privacy compliance is well addressed with comprehensive privacy and cookie policies, and the site demonstrates good mobile optimization and accessibility. Overall, while the business credibility and content quality are high, the technical and security shortcomings reduce the overall risk profile and user trust. Strategic improvements in SSL/TLS implementation and security best practices are recommended to enhance the site's security and user confidence.

Digitaliseringsministeriet is the Danish Ministry of Digitalization, responsible for shaping Denmark's digital future and ensuring inclusive digital transformation across the public sector. The website serves as an official government portal providing information about digitalization policies, news, career opportunities, and contact details. It targets Danish citizens and public sector stakeholders, positioning itself as a national authority in digital governance. The business model is that of a government entity focused on policy leadership and public service delivery. Technically, the site is built on ASP.NET Web Forms with the GoBasic CMS, hosted by Sitnet, and uses standard web technologies including jQuery. While the site is functional and accessible with good mobile optimization and SEO practices, its performance is slow with a load time near 12 seconds, indicating room for optimization. Security posture is adequate with valid SSL, SPF, and DMARC policies, but lacks advanced security headers and HSTS enforcement. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. Overall, the site is trustworthy and professionally maintained, reflecting its government status.

Openprovider is a mature wholesale domain registration and reseller platform established in 2002, offering domain names, SSL certificates, and Plesk licenses primarily to resellers, digital agencies, and web hosting providers. The company positions itself as a cost-effective platform with automated services and membership plans tailored to different business sizes. Technically, the website is built on modern frameworks such as Next.js and hosted on Vercel, indicating a contemporary digital infrastructure. However, the site lacks a valid SSL certificate, which is a critical security flaw that undermines user trust and data protection. Security headers are implemented, but the absence of TLS protocols and other security best practices like DNSSEC and DMARC reduces the overall security posture. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms. The WHOIS data confirms the domain's legitimacy and maturity, though domain protection locks are not enabled. Overall, the site demonstrates good business credibility and technical sophistication but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

Security assessment incomplete. Successfully analyzed: emailSecurity, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2, sslTls. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

Digitaliseringsstyrelsen

digst.dk

0

Digitaliseringsstyrelsen is the Danish government agency responsible for leading the digital transformation of Denmark, aiming to simplify daily life for citizens and businesses while supporting public authorities in delivering quality services. The agency operates a comprehensive website offering information on digital solutions such as MitID, Digital Post, and various support services, targeting both citizens and businesses. The site reflects a strong government presence with clear contact details and compliance with privacy regulations. Technically, the website uses modern tools like Cookiebot for consent management and analytics platforms such as Matomo and Siteimprove, but suffers from a lack of valid SSL certificates and slow load times, which negatively impact security and user experience. Security posture is weak due to missing HTTPS, lack of security headers, and no DNSSEC, although SPF and DMARC are properly configured. Overall, the site is trustworthy and authoritative but requires urgent improvements in security infrastructure to protect user data and enhance trust.

P

Polyteknisk Boghandel og Forlag A/S

polyteknisk.dk

0

Polyteknisk Boghandel og Forlag A/S operates a specialized Danish bookstore focusing on technical and scientific literature, serving students and professionals primarily in education and construction sectors. The company has a mature market presence with a well-structured e-commerce platform complemented by physical stores. Their digital infrastructure incorporates modern marketing and analytics tools, including Google Tag Manager, Facebook Pixel, and Sleeknote, alongside a comprehensive cookie consent mechanism ensuring GDPR compliance. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly undermines user trust and data security. Performance is suboptimal with slow load times and large page sizes, though mobile responsiveness and accessibility are adequately addressed. The business demonstrates strong credibility through clear contact information, certifications like E-mærke, and positive Trustpilot reviews. Strategic improvements in security posture and technical optimization are recommended to enhance overall risk management and user confidence.

C

Convesio

convesio.nl

0

Convesio.nl is a specialized managed WordPress hosting provider focused on delivering scalable, high-performance hosting solutions using innovative Docker container technology. The company targets business-critical WordPress websites including WooCommerce shops, membership sites, and e-learning platforms, emphasizing automatic scaling, speed, and security. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. Technically, the site leverages modern web technologies including WordPress CMS, GeneratePress theme, and integrates with Google and Amazon cloud platforms. Security posture is adequate with HTTPS and TLS 1.3 support, but lacks advanced configurations such as HSTS, DMARC, and OCSP stapling, which are recommended for improvement. Privacy compliance is strong with a comprehensive cookie policy and GDPR consent mechanisms. Overall, the site presents a credible and trustworthy business with room for security enhancements.

RHnet (Rannsókna og háskólanet Íslands hf.) is an Icelandic company founded in 2001 to provide high-speed network connectivity for universities and research institutions in Iceland. It connects these institutions to international research and education networks such as NORDUnet, facilitating academic collaboration and data exchange. The website primarily serves as an informational portal about RHnet's services, network status, and related academic events. The target audience includes academic and research organizations within Iceland. Technically, the website is a simple static HTML and CSS site with minimal resources and moderate load times. It lacks modern web technologies, CMS, or advanced frameworks. Mobile optimization and accessibility are basic, and SEO features are minimal. The site does not use HTTPS, which is a significant technical and security shortcoming. From a security perspective, the site has no valid SSL certificate, no HTTPS support, and lacks security headers such as HSTS or Content-Security-Policy. There are no detected vulnerabilities like Heartbleed or POODLE, but the absence of HTTPS and security headers exposes users to risks. No privacy or cookie policies are present, and no contact or incident response information is provided, indicating low privacy compliance and security maturity. Overall, RHnet's website provides essential information about the organization but falls short in security and privacy best practices. The lack of HTTPS and security policies are critical issues that should be addressed to improve trust and compliance. The domain registration data aligns well with the organization's profile, supporting legitimacy. Strategic improvements in security posture and privacy compliance are recommended to enhance the website's professionalism and user trust.

D

Danish e-Infrastructure Consortium (DeiC)

deic.dk

0

DeiC (Danish e-Infrastructure Consortium) is a government-affiliated consortium established in 2011 that provides critical e-infrastructure services to Danish universities and research institutions. Their offerings include high-performance computing, data management, quantum infrastructure, and research network connectivity. The organization targets academic and research communities in Denmark, positioning itself as a national leader in research infrastructure. The website reflects a mature and professional digital presence with comprehensive content and clear navigation, built on Drupal 9 with modern web technologies. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no proper HTTPS support. This significantly impacts the security posture and user trust. Privacy and cookie policies are well implemented and GDPR compliant, with Matomo analytics used responsibly. Contact information is clearly provided, enhancing business credibility. Overall, DeiC's website demonstrates strong business and content quality but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

Agilera Pharma AS

agilera.no

0

Agilera Pharma AS is a Norwegian-based contract development and manufacturing organization (CDMO) specializing in radio-pharmaceuticals, providing comprehensive services from preclinical development to commercial production and global distribution. The company holds regulatory approvals across major global markets including the USA, Japan, Europe, Latin America, and China, positioning itself as a key player in the healthcare sector focused on cancer medicine. Their website reflects a professional and consistent brand image targeting pharmaceutical companies and researchers worldwide. Technically, the website is built on WordPress and utilizes common web technologies such as jQuery and Swiper.js. However, performance is suboptimal with slow load times and a large page size. Mobile optimization is good, but accessibility features are basic. SEO practices are adequately implemented with proper meta tags and language alternates. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical vulnerability impacting user trust and data security. While SPF and DMARC email security measures are in place, other security headers and best practices are missing. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Overall, the website presents moderate business credibility and good content quality but suffers from critical security shortcomings. Immediate remediation of SSL/TLS issues is essential to improve security posture and user trust. Strategic enhancements in performance and security headers would further strengthen the site’s resilience and professionalism.

Security assessment incomplete. Successfully analyzed: emailSecurity, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2, sslTls. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

P

Partnership for European Environmental Research

peer.eu

0

The website peer.eu represents the Partnership for European Environmental Research (PEER), a collaborative network focused on environmental research and sustainable development. The site targets researchers and policymakers, providing information on research projects, publications, and strategic research areas. The business model centers on knowledge sharing and policy support within the environmental research sector. Technically, the site is built on TYPO3 CMS with a professional design and structured content, but suffers from moderate performance and lacks a valid SSL certificate, which is a critical security flaw. The security posture is weak due to the absence of HTTPS, security headers, and modern TLS protocols. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is limited to a contact form, with no direct emails or phone numbers provided. Overall, the site is credible but requires urgent security improvements to protect user data and enhance trust.

I

IFE, Institute for Energy Technology

ife.no

0

IFE, Institute for Energy Technology, is a Norwegian research institute specializing in energy and nuclear technology. The organization focuses on research and development, innovation, and managing technology properties, serving researchers, industry partners, and students. The website reflects a medium-sized, established entity with ISO certifications and a clear presence in the energy sector. Technically, the site is built on WordPress with modern SEO and cookie consent implementations but suffers from slow performance and lacks a valid SSL certificate, which impacts security. The security posture is basic with HSTS enabled but missing critical SSL configurations and OCSP stapling. Privacy compliance is strong with GDPR-aligned cookie consent and a comprehensive privacy policy. Contact information and social media presence enhance business credibility. Overall, the site is professional but requires improvements in security and performance to enhance trust and user experience.

W

WEBCRUITER AS

talentech.io

0

Talentech.io is a technology-focused B2B SaaS platform operated by WEBCRUITER AS, a Norwegian company founded in 2019. The platform aims to build a powerful talent ecosystem and streamline HR processes through automation, targeting HR professionals and organizations. The website demonstrates a professional design with consistent branding and uses modern frontend technologies such as Bootstrap and Font Awesome Pro. It is hosted on Microsoft Azure infrastructure and integrates Microsoft Application Insights for monitoring. However, the website lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Additionally, no privacy, cookie, or terms of service policies are present, indicating gaps in compliance and user trust. Contact information is limited to a login form without direct emails or phone numbers. Overall, the site shows moderate digital maturity but requires significant improvements in security and privacy compliance to enhance trust and protect user data.

C

CIENS

ciens.no

0

CIENS is a prominent Norwegian research community specializing in environment, climate, and societal studies, composed of several reputable research institutes. The website serves as an information hub for their collaborative projects, events, and partner institutions. Technically, the site is built on WordPress with SEO optimizations via Yoast and uses Google Analytics for visitor tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The absence of security headers and cookie consent mechanisms further weakens its security and privacy posture. Business information is clear but limited to physical address and partner mentions, with no direct contact emails or phone numbers provided. Overall, the site is functional but requires significant security and privacy improvements to meet modern standards.

N

Nofim AS

nofima.com

0

Nofima is a Norwegian government-affiliated research institute specializing in applied research within fisheries, aquaculture, and food systems. It serves a broad audience including industry actors, research partners, and public sector entities. The organization is large with over 380 employees and is positioned as a leading institute in its sector in Norway. The website reflects a professional and comprehensive digital presence with rich content, structured navigation, and multilingual support. Technically, the site is built on WordPress with modern libraries and plugins, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS, lack of security headers, and absence of DMARC and DNSSEC configurations. Privacy compliance is partial, with privacy and cookie policies present but no active consent mechanism. Overall, the site is trustworthy and credible but requires urgent security improvements to protect user data and enhance trust.

T

Talentech

reachmee.com

0

Talentech operates a mature and comprehensive recruitment and HR SaaS platform targeting growing companies and public sector organizations primarily in Sweden and the Nordic region. The platform offers integrated recruitment, onboarding, HR management, and AI-driven decision support services, positioning itself as a top-ranked solution with a large user base and extensive customer testimonials. Technically, the website is built on WordPress with common SEO and performance plugins, but suffers from a critical lack of a valid SSL certificate and slow page load times, which negatively impact security and user experience. Privacy policies and GDPR compliance are well addressed, with clear cookie and terms of service pages. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Overall, while the business and content quality are strong, the security posture requires urgent improvement to meet modern standards.

The website framcentre.com currently hosts only a minimal placeholder page redirecting visitors to a default web hosting page, indicating that the site is either under construction or inactive. The domain is registered with a reputable registrar and has a mature age of 6 years, but the lack of meaningful content or business information on the site limits its digital presence and credibility. Technically, the site lacks a valid SSL certificate and does not support any TLS protocols, which severely impacts its security posture and trustworthiness. Although HSTS is configured, it is ineffective without HTTPS. There are no privacy or cookie policies, contact information, or security incident response details available on the site. Overall, the site’s security posture is weak, and the absence of content and policies suggests it is not currently operational as a business website.

M

MD non public school coalition organization

marylandboost.org

0

Maryland BOOST Scholarship Coalition is a small non-profit organization advocating for and supporting the Maryland BOOST scholarship program, which provides educational options to income-eligible children in Maryland. The website serves as an informational and advocacy platform targeting parents, educators, and concerned citizens in Maryland. It promotes scholarship applications and encourages legislative support. Technically, the site is built on WordPress using the Astra theme, with common analytics and tracking tools such as Google Analytics and Facebook Pixel. However, the site suffers from a lack of HTTPS/SSL configuration, resulting in a poor security posture. There are no privacy or cookie policies present, and security best practices such as security headers and DMARC are missing. Overall, the site is functional with good content quality and user experience but requires significant improvements in security and privacy compliance to enhance trust and protect users.

Serving Our Children is a non-profit organization operating the D.C. Opportunity Scholarship Program, providing private school scholarships to K-12 families in Washington D.C. The organization has an established market presence with over 10 years of domain age and a mature scholarship program. The website serves as an informational and application portal for families and schools, offering resources, application forms, and contact channels. Technically, the site is built on WordPress with multiple plugins supporting multilingual content, event management, and forms. However, the site lacks a valid SSL certificate, which severely impacts security posture and user trust. Tracking and analytics tools are implemented but without visible cookie consent mechanisms, raising privacy compliance concerns. Contact information is clearly presented, enhancing business credibility.

Kelly Services operates myKelly.com as a regional job portal focused on serving job seekers located in the United States, Canada, and Puerto Rico. The website primarily functions as an informational gateway, directing users outside these regions to other Kelly job portals globally. Kelly Services is a well-established staffing and recruitment company with a mature domain and global presence. The website content is basic but consistent with the company's business model and target audience. From a technical perspective, the website is hosted on Amazon AWS infrastructure and uses basic HTML and CSS without advanced frameworks or CMS detected. Performance is slow relative to the small page size, and mobile optimization is basic but functional. No analytics or tracking technologies were detected, indicating minimal digital marketing or user tracking. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, lack of security headers, and missing DNS and email security configurations such as DNSSEC and DMARC. These issues present significant risks to user data confidentiality and trust. Privacy compliance is poor, with no privacy or cookie policies found, and no GDPR compliance indicators. Overall, the website is functional but lacks critical security and privacy features. The domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic improvements in security, privacy compliance, and performance are recommended to enhance user trust and regulatory adherence.

R

Rotunda Software

ministryschedulerpro.com

0

Ministry Scheduler Pro is a specialized software solution designed to simplify church volunteer scheduling, targeting churches and ministries. The company, Rotunda Software, positions itself as a trusted provider with over 3,800 churches using its services. The platform offers automated scheduling, communication tools, and a mobile app to enhance volunteer engagement. Technically, the website employs modern JavaScript libraries, analytics, and animation technologies, hosted on AWS infrastructure. However, the absence of HTTPS and security headers significantly undermines the security posture, exposing users to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the business credibility is strong, supported by testimonials and a clear market focus, but urgent security improvements are necessary to protect users and maintain trust.

C

Cass County Memorial Hospital

casshealth.org

0

Cass Health is a mature healthcare provider organization based in the United States, specifically serving southwest Iowa. The website reflects a medium-sized rural hospital with a strong community focus, offering a wide range of medical services including specialty clinics, obstetrics, and rapid care. The organization is well-established with a domain age of 26 years and multiple awards that reinforce its market position and trustworthiness. Technically, the website is built on WordPress with modern front-end frameworks and integrates third-party services such as Algolia for search and Google Tag Manager for analytics. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. Privacy and cookie policies are not found, indicating potential compliance issues. The site includes contact information and social media links, supporting user engagement but lacks explicit security or incident response policies. Overall, while the business and content quality are strong, the security posture and privacy compliance require urgent improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Polaria is a well-established Arctic experience center located in Tromsø, Norway, with a strong focus on education, sustainability, and family-friendly tourism. The organization operates a physical center featuring aquariums, seal exhibits, guided tours, and a panoramic cinema, supported by ticket sales and an online store. The website is built on WordPress, hosted on WP Engine with Google Cloud infrastructure, and uses modern web technologies including multilingual support via Weglot. While the site content and business information are comprehensive and professionally presented, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy policies are present but cookie consent mechanisms are lacking, indicating partial compliance with GDPR requirements. The domain is mature and legitimate, with consistent WHOIS data and multiple certifications that reinforce trust. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture and user trust.

N

Norwegian Geotechnical Institute (NGI)

ngi.no

0

The Norwegian Geotechnical Institute (NGI) operates a professional and content-rich website focused on geotechnical research, consulting, and education primarily serving Norwegian and international engineering and environmental sectors. The site offers detailed information on their research areas, projects, and career opportunities, targeting professionals, researchers, and students in geotechnical and environmental fields. Technically, the website uses modern JavaScript frameworks, Azure Application Insights, Matomo analytics, and is hosted behind Cloudflare, with Episerver CMS indications. However, a critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, severely impacting secure communications and trust. Privacy and cookie policies are implemented with consent mechanisms, but no explicit terms of service or security policy pages were found. Contact information includes a verified company email but lacks explicit phone numbers or physical addresses in the HTML content. Social media presence is active across major platforms. Overall, the website is professionally designed and functional but requires urgent security improvements to meet modern standards.

N

Norsk institutt for naturforskning

nina.no

0

Norsk institutt for naturforskning (NINA) is a well-established independent research foundation in Norway focused on nature and the interaction between nature and society. The organization provides research, environmental monitoring, consulting, and evaluation services with a multidisciplinary team of natural and social scientists. Their website reflects a mature digital presence with rich content including news, blogs, and service information targeting researchers, policymakers, and the public interested in biodiversity and sustainability. Technically, the site is built on the DNN CMS platform using ASP.NET and integrates several third-party modules and services. However, the website suffers from a critical security shortfall due to the lack of a valid SSL certificate and proper HTTPS configuration, exposing users to potential risks. Privacy compliance is basic with no visible cookie consent mechanisms, and no explicit security or incident response policies are published. Overall, the site is credible and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

iFram is a specialized website operated by Framsenteret Drift a/s, serving as an information hub for researchers and users involved in the Fram Centre research cooperation in Norway. The site provides comprehensive details about research programs, projects, meetings, and funding opportunities, targeting a niche audience of research professionals and stakeholders. The business operates within the government and non-profit sectors, focusing on research support and knowledge dissemination. Technically, the website is built on WordPress with common libraries such as jQuery and Bootstrap, but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The absence of a valid SSL certificate and security best practices significantly impacts the site's security posture, exposing it to potential risks. Privacy compliance is minimal, with no active consent mechanisms despite the presence of a cookie policy. Overall, the site demonstrates moderate business credibility but requires urgent security and privacy improvements to enhance trust and compliance.

F

Framsenteret Drift AS

framforum.com

0

Framforum is a specialized online publication operated by Framsenteret Drift AS, focusing on climate, environment, and people in the High North, particularly the Arctic region. The website serves as a communication platform for research notes, profiles, retrospectives, and editorials related to Arctic environmental research, targeting researchers, journalists, and interested public. The business operates as a non-profit entity with a clear affiliation to the Fram Centre, a recognized research center in Norway. Technically, the website is built on WordPress, utilizing common web technologies such as jQuery, Font Awesome, and Google Fonts, with Matomo and Google Tag Manager for analytics. However, the site suffers from a critical security shortfall: it lacks a valid SSL certificate and does not serve content over HTTPS, which undermines user trust and data security. While HSTS is enabled, it is ineffective without proper SSL/TLS configuration. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect users and enhance trust.

D

Direktoratet for høyere utdanning og kompetanse

diku.no

0

Direktoratet for høyere utdanning og kompetanse (HK-dir) is a Norwegian government agency responsible for national administration and policy implementation in higher education, vocational education, and competence development. Established in 2021 through a merger of several agencies, it serves as a key authority in Norway's education sector, providing services such as career guidance, foreign education recognition, funding programs, and statistical reporting. The website targets professionals and stakeholders in education and workforce development within Norway. Technically, the website is built using modern web technologies including Next.js and Sanity CMS, with integration of Google Fonts and Siteimprove Analytics. The site is well-structured, mobile-optimized, and provides good accessibility and SEO features. However, performance is moderate with a load time of approximately 5.8 seconds. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. No security headers or advanced TLS configurations are present, exposing the site to potential risks. Privacy compliance is strong, with a comprehensive GDPR-compliant privacy policy and clear contact information. No cookie consent mechanism or terms of service were found. Overall, while the business and content aspects are solid and trustworthy, the lack of HTTPS and proper SSL configuration significantly lowers the security posture and overall risk rating. Immediate remediation of SSL/TLS issues is recommended to protect user data and enhance trust.