High-risk security reports

S

Släpis

slapis.se

47

Släpis is a well-established Swedish company specializing in providing a comprehensive range of spare parts and accessories for trucks and trailers. Founded in 1966 and operating as part of the BPW Aftermarket Group, Släpis serves primarily B2B customers such as fleet operators and transport companies. Their website reflects a mature digital presence with detailed product categories, technical documentation, and an integrated webshop. The company maintains a consistent brand image and offers multilingual content primarily in Swedish. Technically, the site is built on WordPress with modern plugins like Elementor and Yoast SEO, ensuring good SEO and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are absent. Overall, the website is professional, trustworthy, and aligns well with the company's business claims and history.

S

Söderhamns kommun

soderhamn.se

48

Söderhamns kommun operates as the official municipal government website for the Söderhamn region in Sweden, providing a broad range of public services including education, social care, environmental management, traffic regulation, cultural activities, business support, and political information. The website targets residents, businesses, and visitors seeking municipal information and services. It holds a strong position as a local government authority with a comprehensive service offering tailored to community needs. Technically, the website leverages the SiteVision CMS platform, integrates modern JavaScript libraries such as jQuery and React, and employs accessibility tools like Browsealoud and ReachDeck to enhance user experience. The site is mobile-optimized, SEO-friendly, and includes cookie consent mechanisms aligned with GDPR requirements. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, uses cookie consent banners, and avoids exposing sensitive data. However, it lacks explicit security headers and detailed security or incident response policies. The presence of CSRF tokens is noted but requires validation. No critical vulnerabilities or blocking mechanisms were detected, indicating a solid security posture for a public sector website. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. Strategic improvements in security headers, explicit policy documentation, and continuous monitoring of third-party scripts would further strengthen its security and compliance stance.

S

Svenska LantChips AB

lantchips.com

43

Svenska LantChips AB is a Swedish snack food manufacturer specializing in organic and traditional potato chips, operating since 1991. The company emphasizes quality ingredients sourced from Swedish farms, environmental sustainability including fossil-free frying, and social responsibility through support of SOS Children’s Villages. Their product portfolio includes tortilla chips, sweet potato chips, and various flavored crisps, targeting consumers seeking premium, locally produced snacks. The website reflects a medium-sized, family-owned business with consistent branding and a strong social media presence. Technically, the website is built on WordPress using modern Gutenberg blocks and plugins such as Getwid and Slick Carousel. It integrates Google Analytics for visitor tracking and embeds YouTube videos for rich media content. The site is mobile optimized with good user experience and navigation clarity, although accessibility features are basic. Performance is moderate with room for improvement. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers and a vulnerability disclosure mechanism. No privacy or cookie policies are present, which impacts compliance with GDPR and privacy best practices. Contact information is clearly provided, but incident response and security policies are absent. Overall, the security posture is adequate but could be enhanced with additional controls and transparency. The overall risk assessment indicates a legitimate and professional business with minor compliance and security gaps. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, adding security headers, publishing a security.txt file, and enhancing incident response readiness to improve trust and regulatory compliance.

E

Elnitec Scandinavia AB

elnitec.se

49

Elnitec Scandinavia AB is a Swedish company specializing in supplying production equipment for cable and electronics manufacturers. The company positions itself as a regional supplier offering personalized service and tailored solutions by leveraging partnerships with leading equipment providers. Their website reflects a focused B2B business model targeting producers in the manufacturing sector, particularly in cable and electronics production. The site is well-structured with clear navigation and responsive design, supporting a good user experience. Technically, the website uses modern web technologies including Bootstrap 4, jQuery, and Slick Carousel, hosted on a custom CMS platform. Security posture is adequate with HTTPS enforced and a cookie consent mechanism in place, though it lacks explicit security headers and published privacy or security policies. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness.

F

FOSSi Foundation

fossi-foundation.org

48

The FOSSi Foundation is a small, international non-profit organization dedicated to promoting and protecting the open source silicon chip movement. It serves as a custodian for the Free and Open Source Silicon community, organizing key events such as Latch-Up and ORConf, publishing a monthly newsletter, and fostering collaboration among developers and contributors. The foundation's website reflects a strong community focus with clear navigation, professional design, and mobile optimization. Technically, the site is built using modern frameworks like Nuxt.js and Vue.js, hosted likely on Netlify, and employs efficient performance and accessibility practices. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks some security headers and formal policies such as privacy and cookie policies, which are important for compliance and trust. Overall, the website is trustworthy and professional, though it would benefit from enhanced privacy compliance and explicit security documentation.

T

triggercompany.com

triggercompany.com

48

The website triggercompany.com currently serves as a parked domain with minimal content primarily focused on displaying related search advertisements. There is no clear business presence, description, or services offered on the site, indicating it is not actively used for commercial or organizational purposes. The technical infrastructure relies on basic HTML, CSS, and JavaScript with integration of Google Adsense and Bodis domain parking services. The site lacks modern CMS or frameworks and shows only basic mobile optimization and accessibility features. Security posture is minimal with no advanced security headers or policies detected, and privacy compliance is weak due to absence of cookie consent mechanisms and limited privacy policy details. Overall, the site presents a low trust profile with no contact or business information, making it unsuitable for professional or commercial engagement.

G

GoDaddy Operating Company, LLC

vanco.co.uk

46

The website vanco.co.uk is a premium domain sales landing page operated by GoDaddy Operating Company, LLC, a leading global domain registrar and aftermarket platform. It offers the domain for sale with options to buy outright, lease to own, or make an offer, supported by secure payment methods and customer support. The site targets businesses and individuals seeking premium domain names and leverages GoDaddy's trusted infrastructure and brand reputation. Technically, the site is built on modern web technologies including React and Next.js, hosted on AWS, and optimized for performance and mobile use. Security posture is strong with HTTPS, security headers, and reCAPTCHA protections, though explicit security and incident response policies are not published on the landing page. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site demonstrates a mature digital presence with good business credibility and trust signals, suitable for its e-commerce domain sales function.

A

AB Halmstads Gummifabrik

hgf.se

42

AB Halmstads Gummifabrik (HGF) is a Swedish manufacturing company specializing in custom rubber products through form casting. Established in 1948, HGF has a strong market position supported by technical expertise and innovative solutions, serving industrial clients with tailored material and design options. The website reflects a mature digital presence using Onclick CMS, jQuery, and modern UI components, with integration of Google Tag Manager and reCAPTCHA for analytics and security. Security posture is adequate with HTTPS and bot protection, but lacks explicit security headers and incident response policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy, supported by consistent WHOIS data indicating long-term legitimacy.

Infant Bacterial Therapeutics AB (IBT) is a specialized biopharmaceutical company focused on developing medicines targeting diseases in premature infants and those caused by antibiotic-resistant bacteria. The company emphasizes regulatory compliance with agencies such as the FDA and EMA and conducts clinical studies like 'The Connection Study' to validate its New Biological Entities. The website targets healthcare professionals, investors, and families, providing detailed press releases, investor relations content, and scientific pipeline information. The business operates primarily in Sweden and maintains a small company profile with a clear niche in neonatal healthcare. Technically, the website is built on WordPress with common plugins such as Contact Form 7 and MFN WP Plugin for subscription management. The site uses jQuery 1.9.1 and loads resources from trusted external domains. Performance and mobile optimization are moderate to good, though accessibility features are basic. SEO is implemented at a basic level with meta tags and structured navigation. From a security perspective, the site enforces HTTPS with good SSL configuration but lacks several important security headers. No exposed sensitive data or vulnerabilities were detected in the HTML content. The use of an outdated jQuery version presents a moderate risk. Privacy compliance is partially met with published privacy and cookie policies, but no active cookie consent mechanism is implemented. Contact information is limited to an email address and contact forms, with no phone numbers or physical addresses disclosed. Overall, IBT's website demonstrates a professional and trustworthy online presence with room for improvement in security headers, privacy consent mechanisms, and updating third-party libraries. The WHOIS data aligns well with the business claims, supporting legitimacy. The site is accessible without WAF or blocking mechanisms, enabling full content analysis.

H

Hectronic

hectronic.se

46

Hectronic is a well-established Nordic company specializing in the design and manufacture of embedded computer systems since 1989. Their market position is strong within the industrial technology sector, serving diverse industries such as defense, vehicle, maritime, medical technology, and telecommunications. The company offers custom embedded solutions, OEM services, and R&D expertise, positioning itself as a key innovator in embedded systems. Technically, the website is built on WordPress with modern tracking and analytics tools like Google Tag Manager and Leadfeeder, and it employs GDPR-compliant cookie consent mechanisms. Security-wise, the site uses HTTPS and reCAPTCHA for form protection, though some security headers could be improved. Overall, the website demonstrates a high level of professionalism, good privacy compliance, and a solid security posture, reflecting the company's credibility and maturity in its field.

A

Animal - A house of creativity based in Stockholm.

animal.cc

45

The website animal.cc serves as a minimal placeholder page for a creative agency based in Stockholm, redirecting visitors to a new agency site, Kurppa Hosk Communications. The business focuses on storytelling and product building for brands in the digital age. The site content is very limited, primarily consisting of branding images and a redirect link, indicating a transition or rebranding phase. The technical infrastructure is modern, leveraging Next.js and React frameworks, with optimized font loading and responsive design elements. However, the site lacks comprehensive SEO, accessibility, and privacy features. Security posture is minimal with no visible security headers or explicit HTTPS confirmation in the HTML content. No privacy, cookie, or terms of service policies are present, nor is there any contact information or forms for user engagement. Overall, the site is functional as a redirect but lacks depth in content, security, and compliance.

J

Junction Limited

snowfall.se

44

Junction Limited operates a sophisticated travel technology platform designed to unify the fragmented travel ecosystem. Their flagship product, Junction, offers a single API that connects travel providers, resellers, and partners, enabling seamless distribution, booking, and management of multimodal travel services. The company positions itself as a game-changer in travel sales and management, trusted by leading travel brands globally. Their services include API connectivity, booking tools, AI-powered traveler assistance, and fintech payment solutions, targeting travel companies, corporate travel teams, and travel management companies. Technically, the website leverages modern web technologies including the SvelteKit framework and Google Tag Manager for analytics. The site is well-structured, mobile-optimized, and provides a professional user experience with clear navigation and comprehensive content. Performance is moderate, with good SEO and accessibility considerations. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, Junction Limited presents a credible and professional online presence with a strong business model in the travel technology sector. Strategic improvements in security policy transparency and security header implementation would further enhance their security posture and trustworthiness.

S

Salusansvar

salusansvar.se

36

SalusAnsvar is a Swedish finance-focused informational website providing comprehensive guides and articles on economy, savings, insurance, pension, and legal aspects related to personal finance. The site targets individuals seeking to improve their financial knowledge and make informed economic decisions. Technically, the website is built on WordPress with a modern theme and uses various third-party services for fonts, analytics, and advertising. It demonstrates good digital maturity with mobile optimization, SEO best practices, and accessibility features. Security-wise, the site enforces HTTPS and implements a robust cookie consent mechanism covering numerous ad and tracking vendors, though it lacks some advanced security headers. Overall, the website presents a professional and trustworthy presence with no critical vulnerabilities detected.

S

Sirona Health Solutions

sironagroup.se

34

Sirona Health Solutions is a Scandinavian management consulting firm specializing in healthcare, care, and life science sectors. The company offers strategic consulting services including healthcare analysis, digitalization, governance, change management, project management, and integrated care. Their market position is that of a specialized consultancy focused on improving healthcare outcomes through data-driven insights and strategic governance. The website is built on WordPress with modern plugins and technologies, featuring good SEO and mobile optimization. Security posture is strong with HTTPS, reCAPTCHA on forms, and no exposed sensitive data, though some security headers are missing and cookie consent is not implemented. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and a privacy policy. The domain registration details align well with the business claims, supporting legitimacy.

EasyFill AB is a Swedish publicly listed company specializing in innovative retail shelving solutions designed to optimize store efficiency, reduce food waste, and increase sales. Their flagship products include the TurnLoader™ and RotoShelf® systems, which implement a First In, First Out (FIFO) approach to product replenishment. The company targets retail operators seeking smarter shelving solutions that reduce labor and improve profitability. The website is professionally designed using HubSpot CMS, featuring rich content, customer testimonials, and clear navigation. It is mobile-optimized and incorporates modern web technologies and marketing tools. Security posture is strong with HTTPS enforced and no exposed sensitive data, though some security headers and policies could be improved. Privacy compliance is well addressed with a cookie consent banner and a comprehensive privacy policy. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the website reflects a mature digital presence aligned with the company's market position and business goals.

K

Konkret

concreteit.se

43

Konkret is a Swedish consulting company specializing in AI, modern technology, and leadership solutions to help businesses transform and grow sustainably. Founded in 2001, it operates as a medium-sized firm with 28 employees, serving clients across various sectors with tailored consulting services. The website reflects a professional and modern digital presence, leveraging WordPress CMS with integrations such as Google Tag Manager and reCAPTCHA for analytics and security. The company demonstrates good GDPR compliance through a comprehensive cookie consent mechanism but lacks explicit privacy policy and terms of service on the homepage. Security posture is solid with HTTPS and secure forms, though additional security headers and incident response information could enhance trust. Overall, Konkret presents a credible and trustworthy business with strong branding and clear contact information.

eframe.se is a small Swedish-language blog website publishing diverse articles primarily focused on IPTV troubleshooting, event planning, lifestyle, and product guides. The site uses WordPress with common plugins such as Yoast SEO and Contact Form 7, indicating a standard CMS-based infrastructure. The technical setup is moderate with basic mobile optimization and SEO practices but lacks advanced security configurations. Security posture is limited, with HTTPS enabled but no security headers or privacy policies present, exposing potential compliance and security risks. The domain is privacy-protected and recently registered, with some content dated in the future, which may affect trustworthiness. Overall, the site is functional and content-rich but requires improvements in privacy compliance, security hardening, and business transparency to enhance credibility and user trust.

E

Envoy Communication AB

envoy.se

33

Envoy Communication AB is a Swedish consultancy specializing in digitalization, marketing communication, and web development services. The company positions itself as a strategic partner offering consulting in strategy, content marketing, and cloud computing solutions. Their website reflects a small-sized business with a clear focus on providing tailored digital and communication solutions to other businesses. The site is built on Joomla CMS with UIkit framework, indicating a moderate level of technical maturity and a focus on responsive design and usability. The integration of Google Translate suggests an intent to reach a broader audience beyond Swedish speakers. Security-wise, the website uses HTTPS and obfuscates email addresses to reduce spam, but lacks visible security headers and formal security policies, which could be improved to enhance trust and compliance. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is functional, professional, and moderately secure but would benefit from enhanced privacy and security practices.

Y

Yo Adrian

profil.se

42

Yo Adrian is an independent, award-winning social media agency based in Gothenburg, Sweden, specializing in end-to-end social media marketing and brand growth through culturally relevant content and social brand strategies. The website showcases their key services including ecosystem design, social concept innovation, organic community activations, and social campaigns, targeting brands seeking to enhance their social media presence. The site is professionally designed using Framer, with good content quality and consistent branding, but lacks explicit privacy, cookie, and security policies as well as direct contact information.

T

Trafikförsäkringsföreningen

tff.se

40

Trafikförsäkringsföreningen (TFF) is a Swedish organization dedicated to ensuring traffic safety and managing compulsory traffic insurance for vehicles in Sweden and Swedish road users abroad. The website provides comprehensive information about insurance requirements, claims handling, and traffic safety, targeting vehicle owners and insurance companies. The organization holds a key position in the Swedish transportation insurance sector, offering essential services and information to its audience. Technically, the website is built on a modern stack including jQuery, Material-UI, and Microsoft Azure hosting, with integrated analytics from Piwik Pro and Microsoft Application Insights. The site demonstrates good digital maturity with responsive design, accessibility features, and a robust cookie consent mechanism compliant with GDPR. From a security perspective, the site uses HTTPS and includes consent management for cookies, but lacks explicit HTTP security headers and a public security policy or incident response contact. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's claims, indicating a legitimate and trustworthy domain. Overall, the website is professional, secure, and compliant with privacy regulations, serving its audience effectively. Strategic improvements in security headers and transparency around security policies could further enhance trust and resilience.

Agero is a Swedish technology company specializing in helping businesses improve their competitiveness by streamlining processes and enabling faster decision-making through innovative applications and AI-powered decision support tools. The company positions itself as a trusted partner in application development, decision support, and IT management services, targeting companies seeking digital transformation and operational efficiency. Their market position is reinforced by recognized employer awards and a professional online presence. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies including Bootstrap, jQuery, and FontAwesome. The site integrates multiple analytics and marketing tools such as Google Analytics (both Universal and GA4), LinkedIn Insight, and Facebook Pixel, indicating a mature digital marketing infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, explicit security headers are not detected, and no published security or incident response policies are found. There are no visible vulnerabilities or exposed sensitive data in the HTML content. The domain registration uses privacy protection, which is common and justified for this business type. Overall, the website presents a professional and trustworthy image with good content quality and technical implementation. Strategic recommendations include enhancing security headers, publishing a security policy and incident response information, and implementing a vulnerability disclosure mechanism to further strengthen trust and compliance.

R

Rolf Granlund (personal site)

rigit.se

40

The website 'RIGIT.SE – Blandat Svamlat' is a personal blog and information site maintained by Rolf Granlund, a former IT consultant and author specializing in Microsoft Office and SharePoint technologies. The site serves a niche audience interested in technology, personal insights, and related topics. It is hosted on WordPress.com, leveraging modern web technologies such as the Gutenberg editor and Jetpack plugins, ensuring a stable and moderately performant platform. Security posture is strong due to WordPress.com's managed HTTPS and security headers, though explicit privacy and cookie policies are absent, which is a compliance gap. Contact information is available, primarily via a personal Gmail address and Twitter handle, supporting user engagement. Overall, the site is trustworthy and professionally maintained for a personal blog, but lacks formal business and security policy disclosures.

The website at wahlstrom.se currently presents only minimal content with a single word 'OK' and lacks any metadata, scripts, or business information. This indicates the site is either a placeholder or under development. There is no evidence of privacy, cookie, or terms of service policies, nor any contact information or forms. The technical infrastructure cannot be assessed from the provided HTML content, and no security headers or HTTPS status are available. The security posture is poor due to the absence of HTTPS and security best practices. Overall, the site lacks professionalism and trust indicators, resulting in a very low risk assessment score.

N

Nordiska Tillväxtbolaget AB

tillvaxtbolaget.se

39

Tillväxtbolaget is a Stockholm-based sales company focused on optimizing business growth primarily through sales and investments in entrepreneur-driven companies. Their services include commission-based sales, business and concept development, and managing investments with responsibilities spanning sales, marketing, PR, business development, and corporate management. The company positions itself as a key partner for clients seeking accelerated growth. Technically, the website employs modern web technologies including jQuery, Foundation framework, and Google Analytics, hosted with HTTPS and content delivery via Cloudfront. The site is mobile optimized with good design and navigation but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks security headers, explicit security policies, and vulnerability disclosure mechanisms. Contact information is provided but no email addresses or contact forms are present. Overall, the website is professional and trustworthy but could improve privacy compliance and security transparency.

S

Salico AB

salico.se

49

Salico AB is a medium-sized Swedish company specializing in the supply of pre-cut salads, fruits, vegetables, and ready meal solutions primarily targeting the Scandinavian market. The company positions itself as one of the largest suppliers in this niche and operates as part of the Greenfood Group, enhancing its market credibility. The website content is professionally presented in Swedish with an English alternative, reflecting a clear business focus and customer orientation. The business model is B2B, serving customers seeking convenient, healthy food options. The website provides clear contact information including phone and physical address, supporting customer engagement.

Scandinavian Print Group is the largest printing group in Scandinavia, offering a wide range of printing and graphic services supported by intelligent IT solutions. With over 700 employees and a turnover exceeding 800 million DKK, the company operates multiple subsidiaries across Sweden, Denmark, Poland, Norway, and Germany. Their services include digital solutions, graphic design, distribution, logistics, advertising products, and book production. The website demonstrates a mature digital infrastructure using ASP.NET WebForms, jQuery, and integrates Usercentrics for consent management and Google Tag Manager for analytics. Security posture is good with HTTPS enforced and consent-based tracking, though security headers could be improved. The company shows strong compliance with GDPR and provides comprehensive privacy and terms of service documentation. Overall, the website is professional, well-branded, and trustworthy.

P

Posifon AB

posifon.se

42

Posifon AB is a Swedish company specializing in mobile safety alarms, GPS tracking devices, and medication reminders aimed at improving safety and independence for individuals, particularly those with dementia or cognitive impairments. The company positions itself as a provider of scientifically evaluated GPS-based safety alarms with ethical guidelines, targeting both individual users and care professionals. Their digital presence is built on a modern WordPress platform using Elementor and Yoast SEO, reflecting a good level of technical maturity and mobile optimization. Security posture is adequate with HTTPS enabled and basic security plugins, but lacks explicit security policies and headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy but would benefit from improved privacy and security disclosures.

A

AICEP

portugalglobal.pt

47

AICEP is a Portuguese public agency dedicated to promoting productive investment and the internationalization of the Portuguese economy. It supports export growth and the international expansion of companies through its offices in Portugal and an external network spanning approximately 50 markets. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support. The technical infrastructure leverages modern JavaScript libraries, marketing automation via Mautic, and cookie consent management through OneTrust, ensuring compliance with GDPR and user privacy standards. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit incident response policies are absent. Overall, the site presents a trustworthy, professional, and well-maintained platform aligned with its government agency role.

A

ADSTRINGO SOFTWARE PRIVATE LIMITED

adstringo.in

33

AdStringO Software Private Limited is a technology company based in India specializing in endpoint digital compression solutions for images, audio, video, PDF, and Office files. Their technology enables enterprises to compress files up to 90% without loss of visual quality, facilitating digital transformation especially in low network environments such as rural areas. The company targets a broad audience including SMEs, government institutions, and Fortune 500 companies, positioning itself as a global leader in fast endpoint compression technology. The website employs a modern technology stack including jQuery, Bootstrap, and various UI libraries to deliver a responsive and user-friendly experience. However, the technical infrastructure lacks visible HTTPS enforcement and security headers, which are critical for secure communications and trust. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. From a security perspective, the absence of HTTPS and security policies, as well as no visible vulnerability disclosure or incident response information, indicates a low maturity level in security posture. The website does not provide privacy or cookie policies, which impacts compliance with GDPR and other privacy regulations. Contact information is clearly provided, including company emails, phone number, and physical address, supporting business credibility. Overall, while the business and website demonstrate good content quality and professional presentation, significant improvements in security, privacy compliance, and technical hardening are recommended to enhance trust and protect users. Strategic focus on implementing HTTPS, publishing privacy and security policies, and adopting security best practices will strengthen the company's digital presence and risk management.

A

Accure

accure.eu

40

Accure is a technology company specializing in output management and customer communication solutions, primarily targeting users of the Infor M3 ERP system. They provide cloud-based and on-premise solutions designed to optimize business-critical document handling, reduce costs, and improve compliance. Their market position is strengthened by their status as an Infor Preferred Delivery Partner and a global presence with offices in Sweden and Sri Lanka. The company offers a range of products including Accure CloudSuite for M3, ABC Document Manager, and cloud transformation services, supported by consulting and customer care teams. Technically, the website is built on WordPress using the Divi theme, integrated with modern analytics and customer support tools such as Google Analytics, Google Tag Manager, Zendesk, and SocialIntents chat. The site demonstrates good SEO practices, mobile optimization, and a professional design. Privacy and cookie policies are comprehensive and GDPR compliant, with an active consent management mechanism in place. From a security perspective, the site enforces HTTPS with a strong SSL configuration and employs privacy and consent plugins to manage user data responsibly. While explicit security headers are not fully visible in the HTML, no critical vulnerabilities or exposed sensitive data were detected. The domain registration details align well with the business claims, indicating a trustworthy and legitimate online presence. Overall, Accure presents a solid digital footprint with a good balance of business credibility, technical implementation, and privacy compliance. Strategic recommendations include enhancing security headers, documenting security policies, and continuing to monitor and update technical components to maintain a strong security posture.

S

Sigma Lundinova

lundinova.se

44

Sigma Lundinova is a specialized electronics and firmware design consultancy based in Lund, Sweden, operating as part of the larger Sigma Connectivity Group. The company offers comprehensive services from early feasibility studies to certification, quality control, and manufacturing support, serving a diverse client base including startups and established global companies across multiple industries. Their website reflects a professional and consistent brand image with clear service descriptions and contact information. Technically, the site is built on Squarespace with modern tracking and translation tools, optimized for mobile and SEO. Security posture is strong with HTTPS and HSTS enabled, though cookie consent mechanisms and explicit security policies are lacking. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.

S

Smart Solutions Sverige AB

smartsolutions.se

27

Smart Solutions Sverige AB is a Swedish company specializing in the development of positioning services and fleet management solutions. Their website highlights key offerings such as Billiggare.se, an electronic mileage log service, Alkolås as a supplier, and WhereHere for fleet management. The company targets businesses and organizations requiring efficient vehicle tracking and management solutions within Sweden. The website content is professional and consistent, with a clear focus on their niche market in technology and transportation sectors. Technically, the website is built on WordPress 6.7.2, utilizing common JavaScript libraries such as jQuery and Flexslider, and integrates Google Analytics for visitor tracking. The site is moderately optimized for performance and mobile use, though accessibility and SEO features are basic. The presence of HTTPS ensures encrypted communication, but the absence of security headers and advanced security configurations indicates room for improvement in technical security. From a security perspective, the site lacks visible privacy and cookie policies, which raises compliance concerns with GDPR and other privacy regulations. No incident response or security policies are published, and no vulnerability disclosure mechanisms are present. The use of Google Analytics without a consent mechanism further impacts privacy compliance. The WHOIS data aligns well with the website's business claims, indicating legitimacy and consistent registration information. Overall, the website presents a professional business front with solid technical foundations but requires enhancements in privacy compliance, security best practices, and transparency to improve trust and regulatory adherence.

E

ESMA

esma.se

44

ESMA is a well-established Swedish company specializing in precision mechanics and cost-effective component and logistics solutions for the manufacturing industry. With a history dating back to 1951, ESMA serves a diverse range of clients from innovative startups to large global corporations in sectors such as medical technology, automotive, and engineering. The company emphasizes quality, cost efficiency, and delivery reliability, positioning itself as a trusted partner in the Swedish manufacturing sector. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation, supporting both Swedish and English audiences. Technically, the site is built on WordPress with modern SEO and analytics tools, including Yoast SEO and Google Tag Manager, and implements a robust cookie consent mechanism compliant with GDPR. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security and incident response policies are not publicly available. Overall, ESMA demonstrates a high level of professionalism and trustworthiness, supported by certifications such as Intertek and EcoVadis.

M

Error

miradot.se

37

The website miradot.se currently serves an error page hosted by Wix, indicating that the domain is not connected to an active website. There is no business content, contact information, or policies available, which suggests the domain is either inactive or improperly configured. The technical infrastructure is based on Wix's platform using AngularJS and jQuery libraries, but lacks modern security and privacy features. The security posture is weak due to missing HTTPS and security headers, and no compliance or incident response information is present. Overall, the site presents a high risk due to lack of content and security controls, and it is not suitable for business or customer engagement in its current state.

B

Bokio Group AB

redflag.se

41

Bokio Group AB operates a comprehensive SaaS platform focused on simplifying financial management for small and medium-sized businesses in Sweden. Their integrated offering includes automated bookkeeping, invoicing, payroll, and banking services, positioning them as a competitive player in the Nordic fintech space. The website demonstrates strong branding consistency, professional content, and clear communication of services and pricing plans. Technically, the site uses modern JavaScript frameworks and analytics tools such as Google Tag Manager and Microsoft Application Insights, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit incident response policies. Overall, the site reflects a mature digital presence suitable for its target audience, with high trustworthiness and compliance with GDPR.

C

Captum Group

captumgroup.se

40

Captum Group is a Swedish finance company specializing in flexible online payment solutions, including invoice payments and installment plans. The company targets Swedish consumers seeking convenient payment options and is preparing for a merger with Lea bank in early 2025. The website is built on WordPress with multilingual support and integrates common web technologies such as jQuery, Google reCAPTCHA, and Google Tag Manager. While the site is professionally designed and provides clear service information and contact details, it lacks explicit security policies and cookie consent mechanisms. The security posture is moderate with room for improvement in headers and incident response transparency. Overall, the website is trustworthy and functional but would benefit from enhanced security and privacy compliance measures.

E

Ekonomibolaget i Sverige AB

ekonomi-bolaget.se

48

Ekonomibolaget i Sverige AB is a Swedish accounting and financial advisory firm focused on helping growing companies achieve control and profitability through services such as bookkeeping, reporting, tax planning, and CFO-level consulting. The company is recognized by industry bodies such as FAR and is a certified Fortnox partner, positioning itself as a trusted and modern accounting partner for various sectors including consulting, restaurants, startups, and non-profits. The website is professionally designed, mobile-optimized, and built on the HubSpot CMS platform, integrating modern marketing and analytics tools. Privacy and cookie consent mechanisms are implemented in compliance with GDPR. Security posture is solid with HTTPS and no obvious vulnerabilities, though explicit security headers and policies could be enhanced. Contact information and social media presence are clearly provided, supporting business credibility and user trust.

S

Stockholm Lighting Company AB

stockholmlighting.se

34

Stockholm Lighting Company AB is a Swedish company specializing in innovative and energy-efficient LED lighting solutions and smart control systems. The company targets professionals such as lighting designers, architects, electrical consultants, installers, and end customers, offering a broad range of services including reuse of existing fixtures, demos, test lighting, technical consultation, and service agreements. Their market position is strong with a portfolio of high-profile projects and collaborations, supported by a consistent and professional web presence. Technically, the website is built on modern frameworks like React and Next.js, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and incident response contacts could be improved. Privacy compliance is evident with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Overall, the website and business demonstrate high professionalism and trustworthiness.

Centrala studiestödsnämnden (CSN) is the official Swedish government agency responsible for administering student financial aid including loans and grants. The website csn.se serves as the primary digital portal for students and partners to access information, apply for aid, manage repayments, and find support. The site is well-branded, professionally designed, and provides comprehensive content tailored to its target audience of students in Sweden and abroad. It offers multiple language options and detailed navigation to various services and informational resources. Technically, the site uses a modern stack including React and SiteVision CMS, with good mobile optimization and accessibility features. Security posture is strong with HTTPS, nonce-based CSP, session management, and cookie consent mechanisms, though explicit security policies and incident response information are not published. The domain registration data aligns with the official government entity, confirming legitimacy. Overall, the site demonstrates a mature digital presence with high trustworthiness and user experience quality.

A

Axel Group AB

axel.se

49

Axel Group AB is a leading Swedish company specializing in personal alarms, personal safety, and alarm services, with a strong focus on workplace safety, lone workers, and protection against violence and threats. The company offers a range of products including personal alarms, alarm services, vehicle tracking, and safety training, supported by a webshop for streamlined ordering. Their market position is strong within Sweden, targeting organizations and individuals requiring reliable safety solutions. Technically, the website is built on a modern stack using HTML5, CSS3, JavaScript, and integrates Google reCAPTCHA for form security. The site uses purePUBLISH CMS and is hosted by WebOne AB. The website demonstrates good mobile optimization, clear navigation, and professional design, although accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms from spam. However, explicit security headers like Content-Security-Policy and HSTS are not clearly present, and there is no visible vulnerability disclosure or security policy page. Privacy compliance is partial; a privacy policy and terms of service are present, but no cookie consent mechanism is detected, which may be a GDPR compliance gap. Overall, the website is professional, trustworthy, and well-maintained, with a solid business credibility score. Strategic improvements in privacy compliance and security headers would enhance their security posture and regulatory adherence.

ESSVE AB is a Swedish company specializing in manufacturing and retailing fastening products such as screws, fasteners, and construction tools. The website targets construction professionals and DIY enthusiasts, providing a comprehensive product catalog along with building guides and customer support. The company holds a strong market position in Sweden and the Nordic region, emphasizing quality products and customer engagement through social media and informative content. Technically, the website is built on the Dynamicweb CMS platform with Bootstrap framework, employing modern JavaScript libraries and asynchronous script loading to enhance performance and user experience. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Security posture is good with HTTPS enforced and use of security best practices, although explicit security policies and incident response contacts are not present. Overall, the website is professional, trustworthy, and well-optimized for both desktop and mobile users.

O

Osolo

osolo.se

45

Osolo is a strategic web agency based in Sweden, specializing in system development, e-commerce, web design, digital marketing, and technical management to support digital success. Established in 2004, the company positions itself as an experienced and passionate partner offering comprehensive digital solutions including dedicated consultants and technical system management. The website reflects a professional and consistent brand image with clear service offerings and contact channels. Technically, the site uses modern web technologies including Umbraco CMS, Google Tag Manager, reCAPTCHA, and GSAP for animations, indicating a mature digital infrastructure. Security measures such as HTTPS and CAPTCHA on forms are implemented, though some HTTP security headers are missing, suggesting room for improvement. Privacy compliance is basic, with a cookie consent banner present but no explicit privacy policy or terms of service pages found. Overall, the site is well-structured, mobile-optimized, and trustworthy, with active social media engagement and marketing tracking in place.

O

Occlutech

occlutech.com

42

Occlutech is a specialized healthcare company founded in 2003 in Germany, now headquartered in Switzerland, focusing on minimally invasive cardiac devices for structural heart diseases including congenital defects, stroke prevention, and heart failure. The company maintains a strong market position as a leading supplier in this niche, targeting healthcare professionals, patients, and investors. Their business model revolves around design, manufacturing, and commercialization of cardiac implants with a broad product portfolio. The website reflects a medium-sized enterprise with consistent branding and good content quality.

R

Redsense Medical AB

redsensemedical.com

37

Redsense Medical AB is a Swedish healthcare technology company specializing in blood loss detection alarm systems designed to improve patient safety during hemodialysis. Their patented fiber optics technology underpins FDA-cleared and CE-marked products, positioning them as a niche leader in this medical device segment. The website reflects a focused business model targeting healthcare providers and dialysis clinics, offering products, training, and investor information. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates Google Analytics for user tracking. The site is mobile-optimized with good SEO practices and professional design, though performance is moderate. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and explicit incident response policies. Overall, the security posture is solid but could be improved by implementing cookie consent mechanisms, security headers, and publishing security policies. The domain registration details align well with the company’s profile, supporting legitimacy. The site’s content quality and business credibility are strong, though privacy compliance could be enhanced. Strategic recommendations include enhancing privacy compliance with cookie consent, strengthening security headers, and publishing incident response information to improve trust and regulatory adherence.

The website at lonne.com is currently inaccessible due to an active CAPTCHA challenge implemented by a third-party anti-bot service (geo.captcha-delivery.com). The page content is minimal and does not provide any meaningful business information, metadata, or contact details. The page title references a different domain (rubix.com), which suggests possible misconfiguration or domain misuse. Due to the blocking mechanism, a full analysis of the website's content, security posture, and compliance status is not possible. The lack of visible HTTPS information, security headers, and privacy policies further limits the assessment. Overall, the site appears to be either a placeholder or protected by aggressive security measures that prevent legitimate access.

Synapse Mobile Networks S.A. is a small telecommunications software provider based in Luxembourg, established in 2003. The company specializes in network management solutions including Automatic Device Management Systems, Equipment Identity Registers, and Roaming Service Centers targeted at 3GSM/LTE operators. Their website reflects a niche B2B business model focusing on telecom operators seeking to optimize network access and roaming services. The market position is that of a specialized software vendor with a consistent brand presence but limited public-facing content and engagement features. Technically, the website uses legacy JavaScript libraries such as jQuery and jQuery UI along with a slider plugin for UI elements. The site is moderately performant with basic mobile optimization and accessibility features. However, there is no evidence of modern CMS usage or advanced SEO practices. The website lacks HTTPS information in the provided data, and no security headers or privacy-related policies are present, indicating a low maturity in security and compliance. From a security perspective, the absence of HTTPS and security headers is a significant concern, exposing users to potential risks. The lack of privacy and cookie policies also indicates non-compliance with GDPR and related regulations. No contact information or incident response channels are provided, limiting transparency and trust. Overall, the security posture is weak, and the website would benefit from implementing standard security best practices and compliance documentation. The overall risk assessment suggests moderate business credibility but low security and privacy compliance. Strategic recommendations include immediate implementation of HTTPS, publishing privacy and cookie policies, adding contact and incident response information, and improving mobile and accessibility features to enhance user trust and regulatory compliance.

F

Förlängda Armen AB

farmen.se

49

Förlängda Armen AB is a Swedish logistics and transport company specializing in tailored transport services primarily in Stockholm and Uppsala. The company offers same-day pallet deliveries, warehousing, and distribution services, positioning itself as a reliable and personal logistics partner. Their market presence is supported by ISO certifications (9001, 14001, 45001), indicating a commitment to quality, environmental management, and occupational health and safety. The website reflects a medium-sized enterprise with a professional digital presence built on WordPress and modern web technologies, including Bootstrap and jQuery. SEO and social media integration are well implemented, enhancing visibility and customer engagement. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and explicit privacy compliance mechanisms such as cookie consent banners. Overall, the site is trustworthy and professional but could improve in privacy compliance and security best practices.

M

MariTrain AB

maritrain.com

45

MariTrain AB is a specialized maritime consultancy firm founded in 2003, offering services such as Navigational Audits, CDI Inspections, ISM/ISPS Audits, pre-SIRE vettings, consultancy, and training primarily for the maritime industry. The company positions itself as a niche service provider with expertise in tanker, chemical, and offshore shipping sectors. The website is professionally designed using the Wix platform, featuring clear navigation and relevant content targeted at maritime professionals and shipping companies. Technically, the site employs modern web technologies including React 18 and Wix Thunderbolt, hosted on Wix's infrastructure with moderate performance and basic mobile optimization. Security-wise, the site enforces HTTPS and uses Sentry for error monitoring but lacks published security policies and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.