High-risk security reports

C

Creanord Ltd

creanord.com

40

Creanord Ltd is a Finnish telecommunications technology company specializing in network performance tracking and service assurance solutions, particularly for 5G, cloud connectivity, and critical communications sectors. Their offerings include active probes and management systems designed to help carriers and service providers improve network quality and meet complex SLAs. The company positions itself as a niche provider with a focus on data-driven automation and intelligent service assurance to enhance customer loyalty and network profitability. The website is professionally designed, content-rich, and targets communications service providers and cloud operators. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, WPForms, and Klaro for consent management. It uses Google reCAPTCHA v3 for form security and Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and moderate performance. Accessibility is basic but functional. No hosting provider details were identified from the content. Security posture is strong with HTTPS enforced, secure forms, and no exposed sensitive data. However, security headers are not detected, and there is no visible security policy or incident response contact information. Privacy compliance is good with a comprehensive privacy policy and cookie consent mechanism. Business credibility is high with clear contact details, professional content, and trust indicators such as Capterra reviews. Overall, the website presents a trustworthy and professional image with a solid technical foundation. Strategic improvements include adding security headers, publishing a security policy, and enhancing accessibility. These steps would further strengthen the security posture and compliance stance.

K

KALLER

kaller.com

46

KALLER is a well-established manufacturer specializing in nitrogen gas springs and hydraulic suspension systems, positioning itself as a world-leading brand in these sectors. The company offers a comprehensive range of products including tool and die components, industrial gas spring cylinders, gas hydraulic suspension, and remote pressure monitoring solutions. Their website reflects a mature digital presence with clear navigation, multilingual support, and extensive product and support information, targeting industrial and manufacturing audiences globally, particularly in Europe and the USA. Technically, the website utilizes modern frameworks such as React and Bootstrap 5, integrated with analytics tools like Google Tag Manager and Azure Application Insights. The site demonstrates good performance, mobile optimization, and accessibility features, indicating a robust technical infrastructure. From a security perspective, the site enforces HTTPS, implements essential security headers, and avoids exposing sensitive data. While no critical vulnerabilities were detected, recommendations include enhancing public security policies and incident response information. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, KALLER's website presents a professional, trustworthy, and secure platform that supports its business objectives effectively. Strategic improvements in security transparency and continuous monitoring of third-party components will further strengthen its posture.

2

21grams

21grams.com

45

21grams is a Swedish-based company specializing in optimizing and digitizing postal and communication services for businesses primarily in the Nordic region. As part of the Unifiedpost Group since 2021, it leverages its expertise to offer services such as optimized postage, digitized post delivery, and simplified payment solutions. The website reflects a professional B2B service provider with a clear focus on enhancing business communications and operational efficiency. Technically, the site is built on WordPress with modern plugins and tools including Google Tag Manager and Usercentrics for consent management, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and consent mechanisms in place, though explicit security headers and policies are not visible, suggesting room for improvement. Overall, the site is trustworthy, well-branded, and provides clear contact information, supporting its credibility in the market.

The website la-machine.fr presents a niche technology product: an interactive, open source device inspired by the legendary "useless box" concept. The product is designed with an emphasis on creativity, eco-friendliness, and maker community engagement. The site leverages modern web technologies and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. While the site is well-designed and mobile-optimized, it lacks some advanced security headers and cookie consent mechanisms, which are important for privacy compliance. The business appears to be a small, innovative startup based in France, with a focus on direct-to-consumer sales and community-driven customization. Overall, the site is accessible and professional but could improve its security and privacy posture.

S

Svenskt Tryck

svenskttryck.se

44

Svenskt Tryck is a well-established Swedish printing company operating since 1970, specializing in personalized printing services including annual reports, brochures, variable data printing, and special effect products. The company emphasizes quality and sustainability, demonstrated by ISO 9001 and ISO 14001 certifications. Their website is professionally designed on the Squarespace platform, featuring clear navigation and mobile optimization. Contact information and social media links are prominently provided, enhancing business credibility. Technically, the site uses HTTPS with HSTS enabled, ensuring secure connections. However, the absence of explicit privacy, cookie, and terms of service policies indicates gaps in privacy compliance. No forms or analytics scripts were detected, suggesting minimal data collection and tracking.

E

EnerSys

enersys.com

47

EnerSys is a global leader in stored energy and power solutions, serving a broad range of industrial and mission-critical sectors including transportation, logistics, communications, aerospace, defense, medical, and energy utilities. The company offers a comprehensive portfolio of batteries, chargers, monitoring systems, energy systems, and maintenance services, positioning itself as a full turnkey power solutions provider. The website reflects a mature digital presence with professional design, clear navigation, and extensive content supporting its market leadership and sustainability commitments. Technically, the site leverages modern analytics and consent management tools, is built on Episerver CMS, and demonstrates good performance and accessibility. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security headers could be more visible. No critical vulnerabilities or exposed sensitive data were detected. Overall, the domain registration and WHOIS data align well with the company's claims, supporting legitimacy and trustworthiness.

F

Foodmark AB

foodmark.se

46

Foodmark AB is a well-established Swedish food manufacturing and marketing company with a portfolio of several popular national brands in categories such as salads, sauces, dressings, messmör, and soft cheese. Founded in 1937, the company holds a strong market position in Sweden's retail and foodservice sectors. The website reflects a professional digital presence built on WordPress with performance optimizations and a focus on brand storytelling and sustainability. Security posture is adequate with HTTPS and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the site is accessible, well-structured, and trustworthy, supporting Foodmark's business credibility and customer engagement.

The website intrapoint.se appears to be a small-scale content site focused on providing information about office accessories and legal advice, particularly related to family law and legal preparations for property division. The site targets office workers and professionals in Sweden, offering basic informational articles and navigation to legal topics. The technical infrastructure is built on standard web technologies such as Bootstrap, jQuery, and Font Awesome, with moderate mobile optimization and basic SEO features. However, there is no evidence of a CMS or advanced platform integrations. Security posture is weak due to the apparent lack of HTTPS, security headers, and absence of privacy or cookie policies. No contact information or incident response details are provided, which limits trust and compliance with GDPR. Overall, the site is functional but lacks professional security and privacy practices, which poses risks for user trust and regulatory compliance.

D

Danderyds sjukhus

ds.se

41

Danderyds sjukhus is one of Sweden's largest acute hospitals, providing university-level healthcare, education, and research focused on common public diseases. The website serves patients, visitors, and job seekers with comprehensive information and services. Technically, the site is built on modern frameworks such as React and Next.js, with good mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not found. Overall, the site demonstrates a mature digital presence aligned with its public healthcare mission.

T

TeamTech Sverige AB

teamtech.se

49

TeamTech Sverige AB is a well-established Swedish IT consultancy firm founded in 1998, specializing in providing senior IT experts and teams to solve complex technical challenges. Their clientele includes major enterprises and public sector organizations such as Spotify, IBM, SAAB, Ericsson, and Swedish government agencies. The company emphasizes trust, experience, and quality, supported by multiple ISO certifications (9001, 14001, 27001, 45001) and collective agreements, positioning itself as a reliable partner in the technology sector. Technically, the website is built using modern frameworks such as Next.js and React, with backend content managed via WordPress. Hosting is provided by OhMyHosting, and the site demonstrates good mobile optimization and SEO practices. No major performance or accessibility issues were detected, though accessibility is rated as basic. From a security perspective, the site enforces HTTPS and highlights ISO 27001 certification, indicating a mature security management system. However, there is a lack of visible security headers, incident response contacts, and vulnerability disclosure policies. No cookie consent mechanism was found, which is a gap in GDPR compliance despite the presence of a comprehensive privacy policy. Overall, TeamTech's website reflects a professional and credible business with strong trust indicators and a solid technical foundation. The main risks relate to privacy compliance and security transparency, which can be improved to enhance user trust and regulatory adherence.

F

Fiskeriet

fiskeriet.se

34

Fiskeriet.se is a Swedish seafood retailer focused on providing fresh, frozen, and ready-to-eat fish and shellfish products. The company emphasizes sustainability and responsible sourcing, supported by certifications such as MSC, ASC, and KRAV. Their website offers recipes, cooking tips, and educational content aimed at inspiring consumers to enjoy seafood more often. The target audience includes environmentally conscious consumers and cooking enthusiasts in Sweden. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and SEO tools like Yoast. It integrates Google Analytics, Google Tag Manager, and Facebook Pixel for marketing and tracking purposes. The site is mobile-optimized and has good navigation and content quality. Security-wise, the site uses HTTPS and asynchronous loading of tracking scripts but lacks visible security headers and a published security policy or incident response contacts. Privacy compliance is basic, with a cookie consent banner but no explicit privacy or terms of service pages. Overall, the website is professional and trustworthy but could improve transparency and security practices.

S

StatSoft Scandinavia AB

statsoft.se

43

StatSoft Scandinavia AB is a specialized consulting and solutions provider focused on data science, advanced analytics, machine learning, data visualization, master data management, and IT security. With over 30 years of experience in the Nordic market, the company has evolved into StatSoft 2.0, expanding its offerings and entering new domains such as IT security in partnership with MSSPs. The company targets enterprises and organizations seeking to leverage data-driven decision-making and secure IT environments. Their business model centers on consulting, software solutions, and partnerships with leading technology vendors like TIBCO and Level 9 Logistics. Technically, the website is built on WordPress 6.8.1 with modern plugins such as Yoast SEO, Ninja Forms, and Autoptimize, indicating a mature digital infrastructure. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and implements cookie consent mechanisms, reflecting good digital maturity. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of security.txt or vulnerability disclosure pages suggests an opportunity to enhance transparency and incident readiness. Overall, the security posture is solid but could be improved with additional headers and documented policies. The overall risk assessment is low, with the website demonstrating professionalism, compliance with privacy regulations, and a consistent business presence. Strategic recommendations include implementing security headers, publishing security and incident response policies, and enhancing accessibility features to further strengthen trust and compliance.

The website titanx.com currently serves a security challenge page that blocks direct access to its content, indicating the presence of a Web Application Firewall or similar security mechanism. The page uses outdated CMS technologies such as Joomla 1.5 and WordPress 2.5, which are known to have multiple security vulnerabilities. No meaningful business or contact information is presented, and no privacy or cookie policies are found, limiting the ability to assess compliance or business legitimacy. The technical infrastructure appears minimal and outdated, with poor mobile optimization and accessibility. Security posture is weak due to lack of visible HTTPS enforcement and security headers, although a browser integrity check script is present. Overall, the site presents a low trust profile and limited transparency.

E

ECGO

ecgo.se

32

ECGO is a Swedish content website founded in 2021 that aims to help visitors make better life decisions by providing high-quality articles and guides on health, wellness, finance, and home decoration. The site targets Swedish-speaking individuals interested in lifestyle improvement and offers a curated selection of articles and external links to trusted sources. Technically, the site is built on WordPress using the GeneratePress theme and popular plugins such as Yoast SEO and Contact Form 7. It employs privacy-friendly analytics via Simple Analytics and is optimized for mobile devices with good SEO practices. Security-wise, the site uses HTTPS but lacks advanced security headers and does not publish a security policy or incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy compliance to enhance user trust and regulatory adherence.

N

Navcite

navcite.se

45

Navcite is a Swedish technology company specializing in providing advanced ERP solutions and IT integration services, focusing on Infor M3 and Microsoft 365 Business Central platforms. The company targets businesses in manufacturing, construction, and project management sectors, offering digital transformation tools including their proprietary ProApps mobile application. Their market position is that of a specialized, small-sized B2B service provider with a professional online presence and customer testimonials supporting their credibility. Technically, the website is built on WordPress using Elementor, integrated with HubSpot for forms and marketing, and employs Google Analytics, Hotjar, and CookieYes for analytics and privacy compliance. The security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or WAF blocking were detected, indicating a stable and accessible site. Overall, Navcite demonstrates a mature digital infrastructure aligned with its business goals, though it could enhance transparency by adding explicit security policies and direct contact details.

F

FVB

fvb.se

37

FVB is a well-established Swedish energy consulting firm with a strong market position as one of the leading energy consultants in Sweden and internationally. Their services span energy, industry, real estate, electrical & automation, and water & sewage sectors. The website reflects a professional and consistent brand with good content quality and clear navigation, targeting B2B clients in the energy sector. Technically, the site is built on WordPress with modern SEO and analytics tools, including Google Tag Manager and Google Analytics, and incorporates a comprehensive cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS and bot protection via Google reCAPTCHA, though there is room for improvement in security headers and incident response transparency. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

A

AQC

aqc.se

40

AQC Sweden AB operates as a technology consultancy firm based in Sweden, specializing in IT consultancy services with a unique business model that combines the freedom of freelancing with the security of employment. The company targets IT consultants and clients in industries such as gaming, music, e-commerce, fintech, and streaming. Their market position emphasizes a personal, quality-driven approach with a strong community focus. Technically, the website is built on WordPress using Elementor and Astra theme, incorporating modern web technologies and SEO best practices. Security measures include HTTPS and Google reCAPTCHA v3, though explicit security headers and policies are absent. Overall, the website is professional, accessible, and trustworthy, with clear contact information and a consistent brand presence.

B

Buzzador

buzzador.com

41

Buzzador is a Sweden-based influencer marketing platform that connects everyday consumers with brands for product testing and authentic reviews. The website is professionally designed using WordPress and WooCommerce, supporting multiple languages and providing a user-friendly interface for campaign participation. The technical infrastructure includes modern web technologies and analytics tools with privacy-conscious configurations. Security posture is good with HTTPS and form validation, though some security headers could be improved. Privacy compliance is evident with dedicated GDPR and cookie policy pages and consent mechanisms. Overall, Buzzador presents a credible and trustworthy online presence with a clear business focus on influencer marketing.

A

Adda AB

sklkommentus.se

47

Adda AB operates as a specialized service provider supporting the Swedish public sector through framework agreements, procurement support, competence development, and training. The company targets employees within municipalities, regions, and other public organizations, offering both digital and printed resources to facilitate efficient public procurement and workforce development. The website reflects a mature market position with clear service offerings and a professional digital presence. Technically, the website employs modern web technologies including Vue.js, Microsoft Application Insights for telemetry, and Google reCAPTCHA v3 for bot protection. The site is built on the Episerver CMS platform, ensuring structured content management and good SEO practices. Mobile optimization and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site benefits from HTTPS encryption, cookie consent mechanisms, and monitoring tools. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. No critical vulnerabilities or blocking mechanisms were detected, indicating a solid security posture overall. The overall risk profile is low with recommendations to enhance transparency around security policies and incident handling. Strategic improvements in security headers and vulnerability disclosure would further strengthen trust and compliance.

V

Växjö kommun

vaxjo.se

46

Växjö kommun operates an official municipal website providing comprehensive information and digital services to residents, businesses, and visitors. The site serves as a central hub for e-services, news, event information, and contact resources, positioning itself as a trusted government portal in Sweden. The website targets a broad audience including local citizens, entrepreneurs, and tourists, supporting the municipality's public service mandate. Technically, the website leverages modern web technologies including React, jQuery, and the SiteVision CMS platform. It integrates Piwik PRO for analytics and Google Translate for multilingual support, reflecting a mature digital infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the website enforces HTTPS, uses secure and SameSite cookies, and implements a robust cookie consent mechanism aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not published, and no vulnerability disclosure program is evident. Overall, the website exhibits a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively supports Växjö kommun's mission to provide accessible and transparent public services online. Strategic improvements could focus on enhancing security transparency and formalizing incident response communications.

A

Attraction

attractionimages.ca

49

Attraction is a well-established Canadian media company specializing in the production, creation, and distribution of audiovisual content since 2002. Positioned as a major player in the North American entertainment industry, the company serves broadcasters and digital media platforms with a broad portfolio of services including television production, content creation, and international distribution. Their website reflects a professional and polished brand image, showcasing partnerships with numerous broadcasters and a clear presentation of contact information and corporate details. Technically, the website leverages modern web technologies such as SvelteKit and is hosted with a CMS likely based on Strapi. The site is fast, mobile-optimized, and SEO-friendly, with good accessibility features. The absence of cookie consent mechanisms and analytics scripts suggests a privacy-conscious approach or minimal tracking. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected. The domain registration details are consistent with the business claims, showing a long-standing presence and legitimacy. Overall, Attraction's digital presence is strong, professional, and trustworthy, with minor recommendations to enhance security headers and privacy transparency to further improve compliance and user trust.

M

MultiQ

multiq.com

48

MultiQ, recently rebranded as Journeo A/S following acquisition by Journeo plc, is a medium-sized technology company specializing in Intelligent Transport Solutions across Europe. Their offerings focus on enhancing public transportation through real-time passenger information, fleet management, and transport display systems. The company targets public transport operators, authorities, and travelers, positioning itself as a key player in the sustainable smart city transport sector. The website reflects a professional and consistent brand image with clear business messaging and customer references. Technically, the site is built on WordPress using the Divi theme and integrates SEO best practices with structured data. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit policies are missing. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy and well-maintained, supporting the company's market position.

J

Jowa AB

jowa.com

35

Jowa AB is a well-established marine supplier specializing in environmental protection equipment and water treatment solutions for the maritime industry. With over 60 years of experience and a worldwide network including subsidiaries in multiple countries, Jowa positions itself as a trusted provider of high-quality, reliable products designed to protect the marine environment. The website reflects a professional and consistent brand image, emphasizing their commitment to sustainability and service excellence. Technically, the site is built on WordPress with modern plugins and tools, offering good SEO and mobile responsiveness. Security posture is adequate with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site demonstrates a solid business presence with moderate technical maturity and compliance awareness.

E

Exobe AB

uclarity.com

41

Exobe AB is a Swedish technology company specializing in digital workspace solutions, IT license management as a Microsoft Cloud Solution Provider, IT security, collaboration platforms, and AI-driven automation. The company positions itself as a trusted partner for organizations seeking to optimize their digital workplace and cloud investments. Their website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on WordPress with modern performance optimizations including WP Rocket, lazy loading, and integration with Microsoft Dynamics 365 Marketing for form handling. Security posture is strong with HTTPS enforced, security event listeners, and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates good compliance with privacy regulations and business credibility through certifications and transparent contact information.

M

Mimax Solutions AB

mimax.se

33

Mimax Solutions AB is a Swedish technology company specializing in Configure Price Quote (CPQ) solutions, offering advanced configurator tools, integration services with ERP, CRM, and CAD systems, and digital transformation consulting. The company positions itself as a niche specialist with a strong focus on CPQ, supported by partnerships including Microsoft and notable clients such as Kongsberg and Rolls Royce. Their website reflects a professional B2B service provider targeting businesses seeking to optimize their sales and pricing processes through CPQ technology. Technically, the website is built on WordPress with modern frameworks like Bootstrap and includes essential security features such as HTTPS, Google reCAPTCHA, and cookie consent mechanisms. The site demonstrates good SEO practices and moderate performance with mobile optimization. Security posture is solid with no visible vulnerabilities, though there is room for improvement in security headers and formal security policies. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

The website for rymdreklam.com is currently suspended by its hosting provider, displaying only a minimal 'Account Suspended' page with no active business content or services. The only contact information available is a webmaster email address. Due to the suspension, the site lacks any privacy, cookie, or terms of service policies, and no social media or phone contact details are present. The technical footprint is minimal, with only a FontAwesome stylesheet linked, and no analytics or tracking scripts detected. The site does not provide HTTPS or security headers, indicating a poor security posture. Overall, the website is inaccessible for normal user interaction or business evaluation, resulting in a very low trust and credibility score.

Sensavis AB operates a specialized educational technology platform focused on visual learning tools that simplify complex subjects through interactive and personalized video content. The company targets educational institutions including schools and districts, offering license-based software solutions for Apple iOS and Windows platforms. Their market position is that of a niche edtech provider with a clear focus on enhancing student engagement and learning outcomes through innovative digital tools. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, Facebook Pixel, and a consent management platform ensuring GDPR compliance. The site demonstrates good mobile optimization and SEO practices, though some security headers are not explicitly confirmed. Security posture is solid with HTTPS enforced, reCAPTCHA integration, and consent-based tracking, but could be improved by publishing explicit security policies and implementing additional HTTP security headers. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting a positive user experience and business credibility.

R

Royaltogel

teleopti.com

37

RoyalTogel is an Indonesian online slot gaming platform offering a variety of slot games from well-known providers such as Pragmatic Play, PG Soft, and Habanero. The website promotes itself as a trusted and popular destination for slot players with features like auto spin, buyspin, and daily bonuses. The site uses AMP technology for fast mobile performance and includes structured data to enhance SEO. However, the site lacks critical security features such as HTTPS, privacy policies, and contact information, which significantly impacts trust and compliance. External links include social media and live chat but also suspicious domains that may pose risks. Overall, the site appears functional but lacks essential security and compliance measures.

G

Gaia System AB

gaia.se

48

Gaia System AB specializes in providing advanced digital solutions for public transport, including a cloud-based real-time platform and an online vehicle platform that enhance traffic and passenger information management. Recently acquired by Axentia Group, Gaia is positioned as a niche player focused on integrating real-time data and AI-driven services for transport authorities, operators, and passengers. The website demonstrates a mature digital presence with comprehensive content, customer testimonials, and clear business messaging. Technically, the site is built on WordPress with modern frameworks and includes robust security measures such as HTTPS, reCAPTCHA, and consent management. Privacy compliance is well addressed with detailed policies and cookie consent mechanisms. Overall, Gaia exhibits a strong security posture with no critical vulnerabilities detected, supporting its credibility and trustworthiness in the transportation technology sector.

G

Grand Public Communication AB

grandpublic.se

33

Grand Public Communication AB is a Swedish creative brand agency specializing in brand strategy, communication design, digital design, marketing, and product design. The company operates multiple offices in Sweden and targets businesses seeking comprehensive brand and communication services. Their website showcases a professional and consistent brand image with rich multimedia content and detailed project case studies, positioning them as a reputable player in the media industry. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Vimeo for video hosting, and Google Tag Manager for analytics. The site is mobile-optimized and accessible, with good SEO practices. However, performance is moderate and there is room for improvement in security headers and privacy compliance. From a security perspective, the site uses HTTPS but lacks visible security headers and published security policies. No privacy or cookie policies are found, indicating compliance gaps with GDPR. No incident response or vulnerability disclosure information is provided. Contact information is clearly presented, enhancing business credibility. Overall, the website is professional and trustworthy but should improve privacy and security practices to enhance compliance and reduce risk. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure process.

K

Kvaser

kvaser.com

48

Kvaser AB is a well-established technology company specializing in Controller Area Network (CAN) connectivity solutions, offering a broad range of hardware and software products tailored for industries such as automotive, marine, medical, and industrial automation. The company has a strong market position with over 30 years of expertise and provides comprehensive developer resources and custom OEM solutions. Their website reflects a mature digital presence with professional design, clear navigation, and extensive content relevant to their target audience of engineers and businesses requiring CAN technology. Technically, the site is built on WordPress with WooCommerce and integrates modern analytics and marketing tools while maintaining good privacy compliance through Iubenda. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers could be improved. WHOIS data confirms legitimacy and consistency with the business claims. Overall, Kvaser demonstrates a high level of professionalism, trustworthiness, and technical maturity.

L

Liedholms Maskinteknik AB

liedholms.se

31

Liedholms Maskinteknik AB is a well-established Swedish manufacturing company specializing in advanced welding, pressure vessel production, and machine construction. Founded in 1948 and based in Helsingborg, the company offers comprehensive services including project management, design, procurement, and certification. Their market position is strong within the industrial manufacturing sector, supported by recognized certifications such as ASME U and PED compliance. The website reflects a professional and consistent brand image targeting industrial clients requiring high-quality welding and pressure vessel solutions. Technically, the website is built on WordPress using the Avada theme, incorporating modern web technologies such as jQuery, Google Analytics, Google Tag Manager, and Facebook Pixel for marketing and analytics. The site is mobile-optimized with good SEO practices and accessibility features, although some improvements could be made in accessibility and performance tuning. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA v3 to protect forms. However, it lacks several recommended security headers and does not provide explicit incident response or vulnerability disclosure information. Privacy compliance is acknowledged with a GDPR-compliant privacy policy, but the absence of a cookie consent mechanism is a notable gap. Overall, the website presents a low risk with a solid security posture and good business credibility. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing incident response contacts to further strengthen trust and compliance.

B

Babyshop Group

babyshop.com

47

Babyshop Group operates a well-established e-commerce platform specializing in children's and baby clothing and accessories, primarily serving the Nordic and European markets. Founded in 2006 and headquartered in Stockholm, Sweden, the company offers a wide range of products including apparel, strollers, toys, and baby essentials. The website demonstrates a strong market position with a comprehensive product catalog and a focus on quality customer service and exclusive brands. Technically, the website employs modern web technologies such as React, Algolia for search, and integrates with multiple third-party services including Klarna for payments, Trustpilot for reviews, and Google Analytics for tracking. The platform is mobile-optimized, SEO-friendly, and provides a smooth user experience with clear navigation and structured data for enhanced search engine visibility. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data in its HTML content. However, it lacks explicit security policy documentation and incident response contact details, which are recommended for enhanced transparency and compliance. No critical vulnerabilities or WAF blocking were detected, indicating a mature security posture. Overall, Babyshop.com presents a professional, trustworthy, and user-friendly online retail experience with strong compliance to privacy and cookie regulations. Strategic improvements in security policy transparency and additional security headers could further strengthen its security posture.

S

social industries

socialindustries.se

44

Social Industries is a well-established digital agency based in Sweden, specializing in social media marketing and digital services primarily targeting the Nordic market. Founded in 2011, the company positions itself as a leading agency in its sector, emphasizing adaptability and continuous learning. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site is built on the Squarespace platform, leveraging modern web technologies and third-party analytics and marketing tools such as Google Analytics, Pinterest tracking, and LinkedIn Insight Tag. The website is mobile-optimized and performs moderately well, with good SEO and basic accessibility features. Security-wise, the site enforces HTTPS with a solid SSL configuration and includes a cookie consent mechanism compliant with GDPR. However, it lacks advanced security headers and explicit security or incident response policies. Overall, the site demonstrates a mature digital presence with room for improvement in security best practices and compliance documentation.

E

Effectsoft

effectsoft.se

43

Effectsoft is a Swedish IT consultancy specializing in software development, integration, and custom IT solutions, primarily serving clients in Halmstad and Göteborg. The company emphasizes close customer collaboration, agile methodologies, and delivering tailored solutions with a strong focus on quality and customer satisfaction. Their market position is that of a trusted regional player with a solid client portfolio and a commitment to innovation and excellence. Technically, the website is built on WordPress using the Enfold theme, enhanced with modern analytics tools such as Google Analytics and Microsoft Clarity, and employs Google reCAPTCHA for form security. The site is mobile-optimized, SEO-friendly, and includes comprehensive cookie consent mechanisms aligned with GDPR requirements. Performance is moderate with room for improvement in accessibility. From a security perspective, the site uses HTTPS and implements cookie consent and reCAPTCHA, but lacks explicit security headers and documented security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The domain registration details are consistent with the business claims, supporting legitimacy. Overall, Effectsoft presents a professional and trustworthy online presence with good privacy compliance and a solid technical foundation. Strategic improvements in security headers, incident response transparency, and accessibility would further enhance their security posture and user trust.

C

Comcenter

comcenter.se

35

Comcenter is a Swedish telecommunications company specializing in flexible business communication services including mobile subscriptions, broadband, coverage solutions, cloud-based telephone exchanges, and Teams telephony. Positioned as a regional B2B provider, Comcenter targets businesses seeking smarter and simpler communication solutions. The website reflects a mature digital presence with modern technologies such as WordPress, Elementor, WooCommerce, and integrated marketing and analytics tools like Google Tag Manager and Facebook Pixel. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response information are absent. Overall, Comcenter demonstrates a professional and trustworthy online presence aligned with its business objectives.

R

Refunder Scandinavia AB

refunder.se

48

Refunder Scandinavia AB operates a leading cashback platform in Sweden, offering users cashback rewards from over 1,200 online stores. The company positions itself as Sweden's largest cashback service with a strong user base exceeding 875,000 members. Key services include cashback on online purchases, a mobile app for tracking cashback, and promotional campaigns. The platform integrates secure login and payment methods such as BankID and Swish, enhancing user trust and security. Technically, the website employs modern frameworks like Laravel Livewire and Alpine.js, with Matomo analytics and Facebook SDK for marketing and tracking. The site is well-optimized for mobile and accessibility, with comprehensive privacy and cookie policies that comply with GDPR requirements. Security posture is strong with HTTPS, CSRF protection, and secure authentication, though additional security headers could be implemented. Overall, the website demonstrates a mature digital infrastructure and a trustworthy business model with clear contact information and positive user feedback.

F

Fyrbodals kommunalförbund

fyrbodal.se

33

Fyrbodals kommunalförbund is a regional municipal federation in Västra Götaland, Sweden, representing 14 member municipalities collaborating for sustainable regional development. The organization focuses on regional development, competence supply, welfare development, and political governance support, positioning itself as a key governmental entity in the region. The website reflects a professional and well-structured digital presence with comprehensive content tailored to its target audience of municipal stakeholders and residents. Technically, the site is built on WordPress with modern technologies including jQuery, Bootstrap, and FontAwesome, enhanced by SEO tools like Yoast and analytics via Matomo and Google Tag Manager. The site is mobile-optimized, accessible, and performs moderately well, supporting a positive user experience. From a security perspective, the site enforces HTTPS, avoids exposing sensitive data, and uses asynchronous loading for third-party scripts. However, it lacks explicit security headers and a published security or incident response policy. Privacy compliance is strong with clear GDPR-aligned privacy and cookie policies and a consent mechanism. Overall, the website demonstrates a high level of professionalism and trustworthiness with no critical security issues detected. Strategic recommendations include enhancing security headers, publishing incident response information, and considering a vulnerability disclosure policy to further strengthen security posture.

S

Sjöfartsverket

sjofartsverket.se

43

Sjöfartsverket is a Swedish government agency responsible for maritime accessibility, safety, and navigation services. The website presents a comprehensive overview of their services including navigational warnings, chart services, pilotage, and maritime rescue operations. The target audience includes professional mariners, the general public interested in maritime affairs, and government stakeholders. The agency holds a strong market position as the national maritime authority in Sweden, providing essential services under government mandate. Technically, the website employs a modern infrastructure with Episerver CMS, Matomo analytics for privacy-conscious tracking, and accessibility tools like ReadSpeaker. The site is mobile-optimized, well-structured, and includes SEO best practices. Performance is moderate with room for improvement in loading speed and security header implementation. From a security perspective, the site uses HTTPS and cookie consent mechanisms aligned with GDPR. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent. No critical vulnerabilities or blocking mechanisms were detected, indicating a mature security posture but with opportunities for enhancement. Overall, the website is professional, trustworthy, and compliant with privacy regulations. Strategic recommendations include publishing security policies, enhancing security headers, and formalizing vulnerability disclosure to further strengthen trust and security posture.

F

Formpipe Software AB

formpipe.com

46

Formpipe Software AB is a well-established technology company specializing in premium business software solutions tailored for mid-sized to large companies and public organizations, primarily in the banking and public sectors. Their offerings include document composition (Lasernet), digital preservation, and ERP solutions, positioning them as a key player in digital transformation and data relationship management. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support, targeting professional audiences in Sweden, Denmark, Germany, UK, and the USA. Technically, the website employs a modern technology stack including jQuery, Flickity, GSAP, Google reCAPTCHA, and Cookiebot for consent management, hosted likely on Microsoft Azure with Episerver CMS. Performance and mobile optimization are good, though accessibility could be improved. The site integrates extensive analytics and marketing tools such as Google Analytics, Matomo, Microsoft Dynamics Marketing, and social media pixels, indicating a sophisticated approach to user tracking and marketing. Security posture is strong with HTTPS enforced, use of anti-CSRF tokens, and reCAPTCHA on forms. However, explicit security headers are not clearly documented and no public security or incident response policies were found. Privacy compliance is robust with GDPR-aligned privacy and cookie policies, and a clear consent mechanism. Contact information is comprehensive, including multiple international offices, emails, and phone numbers. Overall, Formpipe demonstrates a high level of professionalism, trustworthiness, and compliance, with minor areas for improvement in security header implementation and accessibility. The domain WHOIS data aligns well with the business claims, supporting legitimacy and trust.

N

Nacka kommun

nacka.se

38

Nacka kommun operates as the official municipal government website serving over 100,000 residents in Nacka, Sweden. The site provides comprehensive information about municipal services including education, social support, urban development, and local politics. It targets residents, businesses, and visitors seeking municipal resources and engagement opportunities. The business model is public sector focused, delivering essential community services and governance information. Technically, the website is built on the EPiServer CMS platform, leveraging modern JavaScript frameworks, SVG icons, and Azure Application Insights for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Hosting appears to be on Microsoft Azure infrastructure, ensuring reliability and scalability. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully documented in the HTML, best practices are implied. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a published security policy or incident response contact, which could enhance transparency and trust. Overall, Nacka kommun's website is a professional, trustworthy, and well-maintained digital presence for a government entity. It balances user experience, compliance, and technical robustness effectively, supporting its role as a key information and service portal for the municipality.

1

1Office Estonia OÜ

1office.co

41

1Office Estonia OÜ is a medium-sized accounting and business services provider established in 2016, offering comprehensive support including accounting, company formation, tax registration, legal services, and virtual office solutions across seven countries in Northern and Eastern Europe. The company targets businesses looking to establish or manage operations locally or internationally, leveraging its multi-country expertise and digital service delivery. The website reflects a mature digital presence with professional design, clear navigation, and multi-language support. Technically, the site is built on WordPress with WooCommerce and integrates modern marketing and analytics tools such as Google Analytics, Facebook Pixel, Hotjar, and Microsoft Clarity, ensuring good performance and user tracking capabilities. Security posture is strong with HTTPS enforced, use of reCAPTCHA, and cookie consent mechanisms, although explicit security policies and incident response information are not published. Overall, the site demonstrates high trustworthiness and business credibility, supported by customer reviews and partner affiliations.

G

Granngården

granngarden.se

42

Granngården is a well-established Swedish retail and e-commerce company founded in 1880, specializing in products for animal owners, gardeners, and farmers. It operates over 100 physical stores alongside a comprehensive online platform, positioning itself as a leading provider in its sector. The company benefits from a strong brand presence, consistent customer engagement, and a broad product range tailored to its target audience. Technically, the website leverages modern technologies including Microsoft Azure, ASP.NET, Episerver CMS, and integrates advanced analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Google Tag Manager. Security measures are robust, with HTTPS enforcement, security headers, and secure form handling. Privacy compliance is well-managed through a detailed cookie consent mechanism and comprehensive privacy policies. Overall, the site demonstrates a mature digital infrastructure and a strong security posture, supporting its business credibility and customer trust.

F

FORCE Technology

madebydelta.com

41

Madebydelta is a technology-focused website representing a part of FORCE Technology, a large and established international consulting and service company. The company operates in multiple sectors including energy, environmental, electronics, pharmaceutical, food, maritime, and public sectors. The website offers detailed information about their services such as sensors, testing, consulting, and certification, targeting industrial clients. The technical infrastructure is based on a modern WordPress CMS with popular plugins and integrations including Google Analytics and Tag Manager, ensuring good digital maturity and performance. Security posture is solid with HTTPS, Cloudflare CDN, and a comprehensive cookie consent mechanism, although there is room for improvement in publishing explicit security policies and vulnerability disclosures. Overall, the website is professional, trustworthy, and GDPR compliant, supporting the company's market position and business credibility.

V

Veprox AB

veprox.se

30

Veprox AB is a Swedish technical consulting company specializing in product, process, and production development with a strong focus on sustainability and innovation. The company positions itself as a small but dynamic player with nearly two decades of experience, serving clients in automotive, offshore energy, medical technology, industrial sectors, and cybersecurity. Their business model emphasizes employee-driven project selection and delivering win-win-win outcomes for clients, consultants, and the company. Technically, the website is built on WordPress using the Avada theme and several plugins, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and email obfuscation, but lacks advanced security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy, but could improve in privacy and security transparency.

C

Capish

capish.com

48

Capish is a technology company specializing in software tools for visualization and exploration of clinical data. Their flagship products, including Capish Reflect and Capish Curation, enable users to query and structure complex clinical datasets without requiring coding skills. The company targets healthcare professionals and organizations seeking innovative data solutions to improve clinical research and collaboration. The website reflects a professional and consistent brand image with clear contact information and a focus on user-friendly data exploration. Technically, the website is built on WordPress using the Customizr Pro theme and Nimble Builder plugin, leveraging modern JavaScript libraries such as jQuery and Swiper.js. The site is mobile-optimized and provides a good user experience, although some accessibility features are basic. SEO practices appear adequate with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS (implied by external Office365 booking links), but lacks visible security headers and published security policies. There is no cookie consent mechanism detected, which may impact GDPR compliance. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency. Overall, the website is trustworthy and professionally maintained, with a solid business focus and technical foundation. Enhancements in privacy compliance and security policy publication would strengthen the site's security posture and regulatory adherence.

S

Suzuki Sverige

suzuki.se

39

Suzuki Sverige operates as the official Swedish portal for Suzuki products, providing navigation to specialized sites for automobiles, motorcycles, marine products, and ATVs. The website serves primarily as a brand presence and gateway for Swedish customers interested in Suzuki offerings. The technical infrastructure is basic, relying on a legacy CMS (Waxtrapp) and custom JavaScript, with Google Analytics integrated for visitor tracking. The site lacks modern web standards such as HTTPS, mobile optimization, and accessibility features, indicating a low digital maturity level. Security posture is weak, with no visible security headers or privacy policies, and no secure forms or contact mechanisms. Overall, the site presents moderate trustworthiness but requires significant improvements in security and compliance to meet current standards.

C

Consilium Safety

consilium.se

43

Consilium Safety is a globally recognized leader specializing in fire, flame, and gas safety solutions primarily serving the shipping, transportation, offshore, and property sectors. The company offers a comprehensive portfolio of safety products and digital services designed to enhance safety management and operational control. Their market position is strong, supported by a professional and content-rich website that reflects their expertise and commitment to safety innovation. The technical infrastructure is based on a modern WordPress CMS with multilingual support and integrated analytics and consent management tools, indicating a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. Overall, the website demonstrates a high level of professionalism and trustworthiness, with clear business focus and compliance with privacy regulations.

S

System Verification

systemverification.com

49

System Verification is a well-established global software quality assurance company specializing in advanced quality monitoring and analytics, leveraging AI insights to enhance end-user experiences. With over 22 years in the QA business and a workforce exceeding 300 employees, the company positions itself as a strategic partner focusing on innovation, efficiency, and security. Their service portfolio includes Quality AI, expert QA for digital transformation, tailored quality assessments, flexible subscription services, and dedicated teams, targeting businesses seeking to improve software quality and delivery. Technically, the website is built on WordPress with integrations of HubSpot for forms and analytics, Google Analytics, Google Tag Manager, and various marketing pixels. The site demonstrates good SEO practices, mobile optimization, and a modern tech stack, although some performance and accessibility improvements could be made. The presence of a comprehensive cookie consent mechanism and privacy policy indicates a mature approach to privacy compliance. From a security perspective, the site uses HTTPS and implements consent-based tracking controls but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The domain registration details align well with the company's claimed history and location, supporting its legitimacy. Overall, System Verification's website reflects a professional, trustworthy, and privacy-conscious organization with a solid market position in the technology sector. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen their security posture and compliance.