Security Directory

A

Auxality

fondlista.se

0

Auxality is a specialized SaaS provider focused on automating operational workflows and financial data management for asset managers. Their platform aims to simplify complex regulatory and reporting challenges in the financial industry. The company targets asset managers and financial institutions, offering automated reporting, platform transformation, data visualization, and advisory services. Technically, the website is built on a modern stack using Next.js and React, hosted on AWS infrastructure. However, the absence of a valid SSL certificate and HTTPS severely undermines the security posture, exposing users to risks. Privacy and cookie policies are well documented, and contact mechanisms are available via email and form, but no phone or physical address is provided. Overall, the site is professional and content-rich but requires urgent security improvements.

S

Storebrand Fonder AB (publ)

storebrandfonder.se

0

Storebrand Fonder AB (publ) operates a professional website focused on sustainable investment funds in Sweden, positioning itself as one of the largest fund companies after major banks. The site offers a broad range of funds with a strong emphasis on ESG criteria and low fees, targeting private and corporate investors. Technically, the website uses modern frameworks such as Blazor and integrates with Salesforce and various marketing and analytics tools, hosted on Microsoft Azure DNS infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly weakens the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user consent mechanisms. Overall, the website is professionally designed and trustworthy but requires urgent security improvements to protect user data and enhance trust.

M

Malmö Designer Village

malmodesignervillage.com

0

Malmö Designer Village is a premium retail outlet project positioned as the largest outlet in Scandinavia and the first premium outlet village serving the Greater Copenhagen region. The business model focuses on offering discounted fashion and lifestyle brands to residents and tourists in the Malmö and Copenhagen area. The website is built on the Squarespace platform, featuring professional design and clear navigation but lacks a valid SSL certificate, resulting in no HTTPS support. This is a critical security shortfall. The site includes a contact form for inquiries but does not provide explicit email addresses or phone numbers. Privacy compliance is minimal, with a basic privacy policy page but no cookie consent mechanism. Social media presence is limited to LinkedIn. Overall, the site demonstrates moderate digital maturity but requires significant security improvements to protect user data and build trust.

H

Hermes Medical Solutions

hermesmedical.com

0

Hermes Medical Solutions is a Sweden-based company specializing in molecular imaging and nuclear medicine software solutions. Their flagship product, Hermia, is a comprehensive, vendor-neutral molecular imaging software suite designed to streamline workflows and enhance diagnostic precision. The company positions itself as a global leader in this niche, serving healthcare professionals and institutions with advanced dosimetry and imaging tools. The website reflects a professional and modern digital presence, featuring rich multimedia content, customer testimonials, and detailed product information. Technically, the site leverages Umbraco CMS, integrates Cookiebot for GDPR-compliant cookie management, and uses Google Tag Manager and Leadoo chat for analytics and marketing. Security practices are robust, with HTTPS enforced, CSRF protection cookies, and no visible vulnerabilities. However, the site lacks explicit security and incident response policies. Overall, the website demonstrates a mature digital infrastructure with good privacy compliance and strong business credibility.

Karolinska.se represents the digital presence of two leading Swedish healthcare and medical education institutions: Karolinska Universitetssjukhuset (University Hospital) and Karolinska Institutet (Medical University). The website serves as a bilingual landing page directing visitors to either institution's dedicated site, targeting patients, healthcare professionals, researchers, students, and partners. The business model is public healthcare and education, with a strong market position as a leading European hospital and world-renowned medical university. Technically, the site uses modern JavaScript and Azure Application Insights for monitoring, hosted likely on Microsoft Azure infrastructure. The design is professional and mobile-optimized, though accessibility and SEO features are basic. Security posture is moderate, with no visible security headers or explicit HTTPS confirmation in the provided data, and no privacy or cookie policies present. No contact or incident response information is provided, limiting transparency. Overall, the site is credible and functional but would benefit from enhanced security and compliance features.

Hexagon AB is a global leader in industrial measurement technologies and digital solutions, serving a wide range of sectors including manufacturing, energy, transportation, and government. The website reflects the integration of Intergraph into Hexagon, highlighting divisions such as Asset Lifecycle Intelligence and Safety, Infrastructure & Geospatial. The company offers comprehensive products and services aimed at improving operational efficiency, safety, and sustainability. The digital infrastructure is modern, leveraging technologies like Bootstrap, Sitecore CMS, and advanced analytics tools with strong privacy compliance mechanisms. Security posture is robust with HTTPS enforcement and cookie consent management, though explicit security headers should be verified. Overall, the website demonstrates a mature digital presence aligned with enterprise standards.

S

Sweco

swecogroup.com

0

Sweco is a leading European architecture and engineering consultancy specializing in sustainable urban development, infrastructure, energy, and water solutions. With a workforce of 22,000 experts, the company serves a broad client base including public and private sectors, emphasizing sustainability and innovation. The website reflects a mature digital presence with comprehensive content, investor relations, and sustainability reporting. Technically, the site is built on WordPress with modern plugins and scripts, but suffers from a critical security flaw due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which undermines user trust and security. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, Sweco's digital footprint is professional and content-rich but requires urgent remediation of its SSL/TLS configuration to meet security best practices.

A

Aura Light International AB

auralight.com

0

Aura Light International AB is a well-established company specializing in sustainable and energy-efficient lighting solutions for professional environments such as public spaces, industry, and retail. The company offers a broad range of products including luminaires, light sources, and smart lighting control systems, positioning itself as a leading player in the Nordic and international markets. The website reflects a professional B2B business model with clear product segmentation and customer engagement channels. Technically, the website is built on the Litium e-commerce platform with integrations such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is well-structured, mobile-optimized, and SEO-friendly, although performance metrics are not available. Hosting appears to be via Fastly CDN with Varnish caching. From a security perspective, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability impacting user trust and data security. Security headers are partially implemented, but modern TLS protocols are disabled. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Contact information is readily available, but no explicit security policy or incident response details are found. Overall, Aura Light's website demonstrates solid business credibility and content quality but requires urgent improvements in SSL/TLS configuration to enhance security posture and user trust. Strategic recommendations include installing a valid SSL certificate, enabling modern TLS protocols, and publishing incident response contacts to strengthen security transparency.

SPP Pension & Försäkring AB is a well-established Swedish financial services company specializing in pension, savings, and insurance solutions for both private individuals and businesses. The website reflects a mature digital presence with comprehensive content tailored to its Swedish audience, emphasizing sustainable and accessible pension products. The company operates under the parent company Storebrand, reinforcing its market position in the Nordic financial sector. Technically, the site leverages modern frameworks such as Blazor Server and integrates multiple third-party marketing and analytics tools, including Google Tag Manager, Hotjar, and Salesforce platforms. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the site's security posture. While privacy and cookie policies are well implemented with consent mechanisms, no explicit security policy or incident response contacts are found. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

Softwerk AB is a medium-sized software development company based in Växjö, Sweden, founded in 2008. The company specializes in advanced software solutions including mobile app development, web development, system development, integration, AI & machine learning, and big data. Their market position is that of a regional technology provider with strong ties to academic research and commercial innovation. The website presents a professional image with clear service offerings and client references. Technically, the site uses PHP and nginx, with Google Fonts and Google Analytics integrated. However, the website lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security deficiency. Security headers are partially implemented but the absence of TLS protocols and OCSP stapling reduces the security posture. Privacy and cookie policies exist but are basic, with no explicit GDPR compliance statements or incident response policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Chalmers tekniska högskola is a prestigious Swedish technical university founded in 1829, specializing in education and research in technology, natural sciences, transportation, and energy sectors. The institution offers a wide range of undergraduate and graduate programs, conducts cutting-edge research, and actively collaborates with industry and society. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency, targeting students, researchers, and partners. Technically, the site leverages modern frameworks such as Next.js and React, with a CMS likely based on Umbraco. However, performance data is limited, and some improvements could be made in hosting and optimization. Security posture is weakened by the lack of a valid SSL certificate and absence of DNSSEC and CAA records, which are critical for protecting user data and ensuring trust. Privacy compliance is well addressed with detailed policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security enhancements to meet best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Arjo is a well-established global healthcare company specializing in medical devices and solutions aimed at improving mobility and care for patients with reduced mobility and age-related health challenges. The company operates in over 100 countries with a large workforce and offers a broad portfolio including patient handling equipment, medical beds, hygiene solutions, disinfection products, and prevention systems for pressure injuries and venous thromboembolism. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design tailored to healthcare providers and institutions. Technically, the website leverages modern web technologies including Episerver CMS, Azure hosting, and multiple analytics and marketing tools such as Google Analytics, Siteimprove, Hotjar, and Microsoft Application Insights. The site is hosted on Microsoft Azure with Cloudflare CDN, ensuring global availability and performance. However, performance metrics were not available, and accessibility is rated as basic, suggesting room for improvement. From a security perspective, the site implements several important HTTP security headers and a detailed Content Security Policy. Nevertheless, the SSL certificate is currently invalid or missing, which is a critical vulnerability that undermines user trust and data security. HSTS is configured but not fully enabled, and session resumption mechanisms are absent. No known vulnerabilities or malware were detected, and no WAF or blocking mechanisms interfere with site access. Overall, the website demonstrates strong business credibility and privacy compliance with clear policies and consent mechanisms. The main risk lies in the SSL certificate issue, which should be addressed promptly to maintain security posture and user confidence. Strategic recommendations include renewing the SSL certificate, enabling full HSTS, and enhancing accessibility and performance monitoring.

A

ANWR Norden AB

anwr.se

0

ANWR Norden AB operates as a leading organization in the voluntary shoe retail sector in the Nordic region, founded in 1919 in Hamburg, Germany. The company connects shoe retailers with top brands and offers a portfolio of services tailored to the needs of trade and industry, including financial services through its own bank, DZB Bank. The website reflects a medium-sized enterprise with a clear business model focused on membership services and retail support. Technically, the website uses standard web technologies and a consent management platform but suffers from slow load times and lacks modern CMS or frameworks. Security posture is weak due to the absence of a valid SSL certificate and modern TLS protocols, despite the presence of HSTS headers. The lack of DMARC, DNSSEC, and other DNS security features further reduces security maturity. Privacy compliance is basic with a privacy policy present but no strong GDPR indicators. Overall, the site is functional but requires significant improvements in security and performance to meet modern standards.

I

IKG Group AB

ikg.se

0

IKG Group AB is a mature Swedish technical consulting company specializing in engineering services for product development firms. With over 28 years of domain age and a presence in ten Swedish cities, the company offers a broad range of engineering disciplines including software development, mechanics, IT systems, electrical construction, and project management. The website reflects a professional business with consistent branding and a clear focus on technical consulting services. Technically, the site uses an older jQuery-based stack combined with modern analytics tools like Google Analytics and Tag Manager. However, the website suffers from significant security shortcomings, notably the absence of HTTPS and a valid SSL certificate, which exposes visitors to risks and reduces trust. Privacy compliance is basic, with a cookie consent banner present but no visible privacy policy or terms of service. The business information is clear and consistent with WHOIS data, supporting legitimacy. Overall, the site is functional but requires urgent security improvements to protect users and enhance credibility.

G

Grassfish

grassfish.com

0

Grassfish is a mature and established digital in-store platform and consulting company headquartered in Sweden, with additional presence in Austria. The company offers a comprehensive suite of digital signage and customer experience solutions tailored for retail brands and stores, positioning itself as the leading digital in-store platform in Europe trusted by over 500 brands. Their business model combines a SaaS platform with strategic, technical, and operational consulting services, targeting brands seeking to enhance their physical retail environments with digital innovation. Technically, the website is built on WordPress, leveraging modern web technologies and CDNs for content delivery, but currently suffers from critical SSL/TLS misconfigurations that undermine secure communications. The security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocols, posing significant risks to data confidentiality and user trust. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies aligned with GDPR requirements. Overall, while the business and content quality are excellent, the critical security gaps notably reduce the website's trustworthiness and require urgent remediation. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security headers and session management to safeguard user data and maintain compliance.

N

Nederman Holding AB

nederman.com

0

Nederman Holding AB is a well-established global leader in industrial air filtration and environmental technology, with a history dating back to 1944. The company offers a comprehensive range of products and services focused on protecting people, the environment, and production processes from harmful industrial emissions. Their market position is strong, supported by multiple subsidiaries and a broad product portfolio including dust and fume extraction systems and connected IIoT solutions. Technically, the website is built on a modern stack including Bootstrap, jQuery, and Sitecore CMS, hosted via Cloudflare, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Privacy compliance is partially addressed through OneTrust cookie consent, but no explicit GDPR or security policies are found. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

Elekta is a global enterprise specializing in precision radiation medicine and cancer care solutions. Their website showcases a comprehensive portfolio of products including radiation therapy machines, stereotactic radiosurgery, oncology software, brachytherapy, and neurosurgery systems. The company targets clinicians, healthcare providers, and patients seeking advanced cancer treatment technologies. Elekta maintains a strong market position as a leader in healthcare technology with a professional and consistent brand presence. Technically, the website is hosted on AWS infrastructure using modern web technologies and includes advanced tracking and marketing tools such as Matomo and Pardot. However, the security posture is weakened by an invalid SSL certificate and disabled TLS protocols, which are critical issues that must be addressed to ensure secure communications. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the website is professional, trustworthy, and content-rich but requires urgent SSL/TLS remediation to improve security and user trust.

A

Ashoka

ashoka.org

0

Ashoka is a globally recognized non-profit organization dedicated to supporting social entrepreneurs and changemakers. The website reflects a mature digital presence with comprehensive content, clear calls to action, and a strong community focus. The technical infrastructure leverages Drupal 10 CMS and Cloudflare for hosting and delivery, ensuring good performance and accessibility. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site demonstrates high professionalism and business credibility but requires urgent security improvements to meet modern standards.

W

Wellspect HealthCare

wellspect.com

0

Wellspect HealthCare is a global MedTech company specializing in continence care solutions, supporting individuals with urinary and bowel dysfunction through innovative products and educational resources. The company holds a strong market position with over 40 years of industry experience and operates under the parent company Dentsply Sirona. Their website reflects a professional and consistent brand image targeting carers, specialists, and new users in continence care. Technically, the website employs modern analytics and marketing tools such as Microsoft Application Insights, Google Tag Manager, and Salesforce Lightning, hosted behind Cloudflare. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security flaw, severely impacting the site's security posture. Privacy compliance is partial, with a comprehensive privacy policy present but lacking a cookie consent mechanism despite active tracking scripts. Overall, the website offers excellent content quality and user experience but requires urgent security improvements to protect user data and enhance trust.

B

Bona AB

bona.com

0

Bona AB is a well-established family-owned company founded in 1919, specializing in manufacturing and distributing premium floor installation, renovation, and maintenance products globally. The company operates in over 90 countries with a strong focus on sustainability and product quality. Their website targets professional installers, homeowners, and distributors, offering comprehensive product lines and training. Technically, the website uses modern JavaScript frameworks (React), integrates multiple analytics and marketing tools, and is hosted behind Cloudflare. However, a critical security gap exists as the site lacks a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is strong with clear policies and cookie consent mechanisms. Business credibility is high with transparent contact information and consistent branding. Overall, the site is professional but requires urgent security improvements.

S

Sandvik AB

sandvik.com

0

Sandvik AB is a global, high-tech engineering group headquartered in Sweden, specializing in products and solutions for mining, rock excavation, rock processing, and metal cutting. The company emphasizes innovation, digitalization, and sustainability to enhance productivity and profitability in manufacturing, mining, and infrastructure sectors. The website reflects a mature enterprise with comprehensive investor relations, sustainability governance, and career opportunities, targeting industry professionals, investors, and job seekers. Technically, the site uses modern analytics and consent management tools, hosted on Cloudflare, with good mobile optimization and accessibility. However, a critical security issue exists due to an invalid SSL certificate and disabled TLS protocols, significantly impacting the security posture. Privacy compliance is strong with clear cookie consent and data privacy policies. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS to ensure secure communications.

Komatsu Forest is a mature and established manufacturer specializing in forestry machinery and related services, operating primarily out of Sweden. The company offers a broad range of forest machines including harvesters, forwarders, harvester heads, and forestry excavators, complemented by digital solutions such as Smart Forestry and a comprehensive spare parts and training service portfolio. Their market position is strong as a leading global player in forestry equipment, supported by a consistent brand presence and clear communication channels. Technically, the website is built on a Sitecore CMS platform with a technology stack including jQuery, Bootstrap, and Google Fonts. While the site is well-structured, mobile-optimized, and SEO-friendly, it lacks a valid SSL certificate, which significantly impacts its security posture. Performance metrics are incomplete, but the site shows good design and user experience qualities. From a security perspective, the absence of HTTPS and related security headers is a critical vulnerability that exposes users to risks such as data interception. The site does implement privacy and cookie policies with consent mechanisms, indicating awareness of GDPR compliance. However, there is no visible incident response or vulnerability disclosure policy, and no security certifications are presented. Overall, the website is professional and credible but requires urgent security improvements, particularly the implementation of a valid SSL certificate and enhanced security headers, to protect users and improve trustworthiness.

S

Spoon

spoon.se

0

Spoon is a well-established Swedish communications agency specializing in strategic and creative marketing services including storytelling, video production, and social media management. The company has a mature market presence with over 26 years of operation and is part of a larger agency network, People People People, enhancing its regional reach. The website reflects a professional and modern digital presence built on WordPress, with good SEO and user experience design. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Cookie consent is managed effectively via Cookiebot, but no privacy policy or terms of service pages were found, indicating compliance gaps. Contact information is clearly provided, supporting business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

S

Svenska Cellulosa Aktiebolaget SCA (publ)

sca.com

0

SCA (Svenska Cellulosa Aktiebolaget) is a large enterprise operating primarily in the forestry, energy, and logistics sectors, with a strong focus on sustainability and renewable resources. The company manages Europe's largest private forest holdings and offers a comprehensive value chain including forest services, wood products, containerboard, renewable energy, pulp, and logistics. The website is professionally designed, content-rich, and well-structured, targeting stakeholders such as forest owners, investors, customers, and job seekers. Technically, the site uses modern JavaScript modules, SVG graphics, and is hosted behind Cloudflare, but lacks a valid SSL certificate, resulting in no HTTPS support which is a critical security concern. Privacy and cookie policies are present and indicate GDPR compliance, and the site uses Piwik PRO for analytics with moderate user tracking. The security posture is weak due to the absence of HTTPS and modern TLS protocols, no HSTS, and no OCSP stapling. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

S

Sandvik AB

home.sandvik

0

Sandvik AB operates a comprehensive global website presenting itself as a leading high-tech engineering group specializing in mining, manufacturing, and infrastructure solutions. The site targets industrial customers, investors, and job seekers with detailed business and investor information, sustainability commitments, and career opportunities. The technical infrastructure leverages modern JavaScript frameworks, Azure Application Insights for telemetry, and OneTrust for cookie consent, hosted behind Cloudflare CDN. However, the website suffers from a critical security flaw: the SSL certificate is invalid or missing, and no TLS protocols are enabled, severely impacting the security posture. Despite this, the site implements strong security headers and privacy mechanisms, including GDPR-compliant policies and cookie consent banners. The domain registration is consistent with the business identity, mature, and trustworthy. Overall, the website is professionally designed, content-rich, and well-branded but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

A

Active Solution Sverige AB

activesolution.se

0

Active Solution Sverige AB is a well-established Swedish technology consulting company founded in 1998, specializing in system development, cloud-based solutions, artificial intelligence, and digital transformation. The company holds recognized Microsoft Solutions Partner Designations and a specialization in building and modernizing AI applications with Microsoft Azure, indicating strong technical expertise and market positioning. Their website reflects a professional and content-rich presence, targeting businesses seeking innovative digital solutions and cloud transformation services. Technically, the site is built on Squarespace with integrations of HubSpot and Google Tag Manager for marketing and analytics, but suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. While cookie consent mechanisms are implemented, the absence of privacy and terms of service policies indicates incomplete privacy compliance. Overall, the business appears credible and mature, but immediate attention is needed to secure the website with proper SSL/TLS configuration to protect visitors and maintain trust.

Ö

Öresundskraft AB

oresundskraft.se

0

Öresundskraft AB is a well-established Swedish energy company with over 160 years of history, providing a broad range of energy and communication services including electricity, district heating, gas, fiber internet, solar cells, battery solutions, and electric vehicle charging. The company targets both private consumers and businesses, positioning itself as a regional leader in sustainable and renewable energy solutions. The website reflects a professional and comprehensive digital presence with clear navigation, rich content, and strong branding consistency. Technically, the site is built on ASP.NET MVC hosted on Microsoft Azure, utilizing modern marketing and analytics tools such as Usercentrics CMP, Weglot for translations, Google Tag Manager, and Microsoft Application Insights. Accessibility and mobile optimization are well addressed. However, a critical security weakness is the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly undermines user security and trust. Privacy compliance is strong with clear GDPR and cookie policies and consent mechanisms. Business credibility is high with transparent contact information and active social media engagement. Strategic recommendations include immediate implementation of HTTPS, enhancement of security headers, and publication of security policies and incident response information to improve overall security posture and trust.

The website frau.se is a minimal placeholder site that uses a frameset to redirect visitors to an external Tumblr blog (fraublog.tumblr.com). There is no substantive content, metadata, or business information on the site itself. The domain is mature, registered since 2009, and hosted by Loopia AB in Sweden, but the website lacks modern web security practices, including HTTPS encryption and security headers. No privacy or cookie policies are present, and no contact or business details are provided, which significantly limits trust and credibility. The technical infrastructure is basic, running on PHP 8.1.30 with nginx, but without SSL/TLS or performance optimizations. Overall, the site appears underdeveloped or abandoned, serving primarily as a redirect.

B

Bufab International AB

bufab.com

0

Bufab International AB operates as a global supply chain partner specializing in C-parts for manufacturing industries. Their website presents a comprehensive portfolio of services including supplier management, logistics, quality assurance, and sustainability consulting. The company targets manufacturing purchasers seeking to optimize their C-parts supply chain. Technically, the website is built on HubSpot CMS with integrations for marketing and analytics, delivering a professional and content-rich user experience. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which is critical for secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professionally maintained but requires urgent security improvements to protect user data and enhance trust.

E

efficy

tribecrm.se

0

Tribe CRM, operated by efficy, offers a comprehensive, customizable CRM platform designed to help businesses grow by streamlining customer relationship management, sales, marketing, and project management processes. The platform integrates AI-driven tools and supports seamless integration with popular business applications, targeting medium-sized enterprises primarily in Sweden and surrounding markets. The website is professionally designed with rich content, multiple language support, and clear calls to action, reflecting a mature digital presence. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and HTTPS, which severely undermines user trust and data security. Despite extensive use of analytics and marketing tools with consent mechanisms, the lack of HTTPS and security headers poses significant risks. Overall, the business appears legitimate and well-positioned in the CRM market, but urgent improvements in security posture are necessary to protect users and comply with best practices.

A

APSIS

apsis.se

0

APSIS is a Swedish technology company specializing in marketing technology solutions, offering a comprehensive SaaS platform called Apsis One that integrates AI-driven email marketing, marketing automation, SMS marketing, event management, and CRM integrations. The company targets modern marketers and businesses seeking to optimize their digital marketing efforts with data-driven tools. The website is professionally designed, content-rich, and well-structured, providing clear navigation and multiple calls to action such as free trials and demos. Technically, the site uses Drupal 10 CMS and integrates popular marketing and tracking technologies including Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Security headers are present but the absence of TLS protocols and valid certificates significantly lowers the security posture. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms implemented. Contact information is primarily via contact forms; no explicit emails or phone numbers were found. WHOIS data is consistent with the business claims, showing no suspicious registration patterns. Overall, the site demonstrates good business credibility and privacy compliance but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

A

APSIS

apsis.com

0

Apsis is a Swedish-based technology company providing a comprehensive AI-driven marketing platform called Apsis One. The platform offers tools for email marketing, marketing automation, SMS, surveys, forms, event management, and CRM integrations, targeting marketers and businesses seeking to optimize customer engagement and campaign effectiveness. The website is professionally designed with excellent content quality and clear navigation, supporting a strong market position in the marketing technology sector. Technically, the site uses Drupal 10 CMS and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the security posture. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policies or incident response information is found. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness.

APSIS Pro operates as a specialized platform focused on email marketing and newsletter management, serving a broad Nordic and Hong Kong customer base. The company is part of the Efficy group and maintains regional support offices with dedicated contact points, indicating a medium-sized, established business with a clear B2B SaaS model. The website content is minimal but functional, primarily providing login access and customer support information. Technically, the site is hosted on AWS and uses legacy JavaScript libraries, with moderate performance and basic SEO and accessibility features. However, the absence of a valid SSL certificate and HTTPS support severely undermines the security posture, exposing users to risks and reducing trust. No privacy or cookie policies are present, indicating compliance gaps. The domain is mature and well-registered, supporting the legitimacy of the business. Strategic improvements in security, privacy compliance, and modernization of the technology stack are recommended to enhance trust and operational resilience.

T

Talentech

reachmee.com

0

Talentech operates a mature and comprehensive recruitment and HR SaaS platform targeting growing companies and public sector organizations primarily in Sweden and the Nordic region. The platform offers integrated recruitment, onboarding, HR management, and AI-driven decision support services, positioning itself as a top-ranked solution with a large user base and extensive customer testimonials. Technically, the website is built on WordPress with common SEO and performance plugins, but suffers from a critical lack of a valid SSL certificate and slow page load times, which negatively impact security and user experience. Privacy policies and GDPR compliance are well addressed, with clear cookie and terms of service pages. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Overall, while the business and content quality are strong, the security posture requires urgent improvement to meet modern standards.

I

ICEHOTEL

icehotel.com

0

ICEHOTEL is a unique hospitality business based in Sweden offering an iconic ice and snow hotel experience combined with art exhibitions and Arctic adventures. The company holds a strong market position as a niche Arctic tourism provider with a medium-sized operation and a history dating back to 1989. The website is professionally designed with excellent content quality and clear navigation, targeting tourists seeking unique Arctic experiences. Technically, the site uses Drupal 10 CMS with modern JavaScript frameworks and libraries, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security flaw. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. Social media presence is robust across major platforms, enhancing trust and engagement.

T

twoday

twoday.se

0

twoday is a large Nordic IT consultancy specializing in IT consulting, data and AI, software engineering, digital experiences, business applications, and cloud platforms with security focus. The company serves over 8,000 clients in both public and private sectors, supported by a team of 2,700 technology experts. The website is professionally designed, content-rich, and well-structured, targeting large and medium-sized organizations primarily in Sweden and the Nordic region. Technically, the site uses HubSpot CMS, Bootstrap, jQuery, and modern JavaScript libraries, hosted behind Cloudflare. However, the SSL/TLS configuration is currently invalid or missing, which significantly impacts the security posture. Security headers are present but cannot compensate for the lack of valid HTTPS. Privacy compliance is strong with a clear privacy policy, cookie policy, and consent mechanisms implemented via Cookiebot. Contact information is clearly provided including email, phone, and a contact form. Overall, the site is professional and trustworthy but requires urgent SSL/TLS fixes to improve security and trust.

Jönköping University is a large, well-established educational institution in Sweden with a strong international profile, offering higher education programs, research activities, and collaboration opportunities. The website reflects a professional and consistent brand with good content quality and user experience, targeting students, researchers, and academic partners. Technically, the site uses SiteVision CMS with React frameworks and integrates modern analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Adform. However, the website suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in a basic SSL configuration and lack of HTTPS enforcement. This significantly impacts the security posture and overall trustworthiness of the site. Privacy compliance is strong, with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Contact information and social media presence further enhance business credibility.

N

New Work SE

new-work.se

0

New Work SE is a large technology company focused on shaping the future of work through its portfolio of strong brands including XING, kununu, onlyfy, and InterNations. The company operates primarily in the German-speaking market, providing recruitment, employer branding, and global networking services. Their website reflects a professional and consistent brand image with comprehensive content aimed at professionals and companies seeking talent solutions. Technically, the website uses modern technologies such as Algolia for search, Usercentrics for consent management, and Adobe Analytics for tracking. Hosting is on Amazon AWS infrastructure. Security posture is solid with HTTPS, SPF, and DMARC configured, though improvements like HSTS and OCSP stapling are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy and professional, though performance optimization could enhance user experience.

O

one.com Group AB

dogado.group

0

group.one is a leading European technology company specializing in empowering small and medium-sized businesses (SMBs) with AI-powered website building, SaaS products, hosting, and digital marketing solutions. With a portfolio of local and global brands, the company serves over 2 million customers across 15 countries, positioning itself as a trusted partner for SMB digital success. The business model focuses on integrated digital tools that support the entire customer journey from online presence to commerce and growth. Technically, the website leverages modern frameworks such as React and Next.js, integrates AI capabilities via OpenAI, and supports WordPress platforms, reflecting a mature digital infrastructure. Security posture is adequate with TLS 1.2 and strong cipher suites, but lacks advanced features like HSTS, OCSP stapling, and TLS 1.3, which are recommended for enhanced protection. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are not explicitly detected. Overall, the website is professional, content-rich, and trustworthy, with room for security improvements to further strengthen its posture.

S

Storytel AB (publ).

storytelgroup.com

0

Storytel AB operates one of the world's largest audiobook and e-book streaming platforms, serving over 2.3 million subscribers with a vast catalog in multiple languages. The company combines digital streaming with print publishing, positioning itself as a leading media entity in Sweden and internationally. Their website reflects a mature digital presence with strong investor relations and corporate governance transparency. Technically, the site is built on WordPress with Bootstrap, hosted via Cloudflare, and integrates Cookiebot for GDPR-compliant cookie management and Google Tag Manager for marketing analytics. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security weaknesses. The site also exhibits slow load times, which could impact user experience and SEO. Security headers are minimal, with only SPF and DMARC configured, and no advanced protections like HSTS or CSP are present. Overall, while the business and content quality are excellent, the security posture requires urgent improvement to protect user data and maintain trust.

B

Bundler Solutions AB

bundlersolutions.com

0

Bundler Solutions AB operates a technology platform that enables resellers to offer multiple subscription services through a single integration, streamlining distribution partnerships. Positioned as a scalable and efficient solution, the company targets resellers and content providers seeking to expand their product portfolios with minimal technical overhead. The business is part of the Adtraction Group and maintains partnerships with notable brands such as NordVPN, Storytel, and Readly. Technically, the website leverages modern JavaScript frameworks, AWS DNS hosting, and Google Tag Manager for analytics and marketing. Performance is moderate with room for optimization. Security posture is good with strong TLS configurations and SPF/DMARC email protections; however, improvements are needed in HSTS enforcement, OCSP stapling, DNSSEC, and certificate transparency compliance. Overall, the website presents a professional and trustworthy front with clear contact information and privacy compliance mechanisms.

D

DEKRA Industrial AB

dekra-industrial.se

0

DEKRA Industrial AB is a medium-sized Swedish company specializing in inspection, testing, certification, and training services primarily for industrial sectors such as energy and transportation. The company positions itself as a global partner committed to safety and quality, currently migrating its web presence to a consolidated platform at dekra.se to improve user experience and service accessibility. The website is built on Drupal CMS with a modern front-end stack including jQuery and Typekit fonts, hosted on Google Cloud infrastructure. Security posture is solid with valid SSL certificates and HSTS enabled, though it lacks support for modern TLS protocols and DNS security features. The site employs cookie consent mechanisms and integrates Google Analytics for user tracking with moderate privacy compliance. Contact options include phone and a detailed contact form, but no direct email addresses are publicly listed. Social media presence on Facebook and LinkedIn supports brand trust. Overall, the digital maturity is good with room for security enhancements and improved compliance documentation.

D

DEKRA Bilbesiktning

dekra-bilbesiktning.se

0

DEKRA Bilbesiktning is a leading vehicle inspection service provider in Sweden and Europe, offering a wide range of inspection and testing services including battery tests for electric vehicles and registration inspections. The company leverages a robust digital infrastructure built on WordPress with modern optimization and analytics tools, ensuring a good user experience and SEO performance. Security measures include valid SSL certificates and essential security headers, though TLS protocols are outdated and could be improved. The website demonstrates compliance with GDPR through comprehensive privacy and cookie policies and implements user consent mechanisms. However, explicit security policies and incident response information are not publicly available, indicating areas for enhancement. Overall, DEKRA Bilbesiktning maintains a professional and trustworthy online presence with strong market positioning in the transportation sector.

D

DEKRA

dekra.se

0

DEKRA is a large, well-established company founded in 1925, specializing in safety-related services including inspection, testing, certification, and consulting across multiple sectors such as energy, transportation, and manufacturing. The company holds a strong market position as a global leader in safety expertise with a comprehensive service portfolio and a consistent brand presence. Technically, the website is built on modern frameworks like Nuxt.js and Vue.js, hosted on Microsoft Azure, and employs a variety of analytics and marketing tools while maintaining good security practices including HSTS and strong content security policies. The security posture is solid with no critical vulnerabilities detected, though improvements in TLS protocol support and security headers are recommended. Overall, DEKRA demonstrates a mature digital presence with excellent content quality, user experience, and compliance with privacy regulations such as GDPR.

G

Gamblers Anonymous Sverige

gamblersanonymous.se

0

Gamblers Anonymous Sweden operates as a non-profit support community dedicated to helping individuals with gambling addiction through meetings and digital programs. The website serves as a platform to provide information and facilitate access to support services, targeting Swedish-speaking individuals seeking assistance. The organization maintains a clear mission with a focus on community and recovery, without commercial or membership fees. Technically, the site is built on the Wix platform utilizing modern frameworks such as React 18, ensuring a good user experience on desktop but with limited mobile responsiveness. Security measures include HSTS and secure cookie settings; however, the SSL certificate is invalid, representing a significant risk. The absence of explicit privacy, cookie, and terms of service policies indicates compliance gaps. Overall, the site demonstrates moderate digital maturity with room for improvement in security and compliance.

G

Gaming Associates Europe AB

gamingassociates.se

0

Gaming Associates Europe AB is a specialized certification body accredited under ISO/IEC 17065:2012, focusing on online gambling systems certification in Sweden. They hold the distinction of being the first SWEDAC accredited certification body in this domain, providing product certification, testing, and ISMS assessments through trusted partners. Their services ensure compliance with Swedish gambling regulations, targeting online gambling operators seeking regulatory approval. Technically, the website is built on WordPress with modern plugins and optimized for performance and mobile use, though there are notable security configuration gaps in SSL/TLS protocols. The company maintains a professional online presence with clear contact information and social media engagement on LinkedIn and Twitter.