Security Directory

G

Glove Technologies, Inc.

glove.fit

0

Glove Technologies, Inc. operates the website glove.fit, offering a SaaS platform that converts website visitors into qualified leads through real-time AI-driven personalization and visitor tracking. Their technology focuses on understanding visitor behavior, building visitor signal maps, and dynamically personalizing content to optimize lead conversion for B2B SaaS companies and enterprise clients. The platform emphasizes ease of installation with a single script tag and promises significant improvements in inbound lead generation. Technically, the website leverages modern JavaScript frameworks, likely React, and integrates third-party services such as HubSpot forms and Contentsquare for analytics and tracking. The site is hosted on Amazon Cloudfront CDN, ensuring moderate performance and good mobile optimization. However, accessibility and SEO optimizations are basic and could be improved. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML. However, it lacks visible security headers, a published security policy, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is limited, with a privacy policy present but no cookie consent mechanism or explicit GDPR compliance indicators. Overall, the website presents a professional and functional digital presence with moderate security and privacy maturity. Strategic improvements in privacy compliance, security policy transparency, and accessibility would enhance trust and compliance posture.

MACH Alliance is a non-profit organization advocating for modern enterprise technology ecosystems based on MACH principles: Microservices, API-first, Cloud-native SaaS, and Headless architectures. It serves as a certification body and community hub for technology companies and enterprises adopting composable technology. The website reflects a mature digital presence with comprehensive content, including research reports, event information, and community engagement. Technically, the site uses modern frameworks like Next.js and integrates multiple marketing and analytics tools while maintaining good performance and mobile optimization. Security posture is strong with HTTPS and some security headers, though additional headers and a formal security policy could enhance protection. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

R

Rīgas pieminekļu aģentūra

rigaspieminekli.lv

0

Rīgas pieminekļu aģentūra is a government agency responsible for the coordination, planning, management, and execution of activities related to the inventory, maintenance, and restoration of monuments and memorials in Riga, Latvia. The agency focuses on preserving cultural heritage objects including memorials, sculptures, fountains, and environmental installations. The website serves as an informational portal for residents and visitors interested in Riga's monuments and related events. Technically, the website is built using standard HTML5, CSS, and JavaScript with jQuery 1.11.1. It employs Matomo analytics configured to respect user privacy by disabling cookies and honoring DoNotTrack signals. The site includes a cookie consent mechanism via cookiecuttr but lacks explicit privacy and terms of service pages. The design is consistent and professional, though mobile optimization and accessibility are basic. From a security perspective, the site does not expose sensitive data or forms but lacks visible security headers and explicit HTTPS confirmation in the provided data. The Matomo analytics setup shows privacy-conscious configuration. No incident response or security policy information is published, which is a gap for organizational security posture. Overall, the website is functional, trustworthy, and serves its informational purpose well but would benefit from enhanced security headers, explicit privacy and terms policies, and improved mobile and accessibility features to strengthen compliance and user trust.

R

Rīgas valstspilsētas pašvaldības Dzīvojamo māju privatizācijas komisija

rdzmpk.lv

0

Rīgas valstspilsētas pašvaldības Dzīvojamo māju privatizācijas komisija is a municipal government entity responsible for managing housing privatization and related property services in Riga, Latvia. The website provides detailed information about their services, including property ownership transfers, land purchase agreements, and legal consultations. The target audience primarily consists of Riga residents and property owners seeking municipal housing privatization services. The site is built on the DIRcms platform and uses a variety of JavaScript libraries for UI and functionality, including jQuery, Semantic UI, and Google Maps API. Matomo analytics is implemented with privacy-conscious settings, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and CAPTCHA on forms, but lacks important security headers and cookie consent mechanisms. Overall, the website is functional and trustworthy but could improve in security and privacy compliance to better protect users and meet modern standards.

S

Sarka Insights Ltd.

feedfocal.com

0

JustFeedback, operated by Sarka Insights Ltd., is a UK-based small technology company specializing in feedback survey software. Their platform offers micro surveys such as NPS®, eNPS, CSAT, and CES to help businesses collect and analyze user feedback efficiently. The company targets businesses seeking to improve customer experience and user satisfaction through data-driven insights. Technically, the website is built on modern frameworks including Next.js and UIkit, with integrations for Google Analytics and cookie consent management. The site is mobile-optimized and provides a professional user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. Overall, the website demonstrates a good security posture with no critical vulnerabilities detected. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen trust and compliance.

Upify is a small technology company operating a SaaS behavioral analytics platform that provides comprehensive tools such as heatmaps, session recordings, funnels, surveys, and feedback mechanisms to help businesses understand user behavior and improve conversion rates. The website is professionally designed with clear navigation and mobile optimization, targeting business users and analysts seeking actionable insights. Technically, the site employs modern JavaScript frameworks, integrates with major analytics and marketing platforms like Google Analytics and Facebook Pixel, and uses a cookie consent management system to comply with privacy regulations. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

Fortnite.com is the official website for Fortnite, a leading free-to-play battle royale game developed by Epic Games. The site offers comprehensive information about the game, including various game modes, live events, and creative tools for users to design their own games. The website targets a broad audience of gamers and enthusiasts interested in online multiplayer experiences. It is positioned as a major player in the gaming industry with a strong brand presence and extensive digital infrastructure. Technically, the website employs modern web technologies including JavaScript ES modules, Unreal Engine components, and integrates privacy compliance tools like OneTrust. It is hosted on a robust infrastructure likely supported by Cloudflare, ensuring fast performance and excellent mobile optimization. The site also uses Sentry for error tracking, indicating a mature approach to monitoring and maintenance. From a security perspective, the website enforces HTTPS, uses security headers, and does not expose sensitive data in its HTML content. Privacy compliance is well-managed with a clear cookie consent mechanism, although explicit privacy policy and terms of service pages were not detected in the provided content. Contact information is available and verified, enhancing trust. Overall, Fortnite.com demonstrates a high level of professionalism, security, and user experience, making it a trustworthy and reliable platform for its users.

L

LatRailNet

lrn.lv

0

AS LatRailNet is a state-owned enterprise and subsidiary of Latvijas dzelzceļš, responsible for managing public railway infrastructure in Latvia. The company performs essential functions such as capacity allocation, train path assignment, and infrastructure fee management. The website provides comprehensive regulatory and operational information targeted at railway operators, regulatory bodies, and stakeholders in the transportation sector. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance, mobile optimization, and SEO compliance. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site reflects a professional and trustworthy organization with transparent business practices and regulatory compliance.

L

Latvijas dzelzceļa vēstures muzejs

railwaymuseum.lv

0

The Latvijas dzelzceļa vēstures muzejs (Latvian Railway Museum) is a cultural institution dedicated to preserving and presenting the history of railways in Latvia. It operates as a small-sized non-profit entity affiliated with the Latvian Railways group, offering museum exhibitions, educational programs, guided tours, and a souvenir shop. The website is professionally designed using Drupal 7 CMS and Bootstrap, providing a responsive and user-friendly experience primarily in Latvian with English language support. The museum targets general visitors, railway enthusiasts, students, and event organizers, positioning itself as a leading railway heritage institution in Latvia. Technically, the website employs a mature but somewhat dated technology stack including jQuery 1.8, Drupal 7, and Bootstrap 3. It integrates Google Maps and Google Analytics for enhanced user experience and analytics. Performance is moderate with good mobile optimization and basic accessibility features. The site uses HTTPS with no detected WAF or blocking mechanisms, ensuring secure access. From a security perspective, the site demonstrates good practices such as cookie consent compliance and no visible vulnerabilities or exposed sensitive data. However, it lacks advanced security headers and uses an older jQuery version, which could be improved. Privacy compliance is strong with GDPR-aligned cookie and privacy policies. Contact information is clearly presented, though no explicit security or incident response policies are found. Overall, the website is trustworthy, professional, and compliant with privacy regulations, serving its cultural and educational mission effectively. Strategic improvements in security headers, technology updates, and explicit security policies would enhance its security posture and trustworthiness further.

S

Secretariat of Latvian Ports, Transit and Logistics Council

vialatvia.com

0

VIA Latvia operates as a unifying information portal for the Latvian transport and logistics industry, providing comprehensive sector information, contact details, and industry news. The website targets professionals and stakeholders in the transport sector, positioning itself as a key resource for Latvian transport modes including ports, railways, road transport, aviation, and logistics. The platform also supports multilingual access and participates in international expos, enhancing its industry presence. Technically, the website is built on WordPress using Elementor and several plugins such as Jet Elements and Cherry Framework. It employs modern JavaScript libraries like jQuery, Swiper, and Slider Pro for interactive elements. The site shows moderate performance and good mobile optimization, though accessibility features could be improved. SEO is basic but present with meta tags and structured navigation. Security posture is moderate with HTTPS usage and a cookie consent mechanism in place. However, no advanced security headers or explicit security policies are detected. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy compliance is basic, with a privacy and cookie policy present but no explicit GDPR compliance statements or data protection officer contact. Overall, the website is professional and trustworthy with a solid business credibility score. Recommendations include enhancing security headers, adding terms of service and incident response policies, improving accessibility, and strengthening privacy compliance to align with GDPR and other regulations.

V

VAS Latvijas dzelzceļš

ldz.lv

0

VAS Latvijas dzelzceļš is the national railway company of Latvia, operating as a large state-owned enterprise focused on rail freight and passenger transport, infrastructure management, and related services including energy sales and logistics. The company maintains a strong market position as the primary rail operator in Latvia, serving both business and private customers. Their digital presence is supported by a Drupal 7 CMS platform with modern frontend technologies such as Bootstrap and jQuery, and includes integration with major social media platforms and analytics tools. The website demonstrates a mature technical infrastructure with good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, although there is room for improvement in security headers and incident response transparency. Privacy compliance is well addressed with comprehensive privacy and cookie policies in Latvian, aligned with GDPR requirements. Overall, the website and business exhibit high trustworthiness and professionalism, supported by certifications such as ISO 50001 and clear contact information. The domain registration details are consistent with the company's identity and history, reinforcing legitimacy. Strategic recommendations include enhancing security headers, publishing incident response contacts, and modernizing the CMS for improved security.

L

Latvijas Nacionālās bibliotēkas Atbalsta biedrība

gaisma.lv

0

Latvijas Nacionālās bibliotēkas Atbalsta biedrība is a Latvian non-profit organization dedicated to supporting the National Library of Latvia through cultural projects, donations, and partnerships. The website serves as an informational and engagement platform targeting Latvian citizens and cultural supporters. The organization maintains a network of partners including governmental and cultural institutions, enhancing its credibility and outreach. Technically, the website is built on Drupal 7 with common modules and libraries such as jQuery and Colorbox. It uses Google Analytics for visitor tracking but lacks modern privacy compliance features such as cookie consent banners or detailed privacy policies. The site is mobile-optimized and presents a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks important security headers and formal security policies, which could be improved to enhance protection and trust. No vulnerability disclosure or incident response information is provided, which is a gap in security readiness. Overall, the website is functional, trustworthy, and professionally presented but would benefit from enhanced privacy and security compliance measures to align with modern standards and regulations.

The website lasamkoks.lv is a digital reading platform operated by the Latvian National Library, targeting a broad audience including children, teens, youth, and adults. It provides categorized reading materials and integrates accessibility tools such as ReadSpeaker webReader. The site is positioned as a public educational and cultural service with a moderate digital presence and basic content quality. Technically, the site uses standard analytics tools like Google Analytics and Gemius Audience, and includes accessibility features, though mobile optimization and SEO are basic. Security posture is moderate with HTTPS enabled but lacks advanced security headers and explicit privacy compliance mechanisms. No contact information or incident response details are provided, limiting transparency. Overall, the site is legitimate and trustworthy as a government-affiliated educational resource but would benefit from enhanced privacy and security practices.

L

Latviešu grāmatai 500

gramatai500.lv

0

The website 'Latviešu grāmatai 500' is a cultural and educational platform dedicated to celebrating the 500-year history of Latvian book culture. It is associated with the Latvian National Library and targets Latvian-speaking audiences interested in the nation's literary heritage. The site provides information about events, history, and educational content related to Latvian books. Technically, the site is built on the Wix platform, utilizing modern web technologies including React and various Wix apps for video, events, and social integration. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features implemented. Security-wise, the site enforces HTTPS and employs some security best practices, though explicit security headers like CSP are not clearly present. No critical vulnerabilities or WAF blocking were detected. Overall, the site demonstrates a good balance of cultural content, technical implementation, and security posture, suitable for its educational and cultural mission.

F

Freeport of Riga

rop.lv

0

The Freeport of Riga website represents a major Baltic Sea port authority providing comprehensive logistics, cargo handling, passenger, and yacht services. The site is built on a modern Drupal 11 platform with responsive design and integrates common web technologies such as jQuery, Bootstrap, and Owl Carousel. The business is well-positioned as a key transportation hub in Latvia, with strong social responsibility and sustainability initiatives. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are absent. Overall, the site demonstrates good digital maturity and professionalism, supporting its role as a trusted business partner in the region.

L

Latvieši Pasaulē

lapamuzejs.lv

0

Latvieši Pasaulē is a Latvian non-profit museum and research center dedicated to preserving and showcasing the history and culture of Latvians living outside Latvia. The organization offers traveling exhibitions, publications, films, and digital projects that highlight the Latvian diaspora's contributions and experiences worldwide. The website serves as a portal for information about current and upcoming exhibitions, events, and digital resources, targeting Latvian diaspora communities, researchers, and cultural enthusiasts. Technically, the website is built on WordPress with a modern tech stack including Elementor, WooCommerce, and various plugins for content management, digital exhibitions, and GDPR compliance. The site is mobile-optimized and employs cookie consent mechanisms to comply with privacy regulations. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site uses HTTPS and has implemented cookie consent and privacy policies, but lacks explicit security headers and a vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the website's stated mission and location, supporting its legitimacy. Overall, the website presents a professional and trustworthy digital presence for the museum, with room for improvement in security headers and explicit incident response information. Strategic recommendations include enhancing security headers, adding a vulnerability disclosure page, and improving accessibility features to strengthen compliance and user trust.

L

Latvijas Nacionālā bibliotēka

digitalabiblioteka.lv

0

Digitālā bibliotēka is a Latvian National Library operated digital platform providing access to a wide range of Latvian cultural heritage digital collections including texts, images, audio, video, and objects. It serves researchers, educators, cultural professionals, and the general public with rich metadata, advanced search capabilities, and educational content. The platform is well-branded, professionally designed, and accessible with multilingual support and accessibility features. Technically, it uses a modern JavaScript stack with jQuery, DataTables, Google reCAPTCHA, and Google Tag Manager for analytics and security. Security posture is strong with HTTPS, form protections, and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the website is a trusted, authoritative source for Latvian cultural heritage digital resources.

T

Tietoevry Latvia

3td.lv

0

The website 3td.lv operates as a digital e-book library service primarily targeting registered users of Latvian municipal public libraries. It offers free online access to a broad catalog of e-books, facilitating reading on various devices including phones, tablets, and computers. The service is a collaboration between the Cultural Information Systems Centre and SIA Tietoevry Latvia, positioning itself as a national-level platform for public library users in Latvia. The business model focuses on providing public access to digital literature with usage restrictions to ensure fair use and compliance with copyright laws. Technically, the website is built on a modern web stack likely involving Ruby on Rails, with client-side enhancements using jQuery and integration of Google Analytics and Google Tag Manager for user behavior tracking. The site is mobile-optimized with a responsive design and includes standard security measures such as HTTPS and CSRF tokens. However, some security headers and explicit privacy and cookie policies are missing, which could be improved to enhance compliance and user trust. From a security perspective, the site demonstrates a solid baseline with encrypted connections and secure form handling. There are no visible vulnerabilities or exposed sensitive data. The absence of a published vulnerability disclosure policy or security contact points suggests room for improvement in incident response readiness. Privacy compliance is partial, with no explicit cookie consent mechanism or detailed privacy policy detected. Overall, the website presents a trustworthy and professionally maintained service with a clear focus on public education and library services. Strategic enhancements in privacy transparency, security headers, and incident response documentation would further strengthen its security posture and compliance standing.

Kulturasdati.lv is an official Latvian cultural data portal managed under the auspices of the Latvian Ministry of Culture and the Cultural Information Systems Center. The portal provides comprehensive access to a wide range of cultural objects including archives, libraries, museums, cultural centers, and artistic collectives. It targets Latvian residents, cultural professionals, researchers, and enthusiasts interested in Latvian culture. The platform supports multilingual access and offers user registration and login functionalities secured with CAPTCHA to prevent automated abuse. Technically, the website employs a custom CMS with JavaScript-based enhancements including autocomplete search, Google reCAPTCHA, and Google Analytics for user behavior tracking. The site is served over HTTPS with a good SSL configuration, though it lacks explicit security headers. Performance is moderate with good mobile optimization and basic accessibility features. SEO is basic but functional. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and bot protection on forms. However, it lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a cookie consent banner and a privacy policy page, indicating GDPR awareness. Overall, kulturasdati.lv presents a trustworthy and professional government cultural portal with solid business credibility and moderate technical maturity. Strategic improvements in security headers, incident response transparency, and accessibility would enhance its security posture and compliance standing.

L

Literatūras ceļvedis

literaturascelvedis.lv

0

Literatūras ceļvedis is a cultural and educational publication managed by the Latvian National Library and its associates, focusing on literature reviews and promoting reading culture. The website serves as an informative platform targeting librarians and individual readers, providing curated book recommendations and cultural content. The business operates within the education and media sectors, with a small organizational size and a niche market position in Latvia. Technically, the website is built on the Wix platform, utilizing modern technologies such as React 18 and various Wix apps including Wix Blog, Pro Gallery, and Spotify Player integration. The site is hosted on Wix's infrastructure with an Ireland data center, offering moderate performance and basic mobile optimization. Accessibility and SEO features are present but could be enhanced. From a security perspective, the site enforces HTTPS and employs Sentry for error monitoring, indicating a proactive approach to stability and security. However, it lacks explicit security headers and comprehensive privacy or cookie policies, which are critical for compliance and user trust. No direct contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website presents a professional and trustworthy front for its cultural mission but would benefit from enhanced privacy compliance, security headers, and clearer contact information to improve user trust and regulatory adherence.

S

Saulkrastu novada bibliotēka

saulkrastubiblioteka.lv

0

Saulkrastu novada bibliotēka is a public library serving the Saulkrasti municipality in Latvia, providing a variety of services including book lending, audiobooks, lifelong learning programs, and digital resources. The website targets local residents and library users, positioning itself as a community hub for education and cultural engagement. The business model is that of a public service institution focused on accessibility and community enrichment. Technically, the website is built on WordPress with Yoast SEO plugin, offering good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, but lacks published security policies and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve compliance and transparency.

Norconsult Digital is a leading Nordic IT company specializing in digital solutions for real estate and infrastructure sectors. With over 30 years of experience, they provide software and services that streamline workflows for construction and infrastructure management. Their market position is strong, supported by a professional online presence, clear business information, and a focus on innovation and sustainability. Technically, the website leverages modern technologies including Azure cloud services, Google Tag Manager, and Application Insights for monitoring, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the website is professional, user-friendly, and compliant with GDPR and cookie regulations, indicating a trustworthy and credible business.

The website www.laivas.lv is currently inaccessible and displays a Cloudflare 502 Bad Gateway error page, indicating a backend server failure. Due to this, no meaningful business content, contact information, or policy documents are available for analysis. The site relies on Cloudflare for security and CDN services, but the backend origin server is not responding correctly, resulting in a complete lack of accessible content. From a technical perspective, the site is served through Cloudflare, but no CMS, frameworks, or additional technologies are detectable due to the error page. The absence of metadata, structured data, or scripts beyond Cloudflare's error page assets limits the ability to assess digital maturity or performance. Security posture is weak as no security headers or privacy compliance mechanisms are present on the error page. The site lacks visible privacy policies, cookie consent, or contact channels for incident response. This raises concerns about compliance with GDPR and other data protection regulations. Overall, the site is currently non-functional and presents a high risk due to lack of accessible content and security controls. Strategic remediation should prioritize restoring backend server functionality, implementing comprehensive privacy and security policies, and enhancing transparency with contact and incident response information.

D

Direktoratet for byggkvalitet

dibk.no

0

Direktoratet for byggkvalitet is a Norwegian government agency dedicated to ensuring the construction of safe, environmentally friendly, and accessible buildings. It serves a broad audience including private individuals, professional users, municipalities, and construction industry stakeholders by providing digital building application services, regulatory guidance, enforcement, and certification. The agency holds a strong market position as the authoritative body for building quality and regulations in Norway. The website demonstrates a mature technical infrastructure utilizing modern JavaScript libraries such as jQuery, Bootstrap, RequireJS, and TinyMCE, built on the Episerver CMS platform. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with comprehensive metadata and structured content. Performance is moderate, with deferred script loading and good use of modern web standards. Security posture is solid with enforced HTTPS and no visible exposure of sensitive data. However, the absence of explicit security headers and a cookie consent mechanism indicates room for improvement in compliance and security best practices. The use of Matomo analytics reflects a privacy-conscious approach, though no explicit cookie banner was detected. Overall, the website is professional, trustworthy, and well-aligned with its government mandate. Strategic recommendations include implementing a cookie consent banner, publishing a security policy and incident response contacts, adding security headers, and considering a vulnerability disclosure page to enhance transparency and compliance.

A

Ambita AS and Norconsult Digital AS

planprosessen.no

0

Planprosessen.no is a Norwegian digital platform designed to streamline and digitalize the planning notification process for both private and public planning proposals. The service enables users to create projects, gather necessary information, prepare plan data, and distribute notifications digitally through the Altinn platform. The website is co-developed and supported by Ambita AS and Norconsult Digital AS, two established Norwegian companies, positioning Planprosessen as a niche but trusted solution integrated with national digital infrastructure. The platform targets planning consultants and applicants, offering a comprehensive SaaS model that simplifies regulatory compliance and communication with affected parties and authorities. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Advanced Custom Fields, and integrates tracking and analytics tools like Google Tag Manager, Facebook Pixel, Hotjar, and Cookiebot for consent management. The site demonstrates good SEO, accessibility, and mobile optimization, with a moderate performance profile. Security practices include HTTPS enforcement and cookie consent, though some security headers are not explicitly detected. No critical vulnerabilities or exposed sensitive data were found. The security posture is solid with good privacy compliance, including a comprehensive privacy policy and cookie consent mechanism. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which could be improved to enhance trust and compliance. Overall, the domain registration and WHOIS data align well with the business profile, indicating legitimacy and consistency. Strategically, Planprosessen is well-positioned within the Norwegian government and technology sectors, leveraging partnerships with Ambita AS, Norconsult Digital AS, KS, and Altinn. The platform's integration with public digital services and focus on regulatory compliance provide competitive advantages. Recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen security and trust.

Ambita AS operates the website efullmakt.no, providing electronic power of attorney and secure document signing services primarily targeted at Norwegian businesses and individuals. The company leverages BankID for secure authentication and offers integration with Norway's central registration authority for document submission. The website is professionally designed with a clear focus on security and user experience, featuring responsive design and straightforward navigation. The technical infrastructure includes modern frameworks such as Bootstrap and jQuery, with analytics and consent management handled by Piwik PRO and Cookiebot respectively. Security posture is strong with HTTPS enforced and secure login mechanisms, though additional HTTP security headers could enhance protection. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms in place. Overall, the website demonstrates a mature digital presence with high trustworthiness and business credibility.

A

Ambita AS

esignering.no

0

Ambita AS operates the website esignering.no, providing electronic signing and digital identification services primarily for real estate and property-related transactions in Norway. The company positions itself as a secure and efficient alternative to manual signing processes, targeting businesses and individuals involved in property dealings. The website reflects a medium-sized enterprise with a consistent brand presence and a focus on compliance and user trust. Technically, the website employs a modern technology stack including jQuery, Bootstrap, CKEditor, and jsGrid, alongside Cookiebot for cookie consent management and Piwik Pro for analytics. The site is mobile-optimized and offers a secure login form, although some improvements in accessibility and SEO could be made. The cookie consent mechanism is comprehensive, categorizing cookies by purpose and providing detailed information to users. From a security perspective, the site enforces HTTPS and uses secure forms but lacks explicit security headers in the HTML content. There are no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with a clear privacy policy linked and a functional consent mechanism. However, no dedicated security policy or incident response information is found. Overall, the website demonstrates a good security posture and business credibility, with moderate technical implementation and content quality. Strategic recommendations include enhancing security headers, improving accessibility, and adding explicit security and incident response policies to further strengthen trust and compliance.

Diakrit AB is a well-established company specializing in innovative real estate marketing and technical platforms, serving leading real estate agents globally. The company positions itself as an industry leader with a strong focus on enhancing the property transaction experience through advanced technology and services. Their website reflects a mature digital presence with a modern tech stack including Vue.js, Nuxt.js, and Vuetify, hosted on AWS infrastructure. Security measures such as HTTPS and security headers are properly implemented, indicating a strong security posture. Privacy compliance is evident with comprehensive privacy and cookie policies and consent mechanisms. However, explicit security policies and incident response contacts are not found, suggesting areas for improvement. Overall, the website is professional, trustworthy, and well-optimized for users.

Eiendomsverdi AS is a Norwegian company specializing in collecting, structuring, and analyzing comprehensive real estate data across Norway. Their services target professional actors in banking, finance, insurance, real estate brokerage, property development, valuation, and public sector entities. The company positions itself as a leading provider of real-time property data and analytics, supported by ownership from major financial institutions such as DNB, Nordea, SpareBank 1, and Eika Boligkreditt. The website reflects a mature digital presence with professional design, mobile optimization, and structured content tailored for their B2B audience. Technically, the site uses modern JavaScript modules, Craft CMS, and secure HTTPS connections with CSRF protections in forms, indicating a solid infrastructure. Security posture is strong with no visible vulnerabilities or exposed sensitive data, though some security headers and explicit policies could be improved. Privacy compliance is good with a clear privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

S

Sikri AS

ambita.no

0

Ambita, operated by Sikri AS, is a leading Norwegian company specializing in digital solutions for the real estate market. Their website showcases a comprehensive portfolio of services including property information portals, digital registration (tinglysing), and collaborative digital tools aimed at streamlining property transactions and management. The company targets a broad audience including real estate professionals, financial institutions, municipalities, and private individuals, positioning itself as a key technology enabler in the Norwegian property sector. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies such as Google Analytics 4, Piwik PRO for analytics, Cookiebot for cookie consent management, and Zendesk for customer support. The site demonstrates good performance, mobile optimization, and accessibility features, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements multiple security headers to protect users. The presence of a detailed cookie consent mechanism and privacy policy indicates compliance with GDPR and related privacy regulations. However, no explicit security policy or incident response information is published, which could be improved. Overall, Ambita's website reflects a professional, trustworthy, and well-managed digital presence with strong business credibility and compliance posture. Strategic recommendations include publishing a dedicated security policy, providing incident response contacts, and adding a vulnerability disclosure mechanism to further enhance trust and security transparency.

A

Attendo AB

unika.se

0

Unika, a brand under Attendo AB, specializes in providing personalized support services within the LSS framework in Sweden. The website presents a comprehensive portfolio of services including group homes, short-term housing, service housing, daily activities, and assistance services tailored to individuals with disabilities. The company positions itself as a trusted and expert provider in the healthcare sector, emphasizing individualized care and quality. The site targets individuals needing support, their families, caseworkers, and potential employees. Technically, the website is built on a modern stack including jQuery, Cookiebot for consent management, Google Tag Manager, and Microsoft Application Insights for telemetry. It is hosted on a CMS platform likely Episerver, optimized for mobile and accessibility, and employs structured data for SEO. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with clear contact information and transparent cookie usage.

S

Sikri AS

unbolt.no

0

Spir Data, operated by Sikri AS and part of Spir Group ASA, is a specialized provider of proprietary data, advanced analytics, and AI solutions tailored for the Nordic real estate market. The company positions itself as a trusted source of unseen insights, supporting banks, insurers, developers, advisors, and asset owners with data-driven decision-making tools embedded in their workflows. Their business model focuses on Data-as-a-Service with a strong emphasis on risk modeling, ESG, pricing, underwriting, and asset intelligence. The website reflects a professional and consistent brand presence with clear contact channels and GDPR-compliant privacy practices. Technically, the website is built on the HubSpot CMS platform, leveraging HubSpot's marketing and analytics tools alongside common technologies such as Google Tag Manager, jQuery, and Google Maps embeds. The site demonstrates good mobile optimization and SEO practices, though there is room for improvement in accessibility and security headers. The SSL configuration is good, and no critical vulnerabilities or exposed sensitive data were detected. From a security perspective, the site employs HTTPS and includes consent mechanisms in its forms, aligning with GDPR requirements. However, explicit security policies and incident response contacts are not found, which could be enhanced to improve trust and compliance. The WHOIS data confirms the legitimacy of the domain and its alignment with the business identity, reinforcing the site's credibility. Overall, Spir Data's website presents a solid digital presence with a good balance of business information, technical implementation, and privacy compliance. Strategic improvements in security policies, accessibility, and transparency could further strengthen its security posture and user trust.

S

Sikri AS

sikri.no

0

Sikri AS is a Norwegian software company specializing in digital solutions for the public sector, focusing on case management, archiving, data collection, digitalization, internal control, and quality systems. Positioned as one of Norway's leading suppliers in this domain, Sikri offers a comprehensive suite of products and services tailored to improve collaboration, compliance, and data-driven decision-making for public organizations. Their business model revolves around software sales, consulting, training, and automation services, supported by a strong parent company, Spir Companies, and several subsidiaries. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies, analytics, and marketing tools, ensuring fast performance, mobile optimization, and good accessibility. Security-wise, the site employs HTTPS, reCAPTCHA, and cookie consent mechanisms, demonstrating a solid security posture with room for improvement in publishing dedicated security policies and incident response contacts. Overall, Sikri's website reflects a professional, trustworthy, and well-maintained digital presence aligned with their business objectives and compliance requirements.

I

iVerdi AS

iverdi.no

0

iVerdi AS is a leading Nordic software provider specializing in professional systems for real estate valuation and property transactions. Their flagship product, IVIT, is widely used by takstingeniører (valuation engineers) and real estate agents in Norway to streamline and secure property sales processes. The company integrates with major industry platforms such as Ambita, Eiendomsverdi, and Visma Core, enhancing workflow efficiency and data quality. The website reflects a mature business with a clear focus on the real estate sector, targeting professionals involved in property valuation and sales. Technically, the website is built on WordPress with Elementor and Yoast SEO, employing modern web technologies and integrations. The site is mobile-optimized, SEO-friendly, and uses HTTPS with good security practices, although some security headers could be improved. The presence of cookie consent and privacy policies indicates compliance with GDPR requirements. Contact information is clearly presented, including phone, email, and physical address, supporting business credibility. From a security perspective, the site shows a solid posture with no visible vulnerabilities or exposed sensitive data. However, explicit security and incident response policies are not publicly available, which could be enhanced to improve trust. No WAF or blocking mechanisms interfere with content accessibility, allowing full analysis. Overall, iVerdi AS demonstrates a professional and trustworthy online presence aligned with its business objectives.

B

Boligmappa AS

hjemla.no

0

Hjemla, operated by Boligmappa AS and part of the Spir Group, is a leading Norwegian real estate information platform offering comprehensive data on properties, neighborhoods, and market trends across Norway. The website provides users with tools to search for homes, view recent sales, and monitor property values, targeting home buyers, sellers, and real estate professionals. The platform is well-integrated with partners including municipalities and major real estate companies, enhancing its market position. Technically, Hjemla employs modern web technologies such as React and Next.js, ensuring fast performance and excellent mobile optimization. The site uses Matomo for analytics and CookieInformation for consent management, reflecting a mature digital infrastructure with strong privacy compliance. The user experience is professional, with clear navigation and rich content. Security-wise, the site enforces HTTPS, implements standard security headers, and provides a detailed cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or incident response contact suggests areas for improvement. Overall, Hjemla presents a low-risk profile with strong compliance and technical maturity. Strategic recommendations include publishing explicit security and incident response policies, enhancing accessibility, and maintaining regular audits of third-party scripts to sustain security and trust.

B

ByggeBolig AS

byggebolig.no

0

ByggeBolig.no is a Norwegian online platform focused on housing construction, renovation, and related problem-solving. It serves as a niche media outlet and community forum targeting Norwegian homeowners, builders, and renovators. The site offers news articles, a discussion forum, a supplier directory, and advertising services. The platform is well-established in the Norwegian market with consistent branding and good content quality. Technically, the website uses a modern tech stack including jQuery, Bootstrap, Google Analytics, Matomo, Hotjar, and Google reCAPTCHA, hosted on Microsoft Azure. It demonstrates good digital maturity with mobile optimization and SEO best practices. Security-wise, the site enforces HTTPS, uses reCAPTCHA on forms, and manages GDPR compliance effectively with a consent banner and privacy policy. However, explicit security headers and a vulnerability disclosure policy are absent. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it lacks direct contact information and a published security policy.

A

Attendo AB

attendo.com

0

Attendo AB is a leading Nordic care company specializing in providing cost-effective and modern care services across Sweden, Denmark, and Finland. Founded in 1985, the company has established a strong market position with a broad portfolio including elderly care, home care, and personalized functional support through subsidiaries such as Unika and Viljan. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its target audience of individuals and public sector clients in the Nordic region. Technically, the site leverages modern technologies including jQuery, Cookiebot for consent management, Google Tag Manager, and Microsoft Application Insights for analytics, hosted likely behind Cloudflare for performance and security. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the website demonstrates high professionalism, compliance with GDPR, and a trustworthy digital footprint.

S

Sikri AS

spirgroup.com

0

Spir Group is a Norwegian technology group specializing in mission-critical software solutions for public administration, real estate, and business efficiency. The company operates through multiple subsidiaries including Sikri, Ambita, Boligmappa, Metria, and others, providing a broad range of services from document management automation to geodata consultancy. Their market position is strong in Norway and Sweden, targeting public sector and real estate markets with a focus on sustainability and innovation. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and analytics tools such as Google Analytics 4 and HubSpot Analytics. The site is well-optimized for performance, mobile responsiveness, and accessibility. Security posture is robust with HTTPS enforced, proper security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. Overall, Spir Group presents a professional, trustworthy, and technically mature digital presence aligned with its business objectives.

G

Gota Media AB

gotamedia.se

0

Gota Media AB operates as a prominent Swedish media company focusing on local journalism and marketing services. The website positions the company as a key player in regional media with a portfolio of 16 news titles and over 900 employees, targeting local communities and businesses seeking marketing solutions. Their business model combines traditional journalism with modern marketing and brand advisory services, supported by a professional digital presence. Technically, the site is built on WordPress with modern SEO and analytics integrations, including Yoast SEO, Google Analytics via MonsterInsights, and Facebook Pixel for marketing insights. The site demonstrates good mobile optimization and user experience, with clear navigation and consistent branding. Security-wise, the site enforces HTTPS, uses anti-spam and bot detection plugins, and provides a comprehensive cookie consent mechanism compliant with GDPR. However, explicit security headers and published security policies are absent, representing an area for improvement. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting the company's market credibility and digital maturity.

T

Tidningsutgivarna (TU)

mediekompass.se

0

Mediekompass is an educational media resource operated under the auspices of Tidningsutgivarna (TU), aimed at supporting teachers and students in Sweden with media literacy and the use of newspapers in education. The website offers lesson tips, event information, and opportunities to book media pedagogues for lectures. The site is built on WordPress with a modern tech stack including Yoast SEO, Matomo analytics, and CookieYes for consent management. It demonstrates good digital maturity with structured data and SEO optimization. Security posture is solid with HTTPS enforced and consent-based analytics tracking, though explicit security policies and headers could be improved. Overall, the site is trustworthy and professionally maintained, serving a niche educational market effectively.

T

Tidningsutgivarna (TU)

flerasidor.se

0

Flera Sidor is a Swedish media advocacy initiative operated by Tidningsutgivarna (TU), focusing on promoting democracy through supporting free and independent journalism. The website provides educational content, research, and engagement opportunities to the Swedish public, emphasizing the importance of multiple perspectives in media. Technically, the site is built on WordPress using the X Theme and Cornerstone framework, with standard plugins for analytics and cookie consent. The security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks published security policies and incident response information. Overall, the site is professional, trustworthy, and well-positioned within its niche, but could improve privacy compliance transparency and security disclosures.

T

Tidningsutgivarna

dagspress.se

0

Dagspress.se is a Swedish media industry website operated by Tidningsutgivarna (TU), the leading national association for media publishers in Sweden. The site provides media statistics, tools, and information primarily targeting media professionals, advertisers, and researchers. TU represents a broad spectrum of media outlets including newspapers, TV, radio, and digital platforms, positioning itself as a key industry resource. The website content is well-structured, professionally designed, and offers relevant, up-to-date information about the media sector in Sweden. Technically, the site is built on WordPress using the Divi theme, incorporating modern web technologies such as lazy loading and Google Fonts, ensuring good performance and mobile responsiveness. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the site is trustworthy and credible, but could enhance user trust and compliance by adding privacy-related documentation and security policies.

The website at paulsmith.com is currently inaccessible due to a Vercel Security Checkpoint blocking page that prevents access without browser verification. This security mechanism acts as a Web Application Firewall (WAF) challenge, indicating that the actual website content is not available for analysis. Consequently, no business information, contact details, or privacy policies are visible. The page only displays a message indicating failure to verify the browser and provides a link for the website owner to fix the issue. The technical infrastructure is hosted on Vercel and uses Astro framework with JavaScript, but no further technical or business details can be extracted. The security posture cannot be fully assessed due to lack of access, but the presence of a security checkpoint suggests some level of protection. Overall, the risk assessment is high due to lack of accessible content and transparency, and strategic recommendations focus on resolving the access block and implementing standard compliance and security best practices.