Security Directory

C

Continental AG

continental-corporation.com

0

Continental AG is a well-established multinational technology and manufacturing company specializing in sustainable and connected mobility solutions. Founded in 1871 and headquartered in Germany, the company offers a broad portfolio including automotive technologies, tires, and ContiTech products. The website reflects a mature digital presence with comprehensive corporate, investor, and sustainability information targeting investors, job seekers, and business partners. Technically, the site is built on TYPO3 CMS and hosted likely on AWS infrastructure, with modern JavaScript and CSS usage. However, a critical security weakness is the lack of a valid SSL certificate and disabled TLS protocols, which severely impacts the security posture. Security headers are mostly present but some, like X-XSS-Protection, are disabled. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy but urgently needs to address HTTPS and SSL issues to ensure secure user interactions.

The website dieangewandte.at represents the Universität für angewandte Kunst Wien, a large educational institution specializing in applied arts. The site offers comprehensive information about academic programs, research, exhibitions, and cultural events targeting students, researchers, and the arts community. The business model is centered on education and cultural dissemination, positioning the university as a key player in Austria's higher education sector for arts. Technically, the site uses a custom CMS with Apache hosting, integrates Matomo analytics, Google Fonts, and jQuery-based UI components. However, the site lacks HTTPS, which is a critical security deficiency. Security posture is weak due to missing SSL/TLS, lack of security headers, and no incident response or vulnerability disclosure policies. Privacy compliance is minimal with no cookie consent mechanism, though Matomo usage suggests some privacy awareness. Overall, the site is professionally designed and content-rich but requires urgent security upgrades to protect users and data.

R

REWE Group in Österreich

rewe-group.at

0

REWE Group in Österreich is a major retail group operating multiple supermarket and retail brands across Austria and several European countries. The company has a long-standing history of over 70 years and manages well-known brands such as BILLA, PENNY, and BIPA. The website presents comprehensive corporate and sustainability information targeting customers and stakeholders in Austria and Europe. Technically, the site uses modern frontend technologies like Alpine.js and FontAwesome and is likely powered by the Statamic CMS. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are partially implemented, but the absence of TLS protocols and valid certificates significantly reduces the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is high due to consistent branding, detailed corporate information, and alignment with WHOIS data. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and strengthen its security configuration.

G

GoDaddy Operating Company, LLC

alliedpanels.com

0

The website alliedpanels.com is a domain aftermarket sales landing page hosted and operated under GoDaddy's platform. It offers the domain for sale with options to buy now, lease to own, or make an offer. The site targets domain investors and businesses seeking premium domain names, leveraging GoDaddy's trusted marketplace and brokerage services. The business model is focused on domain sales and brokerage within the e-commerce sector, supported by GoDaddy's large market presence and infrastructure. Technically, the site is built using modern JavaScript frameworks such as React and Next.js, hosted on AWS infrastructure. However, the site suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. While the design and user experience are good and mobile optimized, the absence of HTTPS and security headers significantly weakens the security posture. Security evaluation reveals critical issues including no valid SSL certificate, no HSTS, and missing security headers, which expose users to potential risks. Privacy compliance is supported by comprehensive GoDaddy privacy and cookie policies, with GDPR compliance indicated. Contact information is limited but present via phone and contact form. Overall, the site is legitimate and consistent with domain aftermarket sales but requires urgent security improvements. Strategically, the site should prioritize obtaining and configuring a valid SSL certificate to enable HTTPS, implement security headers, and improve performance to enhance trust and user experience. These steps will strengthen the security posture and align with best practices for e-commerce platforms.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

E

Efumo

efumo.lv

0

Efumo is a Latvian-based IT services company specializing in the development and maintenance of internet shops, websites, mobile applications, and IT systems. The company targets businesses seeking modern, responsive, and integrated digital solutions. Their market position is that of a small but established regional player with a portfolio of notable clients and a professional online presence. Technically, the website is built on WordPress with Yoast SEO, uses modern web technologies, and is moderately optimized for performance and mobile devices. Security posture is adequate with HTTPS, secure cookies, and several security headers, but lacks full HSTS enforcement and email security measures like DMARC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security policy transparency.

C

CODEART, SIA

codeart.lv

0

CODEART, SIA is a Latvian-based IT service provider specializing in the design, development, and maintenance of modern business IT systems, websites, and portals. With over 18 years of industry experience, the company targets Latvian businesses seeking high-quality and scalable digital solutions. The website reflects a professional and consistent brand image, offering a range of corporate IT services including web design, frontend development, and user experience planning. The company maintains a moderate market position as an established local player with a clear focus on quality and client satisfaction. Technically, the website employs modern TLS protocols and integrates multiple third-party tools such as Google Analytics, Microsoft Clarity, and Pipedrive LeadBooster for marketing and analytics purposes. However, the site suffers from slow load times and lacks some advanced security headers and policies, which could be improved to enhance security posture. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Contact information is clearly provided, supporting business credibility. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures to align with best practices.

S

SIA "Žurnāls Santa"

santa.lv

0

Santa.lv is the largest lifestyle portal in Latvia, offering a wide range of content including health, entertainment, culture, and personal stories. The website supports a subscription model (Santa+) alongside advertising revenue, targeting Latvian-speaking audiences interested in lifestyle topics. The business is well-established with consistent domain registration and a strong market position in the Latvian media sector. Technically, the website employs modern tracking and advertising technologies such as Google Tag Manager, Facebook SDK, and Gemius analytics, hosted behind Cloudflare DNS services. However, the site suffers from significant security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts user trust and security posture. Security-wise, the lack of HTTPS, missing security headers, and no DNSSEC or domain protection locks expose the site to potential risks. Privacy and cookie policies are present and appear GDPR compliant, reflecting a good level of privacy awareness. The site is accessible without WAF or blocking mechanisms, but performance is slow with a large page size and long load times. Overall, Santa.lv is a reputable media portal with excellent content quality and business credibility but requires urgent improvements in security infrastructure to protect users and enhance trust. Strategic focus should be on implementing HTTPS, improving page performance, and adopting security best practices.

N

NBS Rekrutēšanas un atlases centrs

klustikaravirs.lv

0

The website klustikaravirs.lv serves as the official recruitment platform for the Latvian National Armed Forces, providing comprehensive information and application options for various military service types including professional service, national defense service, and specialized military education. The site targets Latvian citizens aged 18 to 60 interested in serving their country, positioning itself as a trusted government resource with strong public confidence. Technically, the site is built on Drupal 10, employs Matomo for privacy-conscious analytics, and offers a responsive, accessible user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. Additionally, DNS and email security configurations could be enhanced with DNSSEC and DMARC records. Privacy and cookie policies are present with consent mechanisms, but no terms of service or security policies are published. Overall, the site is functional and professional but requires urgent security improvements to align with best practices.

Z

ZAUDĒTAIS SAPNIS PAR BRĪVĪBU

sapnisparbrivibu.lv

0

The website sapnisparbrivibu.lv serves as an informational platform related to the Latvian War Museum, focusing on the historical narrative of Latvian soldiers issued by the Swedish government to the Soviet Union. The site targets visitors interested in Latvian military history and related educational content. The business model is primarily informational, with no evident commercial transactions or services. The website is small in scale and localized to Latvia. Technically, the site is built using React and Material-UI, indicating a modern frontend framework. However, the absence of a valid SSL certificate and HTTPS support critically undermines the site's security and trustworthiness. Performance is moderate with a page load time of approximately 3.1 seconds, and mobile optimization is basic. SEO and accessibility features are minimal. From a security perspective, the site lacks fundamental protections such as HTTPS, DMARC, DNSSEC, and proper SSL configurations. While HSTS is enabled, it is ineffective without HTTPS. No security policies, incident response contacts, or vulnerability disclosures are present. These gaps expose the site to potential risks and reduce user trust. Overall, the website's risk profile is elevated due to missing security controls and privacy compliance. Strategic recommendations include immediate implementation of HTTPS, addition of privacy and cookie policies, and enhancement of security headers. Improving contact transparency and adding trust signals would also benefit business credibility and user confidence.

B

BORN

born.lv

0

BORN is a Latvian-based small technology company specializing in full-service website and e-commerce development, UI/UX design, and programming. Established in 2013, it serves a diverse client base including educational institutions, healthcare providers, and municipal organizations. The company presents a professional online presence with a portfolio of completed projects and active social media channels. Technically, the website is built on WordPress with modern JavaScript libraries and optimized for mobile devices, though performance is moderate with a page load time near 5 seconds. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, which is a critical vulnerability. Privacy compliance is basic with a cookie consent banner and privacy policy present, but no terms of service or security policies are found. Overall, the website is functional and credible but requires urgent security improvements to protect user data and enhance trust.

L

Latvijas Reklāmas asociācija

lra.lv

0

Latvijas Reklāmas asociācija (LRA) is a Latvian non-profit organization representing advertisers, media, and agencies. The website serves as an informational portal providing member services, industry statistics, educational seminars, and ethical guidelines. The target audience includes advertising professionals and media stakeholders in Latvia. The organization maintains an active online presence with social media integration and contact channels. Technically, the website uses common web technologies such as jQuery, Bootstrap, and Google Analytics but suffers from slow performance and lacks modern security implementations. Critically, the site does not have a valid SSL certificate, exposing visitors to security risks and undermining trust. The absence of privacy and cookie policies indicates a gap in compliance with data protection regulations. Overall, the website is functional and professional in content but requires significant improvements in security and privacy compliance to meet modern standards.

H

Hosting made for everyone | alwaysdata

alwaysdata.net

0

The domain alwaysdata.net is a mature domain registered since 2006 with a reputable registrar, Gandi SAS. However, the website content is currently inaccessible, displaying only a minimal 'Site not found' message, indicating the site is either down, misconfigured, or intentionally disabled. The DNS configuration is standard with valid A, AAAA, MX, NS, and SPF records, but DNSSEC is not enabled, and the CAA records appear malformed. The SSL/TLS configuration is absent, with no valid certificate or HTTPS support, which is a critical security concern. Performance is poor with minimal resources loaded, and no metadata or business information is present on the site. Overall, the digital maturity of the site is low due to lack of content and security features.

G

Gist

convertfox.com

0

Gist operates as a mature SaaS company providing an all-in-one platform for email marketing automation, live chat, help desk, and CRM functionalities. The website presents a comprehensive suite of integrated tools aimed at small to medium businesses and marketing agencies, positioning itself as a replacement for multiple standalone tools. The business model is subscription-based with a free tier and premium plans, supported by a consistent and professional web presence. Technically, the site uses WordPress CMS with a modern tech stack including jQuery, Bootstrap, and multiple analytics and marketing tools. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS, which severely impacts its security posture. Privacy policies and terms of service are well documented, but cookie consent mechanisms are missing despite extensive tracking. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Z

Zone Media OÜ

zone.lv

0

Zone Media OÜ operates the website zone.lv and zone.eu, providing domain registration, web hosting, and cloud services primarily targeting European businesses. With over 25 years of hosting experience and a customer base of nearly 145,000 domains, the company positions itself as a reliable and innovative technology provider. Their offerings include a wide range of domain extensions, WordPress-optimized hosting, and cloud VPS solutions, supported by a proprietary platform called ZoneOS. The website demonstrates strong digital maturity with modern technologies, good SEO practices, and a comprehensive cookie consent mechanism compliant with GDPR. Security posture is robust with HTTPS, SPF, and DMARC configured, though improvements like enabling HSTS and DNSSEC are recommended. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

Z

Zone Media OÜ

zone.lt

0

Zone Media OÜ operates the website zone.lt (redirects to zone.eu) providing domain registration, web hosting, and cloud services primarily targeting European businesses. The company positions itself as a reliable and experienced provider with 25 years of hosting experience and a mature domain. Their offerings include domain registration across a broad range of TLDs, managed cloud servers, WordPress hosting, and AI-assisted website creation tools. The website is professionally designed with clear navigation, mobile optimization, and SEO best practices implemented. Technically, the site uses WordPress CMS with modern JavaScript libraries and plugins, delivering moderate performance and good accessibility. Security posture is solid with HTTPS, SPF, and DMARC policies in place, though improvements like enabling HSTS, DNSSEC, and OCSP stapling are recommended. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms active. The domain registration data is consistent with the business identity, showing no suspicious patterns aside from missing domain locks. Overall, the website is trustworthy, professional, and well-positioned in the European hosting market.

Z

Zone Media Oy

zone.fi

0

Zone Media Oy operates the website zone.fi, providing domain registration, web hosting, email, and virtual server services primarily targeting Finnish businesses, associations, and private individuals. With over 25 years of experience and a customer base exceeding 50,000 web hosting accounts and 145,000 domains, Zone holds a strong market position as a reliable and comprehensive hosting provider in Finland. Their service portfolio includes WordPress-optimized hosting, managed virtual servers, and security monitoring, emphasizing local data center hosting in Finland for data protection and compliance. Technically, the website is built on WordPress with modern technologies such as TLS 1.3, OCSP stapling, and integrates multiple third-party tools including Google Analytics, Hotjar, Zendesk, and Cookiebot for analytics, customer support, and privacy compliance. The site demonstrates good performance and mobile optimization, with clear navigation and professional design. SEO practices are well implemented with Yoast SEO plugin and structured data. From a security perspective, the site enforces HTTPS with strong TLS protocols, has SPF and DMARC email authentication configured with reject policies, and shows no critical vulnerabilities. Cookie consent mechanisms are in place, ensuring GDPR compliance. However, improvements are recommended in enabling HSTS, fixing CAA records, and publishing a security.txt file to enhance security posture further. Overall, zone.fi presents a trustworthy, professional, and secure online presence with strong compliance and user experience. The domain registration details align with the business claims, reinforcing legitimacy. Strategic recommendations include enhancing HTTPS enforcement, improving transparency in vulnerability disclosure, and maintaining up-to-date security practices to sustain trust and compliance.

I

Inbank

inbank.eu

0

Inbank operates as an embedded financing platform focused on accelerating sales for merchants and providing tailored financing solutions to consumers across multiple European markets. The company supports a broad range of sectors including retail, eco-friendly products, and automotive financing, positioning itself as a significant player with over 872,000 active contracts and partnerships with more than 6,000 retailers. The website reflects a professional and consistent brand image with clear business information and a user-friendly design. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, styled with Tailwind CSS, and hosted on Amazon AWS infrastructure. While the site performs moderately well and is mobile optimized, it lacks a valid SSL certificate and HTTPS support, which is a critical security flaw. Additionally, no security headers or advanced TLS configurations are present, exposing the site to potential risks. From a security perspective, the absence of HTTPS and security headers significantly lowers the security posture score. Privacy and cookie policies are implemented with consent mechanisms, indicating basic GDPR compliance. Contact information is clearly available, but no explicit security or incident response policies are found. The WHOIS data is consistent with the business claims, supporting domain legitimacy. Overall, the website demonstrates good business credibility and content quality but suffers from critical security shortcomings. Immediate remediation of SSL/TLS issues and implementation of security best practices are recommended to enhance trust and protect users.

The website myzone.app currently serves as a parked domain page indicating that the domain is registered but not linked to any hosting service. It promotes web hosting packages from Zone.eu in multiple languages, targeting domain owners who need hosting services. The site is basic in content and design, with no privacy or cookie policies, no contact information, and no active forms or data collection. Technically, the site uses standard HTML, CSS, and JavaScript but lacks a valid SSL certificate and modern TLS protocols, resulting in no HTTPS support. Security posture is weak due to missing SSL and security headers, although SPF and DMARC records are properly configured. Overall, the site is functional as a parked domain but lacks essential security and compliance features.

The website harno.ee is a government-related domain managed by the Estonian Ministry of Education and Research (Haridus- ja Teadusministeerium) through its EENet network services. It appears to serve as a portal for educational and research network infrastructure in Estonia. However, the website content is currently inaccessible due to a Cloudflare Turnstile captcha security challenge, preventing direct content analysis. The domain is registered consistently with the governmental entity and has a domain age appropriate for its establishment in 2020. Technically, the site is hosted behind Cloudflare with security measures such as HSTS enabled, but it lacks a valid SSL certificate and modern TLS protocol support, resulting in no HTTPS availability. DNS records show a well-configured SPF and DMARC policy, but DNSSEC is not enabled. Performance is slow, and no content or business contact information is visible on the challenge page. Security posture is weak due to missing HTTPS and incomplete security headers, though email security policies are in place. Privacy compliance is poor with no visible privacy or cookie policies. Business credibility is moderate based on domain registration and affiliation with a government entity but is limited by lack of accessible content and contact details. Overall, the site requires improvements in SSL/TLS configuration, enabling DNSSEC, and publishing privacy and cookie policies. The current WAF challenge limits content accessibility and analysis, impacting trust and user experience.

E

Eesti Hariduse Kvaliteediagentuur

haka.ee

0

Eesti Hariduse Kvaliteediagentuur (HAKA) is a government-affiliated Estonian agency specializing in the external quality assessment and accreditation of educational institutions. It operates under the Education and Youth Board and is recognized as a leading competence center in Estonia for education quality assurance. The agency is a member of prominent European quality assurance networks such as EQAR, ENQA, INQAAHE, and EQAVET, reinforcing its credibility and international cooperation. The website provides comprehensive information about its services, quality culture promotion, and training activities targeted at educational institutions, experts, and students.

I

IT Crafters

itcrafters.eu

0

IT Crafters is an online education platform specializing in training individuals to become Java Software Developers within 8 months. Powered by BCS Koolitus, Estonia's largest training company, it offers a comprehensive program including practical projects, mentoring, and employment support. The website is professionally designed with clear navigation and detailed content, targeting aspiring IT professionals, especially those without prior experience. The technical infrastructure leverages modern web technologies and Tilda CMS, with adequate mobile optimization but slower performance. Security measures include HTTPS with modern TLS versions and basic email authentication records, though improvements like HSTS and OCSP stapling are recommended. Privacy and terms of service are clearly provided, supporting GDPR compliance. Overall, the site presents a credible and trustworthy educational service with strong business partnerships and a focus on user engagement and support.

The website channelprogram.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. The domain is mature, registered since 2012 with GoDaddy.com, LLC, and has proper DNS and email security configurations such as SPF and DMARC. However, the SSL certificate is invalid or missing, resulting in no HTTPS support. The lack of accessible content means no business information, policies, or contact details can be verified. The technical infrastructure relies on Cloudflare for security and hosting, but the absence of a valid SSL certificate and security headers indicates a weak security posture. Overall, the site’s risk is elevated due to inaccessibility and missing security best practices, and the AI analysis score is capped low due to these critical issues.

Kotisivutehdas is a Finnish small-sized technology service provider specializing in professional website development, SEO, AI services, and comprehensive marketing solutions. The company targets small and medium enterprises seeking turnkey, responsive, and SEO-optimized websites. Their market position is strengthened by over 20 years of industry experience and a broad service portfolio including copywriting, website maintenance, and security services. Technically, the website employs modern frameworks like UIkit and integrates popular analytics and marketing tools such as Google Analytics and Facebook Pixel. However, the website suffers from critical security shortcomings, notably the absence of HTTPS and a valid SSL certificate, which severely impacts its security posture. Privacy compliance is addressed through a comprehensive cookie consent mechanism and a detailed privacy policy, though terms of service and security policies are lacking. Overall, the website presents professional content and clear contact information but requires urgent security improvements to protect user data and enhance trust.

B

BCS Koolitus AS

bcskoolitus.ee

0

BCS Koolitus AS is a well-established Estonian company specializing in IT training and certification services for both IT specialists and general computer users. The company offers a broad range of courses including Microsoft Office, IT infrastructure management, programming languages, and e-learning platforms. Their market position is strong within Estonia, supported by extensive project experience and recognized quality certifications such as the HAKA quality mark. The website reflects a professional and consistent brand image with detailed service descriptions and active client engagement through testimonials and project showcases. Technically, the site is built on WordPress with modern technologies and includes multilingual support, though performance optimization is needed due to slow load times and large page size. Security posture is generally good with HTTPS and OCSP stapling, but improvements are recommended in DNS and email security configurations. Privacy compliance is basic with cookie consent mechanisms and privacy policies present, but GDPR compliance could be enhanced. Overall, the company demonstrates credible business operations with clear contact information and a moderate level of digital maturity.

M

MediaSPREA

mediasprea.fi

0

MediaSPREA is a Finnish digital agency specializing in creating effective marketing, sales, and communication tools such as websites, visual identities, electronic marketing, and photography services. The company targets businesses seeking to enhance their digital presence and marketing effectiveness. The website is built on Joomla CMS with common web technologies like jQuery and Bootstrap, and it includes GDPR-compliant cookie consent mechanisms and a validated contact form for customer inquiries. However, the technical infrastructure lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security vulnerability. The absence of modern security headers and DNS security features further weakens the security posture. Overall, the website content is professional and relevant, but the lack of HTTPS significantly impacts trust and security ratings.

L

Lujakatto Oy

lujakatto.fi

0

Lujakatto Oy is a Finnish company specializing in roofing products and installation services, offering a streamlined e-commerce platform where customers can order both products and installation with transparent pricing. The company targets Finnish homeowners and property managers, positioning itself as a niche regional provider with a focus on quality service and convenience. Technically, the website uses modern front-end technologies such as UIkit and jQuery, but lacks a valid SSL certificate, which impacts security and trust. The site is moderately performant and mobile-optimized, with clear navigation and good content relevance. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Privacy policies and terms of service are present but basic, with no advanced compliance or incident response information. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. Strategic improvements in security and privacy compliance are recommended to enhance trust and protect user data.

B

BCS

bcs.ee

0

BCS is a well-established Estonian IT services company founded in 1989, specializing in IT management, cybersecurity, and business IT solutions. The company positions itself as a trusted partner for digital innovation and security, targeting businesses and organizations in Estonia. Their website reflects a mature digital presence with comprehensive service offerings and a focus on cybersecurity through their Infoturbekeskus. Technically, the site is built on WordPress with modern technologies such as TLS 1.3, reCAPTCHA, and LiveChat integration, though performance could be improved due to high resource count and load time. Security posture is solid with proper SSL configuration, SPF and DMARC email protections, and no critical vulnerabilities detected. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, though terms of service and explicit security policies are not found. Overall, the site demonstrates good business credibility and technical maturity with room for security header enhancements and performance optimization.

K

Katolle.fi

katolle.fi

0

Katolle.fi is a Finnish e-commerce website specializing in the sale of roofing sheets and related construction materials. The site targets Finnish builders, homeowners, and contractors seeking quality roofing products with competitive pricing and fast delivery. The business operates a Joomla CMS with VirtueMart e-commerce platform, integrating common web technologies such as jQuery and Bootstrap. The website is well-structured with clear product listings and navigation, supporting Finnish language users effectively. However, the absence of a valid SSL certificate and HTTPS support represents a critical security vulnerability, exposing users to potential data interception risks. The site includes cookie consent mechanisms and basic privacy information but lacks comprehensive GDPR compliance indicators and security policies. Tracking and advertising tools such as Google Analytics and Google Ads are actively used, indicating moderate user tracking. Overall, the website demonstrates a moderate level of digital maturity but requires urgent security improvements to protect user data and enhance trust.

U

Unisender

unisender.com

0

Unisender is a well-established Russian email marketing service founded in 2009, serving over 870,000 companies primarily in Russia and Belarus. The platform offers a comprehensive suite of marketing tools including email campaigns, chat-bots, SMS messaging, landing page creation, and automation features. The website is professionally designed, content-rich, and targets businesses and marketers seeking efficient communication solutions. Technically, the site is hosted on Yandex Cloud and built on WordPress, utilizing common JavaScript libraries and marketing SDKs. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are present and indicate GDPR compliance, though user tracking is extensive. Overall, the business demonstrates strong credibility and market presence but must urgently address security vulnerabilities to protect user data and maintain trust.

I

Inbokss Ltd.

inbox.eu

0

Inbox.eu is a privacy and security oriented email and cloud storage service provider based in Latvia, operating since 2001. The company offers both business domain email solutions and personal email accounts with features such as spam filtering, data encryption, and synced contacts and calendar. With over 20 years of experience and processing over 21 million emails weekly, Inbox.eu positions itself as a trusted provider in the privacy-focused email market. The website is professionally designed, multilingual, and targets users seeking secure and private email services. Technically, the site uses standard web technologies including JavaScript, Google Tag Manager, and Facebook Pixel for analytics and marketing. However, the website currently lacks a valid SSL certificate and does not support modern TLS protocols, which significantly impacts its security posture. DNS records are well configured with SPF and DMARC policies, but DNSSEC and CAA records are absent. Incident response contact is available via DMARC abuse email. Privacy and terms of service policies are present and appear comprehensive, but no cookie consent mechanism was detected. Overall, the site demonstrates moderate digital maturity but requires urgent improvements in SSL/TLS security to protect user data and trust.

J

JanLa Oy

janla.fi

0

JanLa Oy is a Finnish wholesale and service center specializing in roofing and sheet metal products, including steel roofing, solar power solutions, rainwater systems, and safety equipment. The company serves construction industry professionals, sheet metal businesses, private customers, and housing companies, positioning itself as a leading player in its sector with a focus on quality and innovation. The website reflects a medium-sized enterprise with multiple physical locations across Finland and a comprehensive product offering.

U

UAB Toode

toode.lt

0

UAB Toode is a medium-sized Lithuanian company specializing in manufacturing and retailing steel roofing materials and accessories, with a strong presence in the Baltic region supported by factories in Estonia, Latvia, and Finland. The company holds recognized certifications such as ISO 9001 and CE marking, reinforcing its market position as a reputable supplier in the construction sector. Their website provides comprehensive product catalogs, customer testimonials, and multiple contact channels, targeting construction professionals and retail customers. Technically, the website is built on WordPress with WooCommerce, leveraging common web technologies and marketing tools like Google Analytics and Tag Manager. However, the site suffers from significant security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which critically undermines user trust and data protection. Privacy compliance is addressed through GDPR-aligned cookie consent and a privacy policy document, but terms of service and explicit security policies are missing. Overall, the website demonstrates good business credibility and content quality but requires urgent improvements in security infrastructure and performance optimization to enhance user trust and operational resilience.

T

Toode

toode.ee

0

Toode AS is an established Estonian company specializing in roofing materials, rainwater systems, and roofing accessories, with a history dating back to 1991. The company serves the Baltic region with a medium-sized business model that includes manufacturing, retail, and e-commerce components. Their website reflects a consistent brand presence and targets customers seeking quality roofing solutions. Technically, the site is built on WordPress with a variety of plugins and third-party integrations, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, lack of security headers, and no advanced TLS configurations. Privacy compliance is basic with a privacy policy and cookie consent mechanism present but could be enhanced. Overall, the domain and WHOIS data confirm the legitimacy and maturity of the business. Strategic improvements in security and performance are recommended to enhance trust and compliance.

S

SIA "Laba Sēta"

labaseta.lv

0

SIA "Laba Sēta" is a Latvian small manufacturing business specializing in the production and installation of concrete products, fences, gates, and related territory landscaping services. The company offers a comprehensive range of products including concrete fence posts, gates, PVC fences, and gate automation solutions. Their market position is that of a local specialized manufacturer and installer serving residential and commercial customers. The website is built on WordPress using common plugins and themes, with moderate digital maturity evidenced by the use of Google Analytics and Tag Manager. However, the site lacks a valid SSL certificate, which severely impacts security posture and user trust. No privacy or terms of service pages were found, though a cookie consent banner is present. Contact information is clearly provided, supporting business credibility. Overall, the website is functional and professionally designed but requires significant security improvements.

S

SIA IMPROVEMENT

improvement.lv

0

SIA IMPROVEMENT is a Latvian small business specializing in landscaping, paving, road construction, and bulk material delivery services. Founded in 2018, the company positions itself as a reliable local specialist offering quality full-cycle paving stone installation, greening, and construction services. The website is professionally designed using WordPress and Elementor, providing clear navigation and multilingual support. Contact information is prominently displayed, including multiple phone numbers, emails, and physical addresses in Riga, Latvia. Social media presence on Facebook and Instagram supports brand visibility. Technically, the website uses a modern WordPress stack with WooCommerce and Elementor plugins, but performance is hindered by a large page size and slow load times. Security posture is basic with a valid SSL certificate but lacks advanced security headers and HSTS enforcement. No explicit privacy, cookie, or terms of service policies are found, indicating gaps in compliance. Tracking is moderate via Google Tag Manager and reCAPTCHA. Overall, the site is functional and credible for its business scope but requires improvements in security best practices, privacy compliance, and performance optimization to enhance trust and user experience.

E

E-COMMERCE BROKER SIA

finlat.lv

0

Finlat.lv is a Latvian-based credit comparison and brokerage platform operated by E-COMMERCE BROKER SIA, founded in 2021. The platform offers a wide range of financial services including consumer loans, mortgage-backed loans, auto loans, business loans, refinancing, and credit consolidation. It serves individuals and businesses in Latvia, providing a convenient one-application process to access multiple lenders. The website is well-structured with clear navigation, client testimonials, and partner logos enhancing its credibility. Technically, it is built on WordPress with Elementor and uses modern web technologies, but lacks a valid SSL certificate, which is a critical security concern. The absence of a cookie consent mechanism also poses potential GDPR compliance issues. The platform integrates several analytics and marketing tools such as Google Analytics, Yandex Metrica, and Facebook Pixel, indicating moderate user tracking. Overall, the business appears legitimate with consistent WHOIS data and transparent contact information, but needs to address security and privacy compliance gaps to improve trust and security posture.

S

SIA Toode

toode.lv

0

SIA Toode is a medium-sized manufacturing company based in Latvia specializing in steel roofing and wall profiles, rainwater drainage systems, and related construction materials. The company has a regional presence with partner sites in Estonia, Lithuania, and Finland, positioning itself as a key player in the Baltic and Nordic construction materials market. Their website reflects a professional business with clear product offerings and a focus on construction professionals and building owners. Technically, the website is built on WordPress with modern JavaScript libraries and integrates Google Analytics and Cookiebot for tracking and compliance. However, performance is somewhat slow, and accessibility is basic. Security posture is adequate with HTTPS and SPF/DMARC records but lacks advanced SSL features such as HSTS and OCSP stapling, and no security headers are detected. Privacy compliance is supported by a privacy policy and cookie consent mechanism, though no incident response or security policy is visible. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business. Strategic improvements in security headers, SSL configuration, and incident response transparency would enhance the site's security and trustworthiness.