Skip to main content

Is alpex.lv a Scam? Security Check Results - SIA Alpex Reviews

alpex.lv favicon

Is alpex.lv Safe? Security Analysis for SIA Alpex

http://www.alpex.lv

Check if alpex.lv is a scam or legitimate. Free security scan and reviews.

EnergyLatviasmall
WordPressYoast SEOSwiper.jsFancyBoxCookiebot+1 more
Analyzed 7/30/2025Completed 10:20:19 PM
54
Security Score
MEDIUM RISK

AI Summary

SIA Alpex operates as a specialized service provider offering 24/7 technical maintenance and emergency services for building engineering communications in Latvia. The company targets property owners and businesses requiring reliable building technical support. The website reflects a small-sized local business with a clear focus on technical service delivery. Technically, the website is built on WordPress CMS, leveraging modern plugins such as Yoast SEO for optimization, Cookiebot for GDPR-compliant cookie management, and Google reCAPTCHA for bot mitigation. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security posture is solid with HTTPS enforced and bot protection in place, although explicit security headers and detailed security policies are absent. Privacy compliance is well addressed through Cookiebot consent mechanisms and a comprehensive cookie declaration in Latvian. However, the absence of WHOIS data limits domain trust verification. Overall, the site is professional, secure, and compliant with privacy regulations, suitable for its business purpose.

Detected Technologies

WordPressYoast SEOSwiper.jsFancyBoxCookiebotGoogle reCAPTCHA

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The company positions itself in the energy sector, focusing on building technical services and emergency repairs. Its business model revolves around providing continuous technical support and maintenance, likely generating revenue through service contracts and emergency call-outs. The website content and structure indicate a focus on local clientele in Latvia, with multilingual support for Latvian, Russian, and English. The absence of social media links or extensive contact details suggests a direct business-to-business approach rather than broad consumer marketing. The use of Cookiebot and Google services indicates awareness of regulatory and security requirements. No partnerships or subsidiaries are evident from the website content.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

a*****@alpex.lv

Security Posture Analysis

Comprehensive Security Assessment

The website employs HTTPS and integrates Google reCAPTCHA to prevent automated abuse, reflecting a baseline security maturity. Cookie consent management via Cookiebot ensures GDPR compliance in data collection practices. However, the lack of visible security headers such as Content Security Policy, X-Frame-Options, or HSTS reduces the overall security robustness. No explicit security or incident response policies are published, which could impact preparedness and transparency. The contact form collects personal data with user consent, but no additional security measures or data protection officer contacts are provided. No vulnerabilities or exposed sensitive data were detected in the HTML content.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement and verify HTTP security headers (CSP, HSTS, X-Frame-Options) to enhance protection against common web attacks.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

SIA Alpex

Description:

24H ēku tehniskais serviss

Key Services:
24/7 building technical serviceInternal and external engineering communications maintenanceEmergency situation resolution
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
WordPressYoast SEOSwiper.jsFancyBoxCookiebotGoogle reCAPTCHA
Platforms:
WordPress CMS
Performance:

moderate

Mobile:

good

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Cookie consent management implemented
  • Google reCAPTCHA used to prevent bots
  • No exposed sensitive data found in HTML

Analytics & Tracking

Tracking Level:minimal
Privacy Compliance:good

Advertising & Marketing

Ad Networks:
Google
Tracking Pixels:
Cookiebot
Marketing Tools:
Cookiebot
Transparency Level:good

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website uses WordPress CMS with modern plugins and SEO optimization

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

15/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

83/100
Score

No Data Protection Officer mentioned

LOW

Large organizations may need to designate a DPO under GDPR

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

75/100
Score

DMARC not enforcing

MEDIUM

DMARC policy is set to "none"

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 +a +mx +a:webmail.garmtech.net +a:web11.garmtech.net +a:ns2.garmtech.com +ip4:89.111.23.2 +include:relay.mailchannels.net ~all
DNS Lookups:6/10
Policy:~all
DKIM Selectors Found
Selector:default(1416-bit rsa)
DMARC Details
Policy:none
Aggregate Reports:postmaster@alpex.lv

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100
Score

Unable to retrieve SSL certificate

CRITICAL

Could not establish secure connection to retrieve certificate information

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

80/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DMARC Policy Set to None

LOW

DMARC is configured but not enforcing any policy

DNS Records

A Records:188.114.97.1, 188.114.96.1
AAAA Records:2a06:98c1:3121::1, 2a06:98c1:3120::1
Name Servers:
greg.ns.cloudflare.comDNS only
laila.ns.cloudflare.comDNS only
MX Records:
0: _dc-mx.20d0092f2f6e.alpex.lv
SOA:Serial: 2375506748, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:269ms

SPF Analysis

SPF Record:
v=spf1 +a +mx +a:webmail.garmtech.net +a:web11.garmtech.net +a:ns2.garmtech.com +ip4:89.111.23.2 +include:relay.mailchannels.net ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on WordPress 6.8.2 with Yoast SEO plugin version 24.0, indicating a modern CMS environment optimized for search engines. It uses external libraries such as Swiper.js for sliders and FancyBox for modals, enhancing user interface interactivity. Cookiebot scripts manage cookie consent and compliance. Google Fonts are used for typography. The site loads multiple CSS and JS resources from reputable CDNs, supporting performance and reliability. The site is mobile-optimized with responsive design and accessibility features. Performance is moderate, with no critical errors or broken elements detected. The absence of hosting provider information limits infrastructure assessment. Overall, the technical implementation supports a professional and user-friendly website experience.
Analyze Another Website