Skip to main content

Is aparks.lv a Scam? Security Check Results - SIA VDAG Reviews

aparks.lv favicon

Is aparks.lv Safe? Security Analysis for SIA VDAG

https://www.aparks.lv

Check if aparks.lv is a scam or legitimate. Free security scan and reviews.

TransportationLatviasmall
jQuery 3.7.1Slick Carousel 1.8.1FontAwesome 5.8.2Google Fonts (Exo 2)Custom CSS and JS+1 more
Analyzed 7/30/2025Completed 8:23:34 PM
43
Security Score
HIGH RISK

AI Summary

The website aparks.lv represents a small Latvian car dealership business named SIA VDAG, located in Jelgava. The company specializes in used car sales, leasing, trade-in services, and vehicle delivery from Europe. The site is professionally designed with clear navigation, mobile optimization, and a comprehensive car catalog featuring pricing and leasing options. The business targets Latvian customers interested in purchasing or leasing used vehicles, positioning itself as a local trusted dealer with transparent contact and policy information. From a technical perspective, the website uses modern JavaScript libraries such as jQuery and Slick Carousel, along with FontAwesome and Google Fonts for styling. External scripts from elizings.org suggest integration with marketing or credit application tools. The site is served over HTTPS, includes cookie consent mechanisms, and has good SEO practices, although no CMS or hosting provider details are evident. Performance is moderate with good mobile responsiveness. Security posture is adequate with HTTPS enforced and cookie consent present, but lacks advanced security headers and published incident response or vulnerability disclosure policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong with detailed GDPR-aligned privacy and cookie policies in Latvian. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professional, though the absence of WHOIS data due to query limits limits full domain legitimacy verification. The business appears legitimate and focused on its local market niche. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and security posture.

Detected Technologies

jQuery 3.7.1Slick Carousel 1.8.1FontAwesome 5.8.2Google Fonts (Exo 2)Custom CSS and JSelizings.org scripts and styles

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

SIA VDAG operates in the transportation sector as a used car dealership in Jelgava, Latvia. Its business model revolves around selling used cars, offering leasing options, and purchasing vehicles from customers. The company leverages online presence to showcase inventory and facilitate credit applications. The target market is local Latvian consumers seeking affordable vehicle options with flexible financing. The website's integration with marketing and credit tools indicates a focus on customer convenience and lead generation. The business maintains clear contact channels and comprehensive privacy policies, supporting customer trust. No evident partnerships or subsidiaries were identified from the website content or linked domains.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

i*****@gmail.com

Phone Numbers (1)

+3712883****

Physical Addresses (1)

Jelgava, Ganību iela 71D

Company Registration

Legal Name:

SIA VDAG

Registration Number:

43603080395

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a moderate security maturity level. HTTPS is properly implemented, and cookie consent mechanisms comply with privacy regulations. However, the absence of key security headers such as Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options reduces defense-in-depth. No published security or incident response policies were found, limiting transparency in vulnerability management. Third-party scripts from elizings.org and external CDNs should be regularly audited to mitigate supply chain risks. No visible vulnerabilities or sensitive data exposures were detected. GDPR compliance is well addressed through detailed privacy and cookie policies. Overall, the security posture is adequate for a small business but could be improved with enhanced headers and formal security documentation.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement security headers including Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options to strengthen browser security.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

SIA VDAG

Description:

Autosalons piedāvā - Pasūtīšana un piegāde no Eiropas, Līzings un Maiņa. Lietotas automasīnas - Bez pirmās iemaksas un ar izdevīgiem Līzinga nosacījumiem.

Key Services:
Used car salesLeasingCar purchase from customersCar delivery from Europe
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
jQuery 3.7.1Slick Carousel 1.8.1FontAwesome 5.8.2Google Fonts (Exo 2)Custom CSS and JSelizings.org scripts and styles
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
75/100
Best Practices:
  • HTTPS enforced
  • Cookie consent banner present
  • No exposed sensitive data in HTML

Analytics & Tracking

Tracking Level:minimal
Privacy Compliance:good

Advertising & Marketing

Marketing Tools:
elizings.org scripts
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website is fully accessible with no blocking or WAF challenges.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

35/100
Score

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

10/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

EU business without adequate privacy measures

CRITICAL

EU businesses are subject to strict GDPR requirements

Third-party services without privacy policy

HIGH

Detected services: Google APIs

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

60/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

72/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 73 days

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

75/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

No DMARC Record

MEDIUM

DMARC policy not configured

DNS Records

A Records:65.21.93.23
Name Servers:
ns1.dns.lvDNS only
ns2.dns.lvDNS only
SOA:Serial: 1740564301, TTL: 900s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:77ms

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

0/100
Score

High-Risk Service Exposed: FTP

HIGH

Port 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer

Service Exposed: SSH

MEDIUM

Port 22 (SSH) is publicly accessible - SSH - Secure but can be brute-forced

Critical Service Exposed: MySQL

CRITICAL

Port 3306 (MySQL) is publicly accessible - MySQL - Database server

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a modern but straightforward technology stack centered on jQuery, Slick Carousel, and FontAwesome for UI components and styling. Google Fonts integration enhances typography. Custom CSS and JavaScript files indicate tailored design and functionality. External scripts from elizings.org suggest integration with marketing or credit application services. The site is served over HTTPS, ensuring encrypted communications. Performance is moderate, with good mobile optimization and basic accessibility features. SEO is supported by proper meta tags and Open Graph data. No CMS or hosting provider information was detected, suggesting a custom or self-managed hosting environment. Opportunities exist to improve accessibility and performance through optimization and enhanced semantic markup.
Analyze Another Website