Retail security reports

O

OHHIRA® Japāņu produkti

ohhira.lv

61

The website www.ohhira.lv represents an e-commerce business specializing in Japanese health and beauty products, including probiotics, collagen, and hyaluronic acid. The site targets a Latvian audience with content available in Latvian and Russian, positioning itself as a niche retailer in the health and beauty sector. The business model is primarily online retail, leveraging PrestaShop as its CMS platform. The website demonstrates a good level of digital maturity with integration of multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, Smartlook, and Cookiebot for GDPR compliance. Technically, the site uses modern web technologies and third-party services to enhance user experience and marketing effectiveness. The site is mobile-optimized and shows good SEO practices with proper meta tags and Open Graph data. However, there is no explicit evidence of advanced security headers in the HTML content, which could be improved. The SSL configuration is excellent, ensuring secure HTTPS connections. From a security perspective, the site employs standard best practices including HTTPS, cookie consent mechanisms, and reCAPTCHA to mitigate bot activity. No critical vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is strong with a comprehensive privacy policy and cookie consent banner, indicating adherence to GDPR requirements. Overall, the website is professional, trustworthy, and safe for general audiences. The lack of WHOIS data limits full domain trust verification, but the site’s content and technical setup suggest a legitimate business. Strategic recommendations include enhancing security headers, improving accessibility features, and maintaining up-to-date third-party libraries to sustain security and compliance.

S

SIA "LaNordija"

lanordija.lv

44

Lanordija is a Latvian company operating primarily in the retail and manufacturing sectors, focusing on food products. The website presents a professional image with clear business information, including contact details, physical address, and social media presence. The company appears established with a founding date around 2015 and operates under the legal entity SIA "LaNordija". The website content is relevant and targeted at a general audience interested in their product assortment and company news. Technically, the website is built on WordPress and utilizes common web technologies such as jQuery, Google Analytics, and Yoast SEO for optimization. The site is moderately optimized for performance and mobile devices, with basic accessibility features. Security-wise, HTTPS is enabled, and a cookie consent mechanism is present, indicating some level of privacy compliance. However, no advanced security headers or explicit security policies are published, which suggests room for improvement in security posture. The security posture is moderate with no visible vulnerabilities or exposed sensitive data in the provided content. The absence of WHOIS data due to query limits limits the ability to fully verify domain legitimacy, but the website's professional presentation and consistent business information support a moderate trust level. Privacy and cookie policies are present and appear GDPR compliant, enhancing the site's compliance stance. Overall, Lanordija's website reflects a small to medium-sized business with a solid online presence but could benefit from enhanced security measures and more transparent policies to improve trust and compliance further.

I

IK O-placis

omalka.lv

43

IK O-placis operates a website omalka.lv offering firewood production, packaging, and delivery services primarily in Latvian regions including Ogre, Riga, and Aizkraukle. The business targets local consumers and companies requiring firewood, positioning itself as a regional supplier with a focus on quality and delivery convenience. The website content is straightforward, providing pricing, product types, and contact details, reflecting a small-scale retail operation. Technically, the website uses legacy technologies such as jQuery 1.7.2 and Lightbox.js for image galleries, with no detected CMS or advanced frameworks. The site lacks modern security features such as HTTPS and security headers, and no privacy or cookie policies are present, indicating limited digital maturity and compliance readiness. Performance and mobile optimization are basic, with no analytics or tracking scripts detected. From a security perspective, the absence of HTTPS and security headers presents a risk to data confidentiality and integrity. The outdated JavaScript library may expose the site to known vulnerabilities. No incident response or security policies are visible, and WHOIS data is unavailable due to query limits, limiting domain trust verification. Contact information is clearly provided, supporting business credibility despite technical shortcomings. Overall, the website is functional for its business purpose but requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and protect customer data. Strategic recommendations include implementing HTTPS, updating libraries, adding privacy and cookie policies, and improving security headers and incident response readiness.

M

MS Holding SIA

msparts.lv

61

MS Parts is a small Latvian-based e-commerce business specializing in automotive spare parts for various European car brands. The website offers a wide range of products including electrical components, body parts, suspension, oils, and accessories. The business targets car owners and automotive repair professionals seeking quality spare parts with worldwide delivery options. Technically, the site is built on Prestashop CMS, uses modern web technologies such as Bootstrap and jQuery, and implements a cookie consent manager for privacy compliance. The website is mobile optimized and provides a good user experience with clear navigation and product categorization. Security-wise, the site enforces HTTPS and uses cookie consent but lacks some advanced security headers and explicit security policies. WHOIS data is not publicly available due to EURid privacy policies, which is common for .eu domains, but the website content and business information appear consistent and professional. Overall, the site demonstrates a solid digital presence with room for security enhancements and more transparent business disclosures.

X

xjeans.lv

xjeans.lv

65

The website www.xjeans.eu is an e-commerce platform specializing in retailing clothing and accessories primarily targeting Finnish and Baltic region consumers. The product catalog includes men's, women's, and children's apparel with a focus on jeans and casual wear. The site supports multiple languages and offers customer incentives such as free shipping over certain order values and loyalty discounts. The business model is typical of a small regional online retailer with a clear focus on fashion apparel. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, Flickity for sliders, FontAwesome for icons, and Instafeed.js for Instagram integration. The site is mobile optimized and uses HTTPS for secure communications. However, there is no evidence of a CMS or hosting provider from the data available. Performance is moderate with good mobile responsiveness but basic accessibility and SEO features. From a security perspective, the site enforces HTTPS and uses secure forms but lacks visible security headers such as CSP or HSTS. No vulnerabilities or exposed sensitive data were detected in the analysis. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible GDPR compliance indicators. WHOIS data is privacy protected, which is common for small e-commerce businesses but reduces transparency. Overall, the website presents a moderate risk profile with good business credibility and technical implementation but gaps in privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, improving accessibility, and maintaining regular security audits to enhance trust and compliance.

Zalutejas.lv is an e-commerce website operated by SIA "3x9 zālītes", specializing in the retail of herbal teas and related natural products sourced from ecologically clean areas in Latvia. The business targets consumers interested in organic and natural herbal products, positioning itself as a niche local retailer with a focus on quality and natural harvesting methods. The website presents a professional design with clear navigation and product offerings, including herbal teas, mixtures, and related items such as natural egg colors and wax candles. From a technical perspective, the website employs a modern frontend stack including Bootstrap, jQuery, and Fancybox, with Google Fonts and Google Analytics integrated. The site appears mobile-optimized and offers a moderate performance level. However, there is a lack of advanced security headers and no visible CMS or hosting provider information. The absence of privacy and cookie policies, as well as contact details, indicates gaps in compliance and user trust features. Security posture is moderate with HTTPS implied but no explicit security headers detected. No forms or sensitive data collection points are present on the homepage, reducing immediate risk exposure. The use of Google Analytics without a cookie consent mechanism suggests potential GDPR compliance issues. WHOIS data could not be retrieved due to query limits, limiting the ability to fully verify domain legitimacy and registrant information. Overall, the website is functional and presents a trustworthy business front for a small herbal tea retailer but requires improvements in privacy compliance, security best practices, and transparency to enhance trust and regulatory adherence.

S

Sportland Eesti AS

sportlandmagazine.com

57

Sportland Magazine is a leading Estonian lifestyle and sports online magazine operated by Sportland Eesti AS, a medium-sized retail and media company established in 2010. The website offers a rich variety of sports news, lifestyle articles, event coverage, and product recommendations targeted primarily at Estonian sports enthusiasts and lifestyle readers. The company maintains a consistent brand presence with active social media channels and a well-structured website optimized for SEO and mobile devices. Technically, the site is built on WordPress with modern JavaScript libraries and tracking tools such as Google Tag Manager and Facebook Pixel, hosted behind Cloudflare DNS services. Security posture is good with HTTPS enforced and no exposed sensitive data, though improvements like implementing a Content-Security-Policy header and publishing a security.txt file are recommended. Privacy compliance is adequate with a comprehensive privacy policy in Estonian, but lacks a cookie consent mechanism and explicit GDPR compliance indicators. Overall, the website is professional, trustworthy, and well-positioned in its market segment.

S

SIA Latvijas Monētu nams

monetunams.lv

60

SIA Latvijas Monētu nams is a Latvian small business specializing in the retail and official distribution of collectible coins and medals, representing prominent world mints since 2008. The website serves as an e-commerce platform targeting numismatists and collectors primarily in Latvia, offering a range of commemorative and rare numismatic items. The company positions itself as a trusted official distributor with a solid reputation, supported by positive Google reviews and clear branding. Technically, the website is built on Joomla CMS with modern web technologies including Google Tag Manager and OneTrust for cookie consent, providing a responsive and user-friendly experience. Security posture is good with HTTPS, CSRF protection, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with accessible privacy and cookie policies indicating GDPR adherence. Overall, the website is professional, trustworthy, and well-optimized for its target market, though WHOIS data is unavailable due to query limits, limiting domain registration verification.

K

Koks kaste

kokskaste.lv

68

Koks kaste is a small Latvian e-commerce business specializing in eco-friendly and personalized gift products centered around tree planting kits, seed pencils, seed envelopes, and related natural gifts. The website is built on the Shopify platform, leveraging modern web technologies and Shopify apps to provide a user-friendly shopping experience. The site is bilingual (Latvian and English) and targets environmentally conscious consumers looking for unique gift ideas. Technically, the site is well-structured with good SEO practices, mobile optimization, and uses HTTPS with hCaptcha for form security. Privacy and cookie policies are present, indicating basic GDPR compliance. However, no direct contact information or detailed security policies are published, and WHOIS data could not be retrieved due to query limits. Overall, the site presents a professional and trustworthy front for a niche retail business.

Apati Profi is a Latvian-based e-commerce retailer specializing in workwear and professional clothing. The website offers a variety of products including aprons, protective clothing, business attire, and accessories targeted primarily at businesses and professionals in Latvia. The site provides basic e-commerce functionality with account registration, login, and shopping cart features. The company maintains a social media presence on Facebook and Twitter, enhancing customer engagement. Technically, the website uses traditional HTML, CSS, and JavaScript with an outdated jQuery version, hosted likely by unihost.lv. While the site is functional and content relevant, it lacks modern security headers and privacy compliance documentation, which are critical for trust and regulatory adherence. The absence of WHOIS data due to query limits restricts full domain legitimacy assessment.

L

Lucky John

luckyjohn.info

45

Lucky John is a specialized fishing tackle brand with a history dating back to 1988, operating an e-commerce platform since at least 2010. The company offers a wide range of fishing products including rods, lures, reels, and accessories, targeting fishing enthusiasts and retailers globally. The website is built on WordPress with WooCommerce, featuring a professional design, good navigation, and mobile optimization. It integrates common marketing and analytics tools such as Google Analytics and Mailchimp. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and DNSSEC. Privacy and terms of service policies are absent, which is a compliance gap. Overall, the site is trustworthy and professionally maintained but could improve in security and compliance documentation.

D

Daniele Donati

danieledonati.lv

39

Daniele Donati operates an e-commerce retail website focused on leather goods including women's and men's bags, wallets, and backpacks. The business targets consumers primarily in Latvia and the Baltic region, offering discounted products and maintaining physical stores in Latvia and Lithuania. The website is professionally designed with clear navigation and product listings, supporting a small retail business model with a regional niche market position. Technically, the website employs common JavaScript libraries such as jQuery and PhotoSwipe, with CSS frameworks for styling. The site is served over HTTPS and includes cookie consent mechanisms, but lacks advanced security headers and comprehensive accessibility features. Performance is moderate with basic mobile optimization. From a security perspective, the site uses HTTPS and cookie consent but does not publicly disclose security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. WHOIS data could not be retrieved, limiting domain trust analysis. Overall, the security posture is adequate but could be improved with additional headers and transparency. The overall risk is moderate with no critical issues detected. Strategic recommendations include enhancing security headers, improving mobile and accessibility features, publishing security policies, and conducting regular security audits to strengthen trust and compliance.

Caurtekas.lv is an e-commerce website operated by SIA "Constra", a Latvian company specializing in the retail of construction and garden materials. The website offers a variety of products including drainage systems, geosynthetic materials, and garden supplies, targeting both business and individual customers in Latvia. The business appears to be a small-sized local retailer with a clear market focus and consistent branding. Technically, the website is built on the Shopify platform using the Simple theme, leveraging common web technologies such as jQuery, Modernizr, and LazySizes for performance and responsiveness. The site is hosted on Shopify's CDN infrastructure, ensuring reliable delivery and moderate performance. SEO and accessibility features are basic but adequate for the target audience. From a security perspective, the site enforces HTTPS and includes a cookie consent banner indicating GDPR awareness. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and there is no visible security policy or incident response information. No vulnerabilities or exposed sensitive data were found in the HTML content. Tracking is implemented via Facebook Pixel, Google Analytics, and Shopify's own analytics tools, with moderate user tracking levels. Overall, the website presents a professional and trustworthy online presence for a small Latvian retail business. The lack of WHOIS data limits domain registration trust analysis, but the site content and business information are consistent and credible. Strategic improvements in security headers, incident response transparency, and accessibility could enhance the security posture and user trust.

M

M-Сollections

m-collections.lv

41

M-Сollections is a small retail business specializing in wedding decorations and accessories in Latvia, targeting Russian-speaking customers interested in elegant and unified wedding themes. The website provides product categories such as invitations, floral arrangements, seating, and banquet decorations, emphasizing a European style of wedding aesthetics. The business operates primarily as a local niche provider in the wedding event sector. Technically, the website uses older JavaScript libraries like jQuery 1.10.2 and bxSlider for UI elements. The site structure is basic with moderate performance and limited mobile optimization. SEO and accessibility features are minimal but functional. There is no evidence of a modern CMS or advanced frameworks. Security practices are weak, with outdated libraries and no visible security headers or HTTPS confirmation in the provided data. Security posture is moderate to low, with risks from outdated JavaScript and lack of visible HTTPS or security headers. No privacy or cookie policies are present, indicating poor privacy compliance. The site lacks contact emails and phone numbers, reducing business credibility. No WHOIS data was available due to query limits, limiting domain legitimacy assessment. Overall, the site is functional but requires significant improvements in security, privacy, and technical modernization. Recommendations include upgrading JavaScript libraries, implementing HTTPS with strong SSL/TLS, adding security headers, publishing privacy and cookie policies, and improving contact transparency to enhance trust and compliance.

S

SuperDāvanas.lv

superdavanas.lv

42

SuperDāvanas.lv is a Latvian e-commerce retailer specializing in personalized gifts and souvenirs. The website offers a variety of products including keychains, souvenir numbers, wooden gifts, and decorative items, with customization options tailored to customer preferences. The business targets local consumers seeking unique and personalized gift items. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies and SEO plugins to enhance user experience and search visibility. The site is mobile-optimized and integrates Google Analytics and Tag Manager for tracking. Security posture is moderate with HTTPS enabled but lacks visible advanced security headers. Privacy and cookie policies are not detected, indicating room for compliance improvement. WHOIS data is unavailable due to query limits, limiting domain legitimacy verification. Overall, the site presents as a legitimate small business with a professional online presence but would benefit from enhanced privacy compliance and security hardening.

A

ANLAT, SIA

anlat.lv

56

ANLAT, SIA operates as a Latvian automotive parts retailer specializing in ignition components, fuses, bulbs, coils, and technical fluids. The company targets both individual customers and businesses within Latvia, offering an online catalog and e-commerce platform for product sales. The website is built on WordPress with WooCommerce, indicating a standard e-commerce infrastructure suitable for small to medium-sized businesses. The site is localized primarily in Latvian with Russian language support, reflecting its regional focus. Technically, the website uses common plugins and libraries such as jQuery, Google Analytics, and a mega menu plugin, providing a functional and moderately optimized user experience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in compliance and security best practices. The absence of WHOIS data limits full domain legitimacy verification, but the presence of clear contact information and consistent branding supports a moderate trust level. Overall, the website is a functional, regionally focused e-commerce platform with a good foundation but requires enhancements in privacy compliance and security hardening.

Z

Zemnieku saimniecība "Indrāni"

zsindrani.lv

47

Zemnieku saimniecība "Indrāni" operates an e-commerce website focused on natural and agricultural products, targeting a Latvian audience. The site offers a variety of food items such as marmalade, teas, pesto, and gift sets, positioning itself as a local small to medium scale retailer in the natural products sector. The business model centers on online retail with delivery services and additional tourism information, reflecting a diversified approach to customer engagement. Technically, the website is built on Joomla CMS with Helix3 framework, utilizing common web technologies including jQuery, Bootstrap, and Google Analytics. The site is mobile optimized and presents a good user experience with clear navigation and consistent branding. Performance is moderate, with room for improvement in accessibility and SEO. From a security perspective, the site enforces HTTPS and uses secure POST forms but lacks important security headers such as Content-Security-Policy and HSTS. There is no visible cookie consent mechanism or comprehensive privacy policy, which is a compliance gap given GDPR applicability. No incident response or vulnerability disclosure information is provided, indicating a low maturity in security governance. Overall, the website is functional and professional but would benefit from enhanced security practices, privacy compliance improvements, and better transparency in business and security policies. The absence of WHOIS data limits domain trust assessment, but the site content and contact information suggest a legitimate small business presence.

I

IK Eva paklajs

eva1.lv

55

The website eva1.lv represents a small Latvian business specializing in the manufacture and sale of custom EVA material car mats. The business emphasizes handmade production in Latvia, offering tailored products for various car models with features such as honeycomb structures for dirt retention and secure fixation. The site targets car owners seeking quality automotive accessories with a local production appeal. Technically, the site is built on the Mozello CMS platform, leveraging jQuery and other JavaScript libraries, and is hosted via Amazon Cloudfront CDN. It employs HTTPS and includes a cookie consent mechanism, but lacks visible security headers and a dedicated privacy policy page. Social media presence is robust across multiple platforms, enhancing brand visibility. Security posture is moderate with secure forms and HTTPS but could be improved by adding security headers and formal privacy compliance documentation. Overall, the site is functional, well-branded, and trustworthy for its niche market, though WHOIS data is unavailable for full legitimacy verification.

Puķu Pastnieks is a small Latvian flower delivery service specializing in delivering flower bouquets, wedding flowers, funeral flowers, and corporate floral arrangements primarily in Riga and other parts of Latvia, with international delivery facilitated through the Interflora network. The website provides basic business information, contact details, and ordering instructions, targeting general consumers and businesses seeking floral gifts and arrangements. The business appears to have been established around 2013, consistent with the copyright date on the site. Technically, the website uses basic HTML, CSS, and JavaScript without modern frameworks or CMS, and lacks mobile optimization and advanced SEO features. Security posture is weak, with no visible HTTPS enforcement or security headers, and no privacy or cookie policies, indicating compliance gaps with GDPR. Overall, the site is functional but basic, with moderate trustworthiness based on available business information.

B

BĒBIS

bebis.lv

36

Bebis.lv is a Latvian retail business specializing in children's products and items for young mothers, operating both a physical store in Riga and an online e-commerce platform. The website offers a broad assortment of products with competitive pricing and direct deliveries from manufacturers, positioning itself as a trusted local retailer with a good reputation. The technical infrastructure is based on common web technologies including Bootstrap, Google Tag Manager, and OpenCart CMS, providing a responsive and user-friendly experience. However, the absence of explicit privacy and cookie policies and lack of visible security headers indicate room for improvement in compliance and security posture. The WHOIS data could not be retrieved due to query limits, limiting the ability to fully verify domain legitimacy and registration details. Overall, the site is functional and professional but would benefit from enhanced security and privacy transparency to increase trust and compliance.

S

Saules Gaisma Consulting Ltd.

meadowme.com

60

Meadowme is a small retail business specializing in luxury baby bedding products, operating under the legal entity Saules Gaisma Consulting Ltd. The website is professionally designed using the Wix platform, featuring structured data that provides basic company contact information including a phone number and postal address in Riga, Latvia. The business targets parents and caregivers seeking high-quality baby bedding. Technically, the site leverages Wix's proprietary technologies and scripts, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and some script-level hardening, but lacks explicit security headers and privacy compliance documentation. The absence of WHOIS data raises concerns about domain registration legitimacy, although the website content and branding appear consistent and professional. Overall, the site presents a moderate risk profile with room for improvement in privacy and security transparency.

D

Dive Group

dive-group.com

49

Dive Group is a medium-sized company founded in 2012, specializing in mystery shopping and customer experience consulting primarily serving retail and other business sectors. The company positions itself as a trusted partner for businesses aiming to strengthen customer loyalty and increase sales through professional evaluation services. Their website is built on WordPress using the Avada theme, incorporating modern marketing and analytics tools such as Google Tag Manager and Microsoft Clarity. The site demonstrates good GDPR compliance with a comprehensive privacy policy and cookie consent mechanism. Security posture is adequate with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the website is professional, accessible, and trustworthy, with no signs of malicious content or blocking mechanisms.

Laury Ltd. operates an e-commerce website specializing in stationery products such as notebooks, notebook pages, adhesive tapes, paper handicrafts, and accessories. The company targets a general audience interested in personal and creative stationery products. The website is built on the OpenCart CMS platform and employs common web technologies including jQuery, Bootstrap, and Google Fonts. The site is currently in maintenance mode but provides clear contact information and social media links, enhancing customer trust. From a technical perspective, the website uses a moderately modern tech stack with responsive design elements and basic SEO features. However, the absence of key security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. The use of Google Analytics shows moderate user tracking, but privacy policies are basic and lack explicit GDPR compliance statements. Security posture is moderate with HTTPS enabled and no visible vulnerabilities in the HTML content. The lack of WHOIS data due to query limits restricts full domain legitimacy assessment, which slightly impacts trustworthiness. Overall, the website demonstrates a functional e-commerce presence with basic security and privacy practices but would benefit from enhanced compliance and security hardening.

Rāmriti is a small Latvian e-commerce business specializing in innovative honey products including whipped honey soufflé, fresh pollen, bee bread, natural honey, propolis tincture, and teas. The company targets general consumers interested in natural and healthy food products, positioning itself as a niche local producer with a focus on quality and innovation. The website is built on WordPress with WooCommerce and Elementor, integrating modern technologies and SEO tools such as Rank Math and Google Analytics. Security posture is good with HTTPS and security headers implemented, though explicit privacy and terms of service pages are missing. Overall, the site is professional, user-friendly, and trustworthy, but could improve compliance documentation and accessibility.

B

BabyBanana.eu

babybanana.eu

36

BabyBanana.eu is an online retail business specializing in baby products, serving the Baltic states and Finland as the official distributor for Summer Infant and Bloom Baby brands. The website offers a broad catalog of baby-related items including strollers, feeding chairs, diapers, and health and hygiene products. The multi-language support and clear contact information indicate a customer-focused approach targeting parents and caregivers in the region. Technically, the site is built on Joomla CMS with JoomShopping, leveraging modern frontend frameworks like Bootstrap and UIkit, and integrates Google Analytics for user tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and implements a cookie consent banner, but lacks visible security headers and formal security policies, which are areas for improvement. Overall, the website is functional, trustworthy, and compliant with basic privacy requirements, though it would benefit from enhanced security practices and formalized policies.

T

TuningParts.lv

tuningparts.lv

46

TuningParts.lv is a Latvian-based e-commerce retailer specializing in automotive tuning parts and accessories. The website offers a broad catalog of products including lighting, body kits, engine components, and electronics targeting automotive enthusiasts and tuners primarily in Latvia and nearby regions. The business model is focused on online retail with features such as customer accounts, wishlists, and special offers to engage customers. Technically, the site is built on the OpenCart CMS platform and uses legacy JavaScript libraries like jQuery 1.6.1, indicating a need for modernization to improve security and performance. The site is accessible over HTTPS, but lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and overall security posture. Contact information is clearly provided, enhancing business credibility, but no social media presence or advanced privacy/security policies are evident. WHOIS data is unavailable due to query limits, but the domain appears legitimate and consistent with the business claims. Overall, the site is functional with moderate technical and security maturity but requires updates to libraries, security headers, and privacy compliance to reduce risk and improve trust.

R

Reef Expert

reef-expert.com

55

Reef Expert is a specialized small business operating an e-commerce platform focused on the installation, service, and retail of marine and freshwater aquarium products. The website presents a professional and consistent brand image with clear product offerings and pricing, targeting aquarium hobbyists and enthusiasts. The technical infrastructure is based on Prestashop CMS with integration of common analytics and marketing tools such as Google Analytics and Facebook Pixel. The site is mobile optimized and provides a good user experience with clear navigation and search functionality. Security posture is adequate with HTTPS enabled and use of form tokens, but lacks DNSSEC and security headers, and does not publish security or privacy policies. The domain registration is consistent and legitimate, with no suspicious patterns detected. However, the absence of privacy and cookie policies and consent mechanisms indicates compliance gaps with GDPR and related regulations. Overall, the website is functional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

The Aldo Group Inc. operates the ALDO brand, a global retailer specializing in footwear and accessories for style-conscious men and women. The website www.aldoshoes.com serves as a comprehensive e-commerce platform with international reach, offering localized shopping experiences across multiple countries. The company positions itself as a leading fashion footwear brand with a strong retail presence and a broad product portfolio. Technically, the website leverages modern web technologies including React, Google Tag Manager, and multiple payment and marketing SDKs, indicating a mature digital infrastructure. The site is well-optimized for mobile and SEO, providing a professional user experience. Security-wise, the site enforces HTTPS, employs security headers, and integrates reputable third-party payment and fraud prevention services, reflecting a solid security posture. However, there is a lack of publicly available security policies and incident response information, which could be improved to enhance transparency. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations, making it a reliable platform for customers worldwide.

B

BalticXL

balticxl.lv

41

BalticXL is a wholesale distribution company specializing in alcoholic, non-alcoholic beverages, and food products operating primarily in Latvia, Lithuania, and Estonia since 2008. The company operates a cash & carry retail store and targets professional bartenders, baristas, chefs, and quality-conscious customers. The website is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and Facebook SDK, providing a good user experience with multilingual support and mobile optimization. Security posture is adequate with HTTPS enforced and an age verification overlay for alcohol sales, but lacks advanced security headers and cookie consent mechanisms. WHOIS data is unavailable due to query limits, limiting domain legitimacy verification. Overall, the site is professional and trustworthy with room for improvement in privacy compliance and security best practices.

S

SIA Eco Invest

kazaslaukos.lv

52

The website www.kazaslaukos.lv represents a small Latvian business named SIA Eco Invest specializing in homemade goat's milk cosmetics and soap-making workshops. The business targets local and general audiences interested in natural cosmetic products and experiential workshops. The website is built on the Wix platform, leveraging Wix Thunderbolt framework and standard JavaScript libraries, with integrations for Facebook Pixel and Google Tag Manager for marketing and analytics purposes. The technical infrastructure is typical for small e-commerce and local business sites, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS data due to query limits limits domain legitimacy verification, but the site content and structured data suggest a legitimate small business. Overall, the site is professional and functional but would benefit from enhanced privacy compliance and security best practices.

S

SIA “X Solutions”

prolong.lv

56

Prolong.lv is a Latvian-based small business specializing in the distribution and retail of advanced lubrication products for a variety of vehicles and industrial equipment. The company leverages unique AFMT technology to offer high-quality lubricants and protective sprays, targeting vehicle owners, industrial users, and enthusiasts. The website is built on WordPress with WooCommerce, providing an e-commerce platform for product sales and customer engagement. The site demonstrates good content quality, clear navigation, and consistent branding, supporting a positive user experience. Technically, the site uses modern web technologies and is mobile optimized, though some security headers are missing. Security posture is moderate with HTTPS enforced but could be improved with additional headers and cookie consent mechanisms. WHOIS data is unavailable due to query limits, limiting domain legitimacy verification. Overall, the site is professional and trustworthy with room for security and privacy enhancements.

F

Fightshop.lv

fightshop.lv

46

Fightshop.lv is a Latvian-based e-commerce retailer specializing in fight and sports equipment, apparel, and accessories. The company operates under the legal entity SIA "K&K fight" and targets martial arts practitioners and fitness enthusiasts primarily in Latvia. The website offers a broad range of products including apparel, equipment, inventory, accessories, and sports nutrition. The business model is focused on online retail with a niche market positioning in the regional fight sports sector. Technically, the website is built on the PrestaShop platform, utilizing modern frontend libraries such as jQuery, Slick Slider, and Font Awesome. The site is mobile-optimized with good navigation and user experience. It employs HTTPS for secure communications and includes cookie consent mechanisms indicating GDPR compliance efforts. However, explicit HTTP security headers are not detected, suggesting room for improvement in security hardening. From a security perspective, the site demonstrates a moderate security posture with no visible vulnerabilities or exposed sensitive data. The absence of a dedicated security policy or incident response contact is noted. WHOIS data could not be retrieved due to query limits, limiting domain registration verification. Overall, the site appears legitimate and professionally maintained with clear contact information and trust indicators. The overall risk assessment is moderate with recommendations to enhance security headers, maintain updated WHOIS information, and consider publishing a formal security policy. These steps will improve trust and compliance posture, supporting the company’s growth in the competitive e-commerce fight sports market.

S

SIA "Cake Fab"

cakefab.lv

55

Cake Fab is a small Latvian retail business specializing in the sale of mousse cakes and pastries with options for home delivery and local pickup. The website presents a clear business model focused on e-commerce cake sales, supported by customer testimonials and social media presence on Facebook and Instagram. The company is registered in Latvia as SIA "Cake Fab" with a physical production address in Baloži. Technically, the website is built on the Mozello CMS platform, leveraging Amazon CloudFront CDN for content delivery, and uses common web technologies such as jQuery and Fancybox. Tracking and marketing tools include Google Analytics and Facebook Pixel, indicating moderate user tracking. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and explicit security policies. Privacy compliance is basic, with no dedicated privacy policy page found, though terms of service are present. Overall, the site is professionally designed, mobile-optimized, and trustworthy for its target audience.

S

Natural Gem Online Store. Natural precious and semiprecious gemstones with worldwide delivery. Natural Gemstones for jewelry. Jewelry with gemstones. Gemstone watches.

samocveti.eu

52

The website samocveti.eu operates as an online retail store specializing in natural precious and semiprecious gemstones with worldwide delivery. It offers a broad catalog of gemstones including aquamarine, alexandrite, amethyst, and many others, targeting gemstone buyers, jewelry makers, and collectors globally. The business model is e-commerce retail with a niche focus on gemstone products. The website content dates back to at least 2009, indicating a small but established operation. Technically, the site is built on the anaZana e-commerce platform, utilizing older JavaScript libraries such as jQuery 1.8.1. It includes Google Analytics and Alexa tracking scripts for visitor analytics. The site is served over HTTPS but lacks advanced security headers and modern web security best practices. Mobile optimization and accessibility are basic, and SEO is moderately well implemented. From a security perspective, the site has HTTPS enabled but does not implement key security headers like Content-Security-Policy or HSTS. There is no visible privacy policy, cookie consent mechanism, or incident response information, which indicates gaps in privacy compliance and security transparency. No contact emails or phone numbers are provided, reducing business credibility and user trust. Overall, the website is functional and safe for general audiences but requires improvements in privacy compliance, security posture, and business transparency to enhance trust and reduce risk.

B

Brander

brander.lv

46

Brander is a small Latvian company specializing in brand building and distribution of alcoholic and non-alcoholic beverages within the Baltic States. The website serves as an e-commerce platform showcasing a catalog of beverage brands and products, targeting both business clients and consumers interested in premium beverage offerings. The company positions itself as a regional distributor with a focus on brand management and market presence in the beverage sector. Technically, the website is built on WordPress with WooCommerce, leveraging common web technologies such as Bootstrap and jQuery. It integrates marketing and analytics tools including Google Analytics and Facebook Pixel, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly, with structured data and meta tags properly implemented. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and explicit security policies or incident response contacts. The absence of WHOIS data due to query limits restricts full domain trust verification. Overall, the security posture is moderate with room for improvement in transparency and technical safeguards. The overall risk assessment suggests a legitimate business with a professional online presence but with some gaps in security and compliance transparency. Strategic recommendations include enhancing security headers, publishing incident response information, and improving contact transparency to strengthen trust and compliance.

D&A Secrets is a Latvian-based online retailer specializing in adult products including lingerie, sexual health items, and fetish accessories. The website targets an adult audience with explicit age verification and content warnings. The business operates as a small e-commerce entity with clear company registration and VAT information presented, supporting its legitimacy. The market position is niche, focusing on intimate and adult pleasure products. Technically, the website uses standard web technologies such as jQuery, Bootstrap, and Swiper, with assets hosted on Microsoft Azure Blob Storage, indicating a modern but basic infrastructure. The site is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. Security posture is moderate; while HTTPS is implied, no security headers or cookie consent mechanisms were detected, and no incident response or security policy information is provided. WHOIS data was unavailable due to query limits, limiting domain trust verification. Overall, the site is functional and professional but would benefit from enhanced security and privacy compliance measures.

R

royalcoffee.lv

royalcoffee.lv

64

royalcoffee.lv is a small Latvian e-commerce business specializing in coffee machine spare parts, repair, and maintenance services. The company targets local businesses and individuals requiring professional servicing and parts for coffee machines, positioning itself as a niche provider in the Latvian market. The website is built on the Shopify platform, leveraging modern web technologies such as jQuery, Select2, and hCaptcha for form security. The site demonstrates good design quality, mobile optimization, and user experience, though it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is solid with HTTPS and CAPTCHA protections, but could be improved by adding explicit security headers and clearer contact information for incident response. Overall, the website appears legitimate and functional, but WHOIS data is unavailable due to query limits, limiting domain trust verification.

S

SIA ”NORDPARTS”

nordparts.lv

45

NORDPARTS is a Latvian-based retail and e-commerce company specializing in automotive spare parts, tools, accessories, automotive chemicals, batteries, and renewable energy products such as solar and wind energy equipment. The company targets automotive professionals, vehicle owners, and energy sector customers primarily in Latvia and the Baltic region. Their business model revolves around an online catalog with product ordering and delivery services, supported by a physical presence. The website is built on WordPress with WooCommerce, leveraging modern web technologies and multiple marketing and analytics tools to support business operations and customer engagement. Technically, the website uses a mature and widely adopted CMS platform with a comprehensive tech stack including jQuery, Bootstrap, Google Fonts, FontAwesome, and Google Maps API. The site is mobile-optimized and provides a good user experience with clear navigation and product categorization. SEO and accessibility are adequately addressed, though some improvements in accessibility could be made. From a security perspective, the site enforces HTTPS and uses secure login and registration forms. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not detected, indicating room for improvement in hardening the site against common web attacks. No signs of WAF or blocking mechanisms were found, and no exposed sensitive data was detected in the HTML source. Overall, the website presents a professional and trustworthy front for a medium-sized retail business. The lack of WHOIS data limits domain registration trust analysis, but the visible business information and contact details support legitimacy. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and improving privacy compliance disclosures.

S

SIA Abika

abika.lv

43

SIA Abika operates as a wholesale supplier of women's and men's clothing, underwear, shoes, and accessories primarily serving the Latvian market from its base in Riga. The business model focuses on both in-person and remote wholesale transactions, offering discounts for prepayments and volume purchases, with free delivery for qualifying orders. The website reflects a small retail business with clear contact information and a straightforward presentation of products and services. Technically, the site uses a variety of JavaScript libraries and the DIRcms content management system, providing a moderate level of performance and mobile optimization. However, the absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. Security posture is moderate, with HTTPS implied but lacking visible security headers and incident response contacts. Overall, the site is functional and trustworthy for its business scope but would benefit from enhanced security and privacy measures.

S

SIA "Top Baltic"

topbaltic.lv

40

SIA "Top Baltic" operates as the official Latvian distributor for the Italian pasta brand Pasta Zara and the olive oil brand Sud Italia Alimentari SRL (CadelMonte). The company focuses on delivering authentic Italian food products to the Latvian market, emphasizing quality and tradition. The website content supports the business narrative with product descriptions, company history, and contact information. Technically, the website uses basic JavaScript and Google Analytics for tracking but lacks modern CMS or advanced frameworks. Security posture is weak due to missing HTTPS confirmation and absence of security headers. Privacy and cookie policies are not present, indicating compliance gaps. Overall, the site is functional but basic, suitable for a small distributor business.

S

SIA MAG Handmade

mag-handmade.lv

57

MAG Handmade is a small Latvian business specializing in handmade crafts and creative workshops, targeting local consumers interested in artisanal products and experiential learning. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard JavaScript polyfills, indicating a modern but standard technical infrastructure. The site is mobile-optimized and presents a professional design with clear branding and relevant content. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and privacy compliance features such as cookie consent and privacy policies. WHOIS data could not be retrieved due to query limits, limiting domain trust verification. Overall, the site is functional and credible for its business scope but would benefit from enhanced privacy and security practices.

S

SIA "Finance 360" filiāle "Soskredit"

capital9999.com

48

Capital 9999 is a Latvian retail and financial services company specializing in the buying and selling of jewelry and precious metals, as well as providing loans against collateral. The company operates both physical branches and an online platform, targeting consumers interested in jewelry and financial services within Latvia. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in Latvian. Technical infrastructure includes modern JavaScript libraries, Google Analytics, and reCAPTCHA for security. Privacy and cookie policies are present and indicate GDPR compliance. However, explicit security policies and incident response contacts are absent, and DNSSEC is not enabled on the domain. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's founding year. Overall, the website demonstrates a good balance of business credibility, technical implementation, and privacy compliance, with room for improvement in security posture.

B

Black Swan

blackswanriga.com

68

Black Swan is a Latvian fashion brand specializing in limited edition feminine dresses and apparel, operating an e-commerce store primarily targeting European customers. The website is built on Shopify, leveraging modern web technologies and marketing tools such as Klaviyo for email and SMS marketing. The brand emphasizes elegance, comfort, and unique prints, with a market position as a niche, quality-focused retailer. Technically, the site is well-optimized for performance, mobile responsiveness, and SEO, with a professional design and clear navigation. Security posture is solid with HTTPS, captcha protection, and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. The WHOIS data for the domain is missing, which raises some concerns about domain legitimacy and registration transparency. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in domain registration and security disclosures.

L

Ēterisko eļļu veikals

lemontrees.info

56

The website www.lemontrees.info operates as a small Latvian e-commerce store specializing in essential oils and related wellness products, including doTERRA CPTG oils and health supplements. It targets consumers interested in natural health and wellness within Latvia, offering free delivery for orders over 30 euros. The site is built on the Mozello CMS platform and leverages Amazon Cloudfront CDN for content delivery. It integrates common tracking technologies such as Google Analytics and Facebook Pixel to monitor user interactions and marketing effectiveness. From a technical perspective, the website demonstrates moderate digital maturity with a responsive design, basic SEO, and standard e-commerce functionalities including a shopping cart and user login forms. However, it lacks advanced security headers and comprehensive privacy documentation. The absence of visible contact information and incomplete WHOIS data reduce transparency and trustworthiness. The site uses HTTPS, ensuring encrypted communication, but could improve security posture by implementing additional HTTP security headers and publishing clear privacy and terms of service policies. Security-wise, the website shows no immediate vulnerabilities or WAF blocking, but the lack of security headers and incomplete WHOIS data are concerns. The cookie consent mechanism is present, indicating some level of GDPR awareness, but no explicit privacy policy or incident response information is available. Overall, the site is moderately secure but would benefit from enhanced compliance and transparency measures. The overall risk assessment suggests a legitimate small business with moderate trust signals but with room for improvement in privacy, security, and business transparency. Strategic recommendations include publishing privacy and terms policies, adding security headers, improving contact information visibility, and regularly auditing third-party scripts to mitigate potential risks.

S

SIA ULRO

ulro.lv

41

SIA ULRO is a small Latvian company specializing in the retail and repair of office equipment, computer technology, cash registers, household appliances, and fishing gear. Founded in 2003, it serves primarily the local market around Kandava. The website presents a clear overview of their services and contact information but lacks modern privacy and security features. Technically, the site uses common frontend libraries such as Bootstrap and jQuery, hosted by Hostingred, but does not demonstrate advanced CMS or analytics integration. Security posture is weak due to absence of HTTPS and security headers, and no privacy or cookie policies are present, which may expose the company to compliance risks. Overall, the site is functional and informative but requires improvements in security and privacy to enhance trust and compliance.

A

Art of Tea

artoftea.lv

49

Art of Tea is a Latvian-based e-commerce retailer specializing in a wide variety of teas and related products such as gift sets, gift cards, health boosters, and books. The website targets tea enthusiasts and consumers looking for specialty tea products, positioning itself as a niche player in the Latvian retail market. The site is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the website employs modern frontend technologies including Bootstrap, FontAwesome, and Owl Carousel, ensuring a responsive and visually appealing interface. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and business registration details. Security posture is moderate with HTTPS enabled but lacking visible security headers and cookie consent mechanisms, which are important for GDPR compliance. Overall, the site appears trustworthy and functional for its business purpose but would benefit from enhanced security and privacy features.

L

Lutini SIA

lutini.lv

45

Lutini SIA operates an e-commerce platform primarily targeting the Latvian market, offering a wide range of products including toys, bijouterie, hotel supplies, stationery, and leather goods. The website serves both retail and wholesale customers, positioning itself as a regional player in the retail sector. The company demonstrates a consistent brand presence with a clear catalog and product listings, supported by social media channels and basic legal documentation such as privacy policy and terms of service. Technical infrastructure relies on legacy JavaScript libraries like jQuery and jQuery UI, with additional plugins for UI effects and notifications. The site is secured with HTTPS and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. Security posture is adequate but could be enhanced by implementing modern security headers and cookie consent mechanisms to improve GDPR compliance. The absence of WHOIS data due to query limits limits full domain legitimacy verification, but the presence of company registration details and consistent business information supports a moderate trust level. Overall, the website is functional and professional but has room for improvement in security and privacy compliance to strengthen its market position and user trust.

S

SIA AIOO Latvia

mobilo.lv

57

Mobilo.lv is an established Latvian e-commerce retailer specializing in mobile phone accessories and mobile phones. The website offers a wide range of products including cases, screen protectors, chargers, headphones, and smartwatches, targeting Latvian consumers seeking quality mobile accessories. The business operates primarily online using the PrestaShop platform, providing a professional and user-friendly shopping experience with clear navigation and multilingual support (Latvian and Russian). Technically, the website employs modern web technologies including jQuery, Google Tag Manager, Microsoft Clarity for analytics, and Creative Slider for enhanced UI. The site is secured with HTTPS and implements some security best practices, though it lacks certain HTTP security headers such as Content-Security-Policy and X-Frame-Options. Performance and mobile optimization are adequate, supporting a good user experience across devices. From a security and compliance perspective, the site includes a privacy policy and terms of service, indicating awareness of GDPR requirements. However, it lacks a visible cookie consent mechanism and does not provide explicit security policy or incident response contacts. WHOIS data could not be retrieved due to query limits, limiting domain registration verification. No suspicious or adult content is present, and the site appears safe and trustworthy for general audiences. Overall, Mobilo.lv demonstrates a solid e-commerce presence with good business credibility and technical implementation. Enhancements in security headers, cookie consent, and transparency around incident response would further strengthen its security posture and compliance standing.

S

SIA AVEX

nillkin.lv

43

Nillkin.lv is an e-commerce website specializing in the retail of high-quality mobile phone cases, wallets, screen protectors, and related accessories. The business targets mobile phone users primarily in Latvia and the Baltic region, offering a wide range of products for various phone brands and models. The website is well-structured, multilingual, and provides comprehensive product information and customer support contacts, positioning itself as a trusted regional retailer in the mobile accessories market. Technically, the site employs a mix of legacy and modern web technologies, including jQuery, Font Awesome, and various slider and tooltip libraries, alongside marketing and analytics tools such as Google Analytics, Facebook Pixel, and Klaviyo. The site is secured with HTTPS and includes privacy and cookie policies with consent mechanisms, reflecting basic compliance with GDPR requirements. However, the use of outdated JavaScript libraries and the absence of explicit security or incident response policies indicate areas for improvement in security posture. WHOIS data was unavailable due to query limits, limiting domain registration trust analysis, but the presence of clear contact information and professional content supports legitimacy. Overall, the website demonstrates a solid business presence with moderate technical maturity and a good security baseline, suitable for its retail function.

C

Coffee Address

ks.lv

59

Coffee Address is a Latvian-based business specializing in providing coffee solutions to commercial clients including vending machines, office coffee services, and solutions for restaurants and micro self-service stores. The company positions itself as a regional player in the Baltic market with a focus on quality coffee sourced from reputable European roasters and expert customer service. The website is professionally designed with clear navigation and mobile optimization, leveraging modern technologies such as Vue.js and Google Tag Manager for analytics. Privacy and cookie policies are implemented with GDPR compliance in mind, including a consent mechanism for cookies. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and registration consistency, which should be further investigated. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though security headers are not explicitly detected in the HTML content. Overall, the website presents a trustworthy and professional business front but would benefit from enhanced transparency in domain registration and security policies.