Security Directory

CoMinder is a specialized IT services company founded in 2011, focusing on Oracle Database and Middleware administration, with additional expertise in IBM DB2, ZABBIX monitoring, and Red Hat Enterprise Linux. The company targets government institutions and private enterprises primarily in Latvia, the Baltic region, and Russia. Their business model centers on providing expert consulting, maintenance, and support services to improve IT infrastructure reliability and performance. The website content is professional and informative, highlighting certifications and partnerships that reinforce their market position as a niche expert provider. Technically, the website employs basic HTML, CSS, and JavaScript without advanced frameworks or CMS detected. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. No analytics or advertising technologies are present, indicating a minimal tracking footprint. Security-wise, the site is accessible over HTTPS (assumed from domain), but lacks visible security headers and published security policies, which limits its security posture. No forms or data collection mechanisms were found, reducing attack surface but also limiting user engagement. Overall, the security posture is moderate with no critical vulnerabilities detected in the provided content. However, the absence of privacy and cookie policies, security headers, and incident response information suggests room for improvement in compliance and security best practices. The domain registration data aligns well with the company’s founding date and business claims, supporting legitimacy. Strategic recommendations include implementing privacy and cookie policies, enhancing security headers, improving mobile and accessibility features, and publishing vulnerability disclosure or security contact information to strengthen trust and compliance.

C

CUBE Systems SIA

cubesystems.lv

74

CUBE Systems SIA is a Latvia-based European digital product and software development agency specializing in designing and building custom self-service portals, e-commerce platforms, and SaaS solutions. With over 20 years of experience and multiple awards, the company serves a broad range of sectors including energy, retail, finance, and transportation. Their business model focuses on strategic planning, pilot projects, and MVP development to reduce risk and accelerate product success. The website reflects a mature digital presence with professional design and clear messaging targeting organizations across Europe. Technically, the website employs modern web technologies including JavaScript modules, CSS, and integrates third-party services such as CookieYes for cookie consent, Hotjar for user behavior analytics, and Google Analytics for traffic analysis. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Performance is moderate with room for optimization. From a security perspective, the site uses HTTPS and implements a comprehensive cookie consent mechanism supporting GDPR compliance. However, no explicit security policies or incident response contacts are published, and security headers are not detected in the provided data. No vulnerabilities or exposed sensitive data were found. The WHOIS data could not be retrieved due to query limits, but the website content and business information suggest legitimacy. Overall, CUBE Systems presents a trustworthy and professional digital presence with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

Hands Mobile is a Brazilian technology company specializing in mobile data intelligence and activation solutions. The company offers a range of services including mobile activations, data intelligence, geolocated media, and creative mobile experiences. With over 200 clients and partnerships with major brands such as BMW, Itaú, and Mastercard, Hands Mobile holds a solid position in the mobile marketing technology sector. The website content is professional, well-structured, and targets agencies and enterprises seeking advanced mobile marketing solutions. Technically, the website employs modern tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, hosted behind Cloudflare DNS services. The site is mobile-optimized with good SEO practices but lacks some advanced accessibility features and security headers. Performance is moderate, and the site uses HTTPS with a good SSL configuration. From a security perspective, the site demonstrates a good baseline with HTTPS and no visible sensitive data exposure. However, it lacks explicit security headers and does not provide public security or incident response policies. Privacy compliance is partial; a privacy policy is present but no cookie consent mechanism or GDPR compliance indicators are evident. Contact information is available but no phone number is explicitly labeled. The site uses multiple marketing and retargeting tools, indicating extensive user tracking. Overall, the website is trustworthy and professional but could improve in privacy compliance and security best practices. Strategic recommendations include implementing cookie consent, adding security headers, publishing terms of service and incident response policies, and enhancing transparency around data protection.

L

Laadur Baltic SIA

laadur.lv

51

Laadur Baltic SIA is a medium-sized company operating primarily in Latvia and Estonia, specializing in the sales, rental, and servicing of loading equipment such as forklifts, warehouse shelving systems, and personnel lifts. Established around 2014, the company has positioned itself as a regional supplier with multiple physical locations and partnerships with well-known brands like Yale. The website reflects a professional business presence with clear contact information and product offerings tailored to manufacturers, retailers, and warehouse operators. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics and Tag Manager for tracking. Security posture is generally good with HTTPS enforced and use of reCAPTCHA on forms, though there is room for improvement in security headers and incident response transparency. Privacy compliance is partially addressed with privacy and cookie policies present, but lacks an explicit cookie consent mechanism. Overall, the website is trustworthy and functional, supporting the company’s business objectives effectively.

O

Oras

oras.com

54

Oras is a Finnish manufacturing company specializing in faucets and sanitary fittings, serving both consumer and business markets. The website is professionally designed using TYPO3 CMS and includes modern marketing and tracking technologies such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, all managed with a cookie consent mechanism. Despite the professional presentation, the absence of WHOIS data for the domain www.oras.com raises questions about domain registration transparency. Security posture is moderate with no detected security headers and no explicit privacy policy found in the provided content. Overall, the website demonstrates good technical implementation and business credibility but would benefit from improved transparency and security hardening.

P

Proks

proks.com

54

Proks is an established Latvian trading and distribution company specializing in supplying top brand computer components and consumer electronics globally, with a strong focus on the Baltic States. Founded in 1992, the company serves a diverse clientele including distributors, retailers, and PC assemblers across more than 62 countries. Their business model centers on wholesale distribution, supported by owned warehouse facilities and a portfolio of official brand partnerships, including a private label for household appliances. The website reflects a professional and consistent brand image, with good content quality and clear navigation. Technically, the website is built on WordPress with modern web technologies and Google Fonts integration. It demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though it lacks security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Overall, the website is credible and trustworthy, supported by domain registration consistency and business legitimacy indicators such as credit ratings and certifications. However, improvements in privacy compliance, security transparency, and accessibility would enhance the site's maturity and user trust.

A

ASCL / Asiaspirit

ascl.com

44

ASCL (Asiaspirit) is a small technology service provider specializing in web design, hosting, e-commerce, and website promotion services. The company has a long-standing domain registration dating back to 1996, indicating an established presence in the market. Their website targets businesses and individuals seeking comprehensive internet presence solutions, offering a range of related services. Technically, the website is built on basic HTML, CSS, and JavaScript without modern frameworks or CMS, and shows moderate performance and basic mobile optimization. Security posture is weak, with no HTTPS enforcement visible, no security headers, and no privacy or cookie policies published. Contact information is limited to a single email address, with no phone or physical address provided. Overall, the site is functional but lacks modern security and privacy compliance features.

T

TOMWARE s.c.a r.l.

tomware.it

45

TomWare is an established Italian technology company specializing in digital transformation services, cybersecurity, and tailored IT solutions. Founded in 1997, it offers a broad portfolio including network design, data center solutions, cloud computing, and managed services. The company targets businesses seeking secure and efficient IT infrastructure and consulting. The website reflects a mature digital presence with professional design and clear service offerings. Technically, the site is built on WordPress with modern fonts and responsive design, though performance is moderate and accessibility is basic. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and explicit incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Business credibility is high, supported by clear contact information, company registration details, and certifications. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

A

Aestas IT

aestasit.com

63

Extreme automation is about enabling your business to move faster & deliver reliable software, as well as offering expertise in implementing Devops initiatives.

R

ROKA

rokarestaurant.com

69

ROKA is a premium hospitality business specializing in Japanese Robatayaki cuisine with multiple international locations including London, Dubai, and Istanbul. The website presents a professional and consistent brand image targeting customers seeking high-end dining experiences. The technical infrastructure leverages modern web technologies including JavaScript frameworks, Google Tag Manager, Microsoft Clarity, and Cookiebot for privacy compliance. Embedded third-party forms and payment processing via Stripe and reservation management via Sevenrooms indicate a mature digital ecosystem. Security posture is strong with HTTPS, CSRF protection, and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. The lack of WHOIS data introduces some uncertainty about domain legitimacy, but the overall website quality and business presentation are trustworthy. Strategic recommendations include improving transparency around security policies and contact information to enhance trust and compliance.

P

DABĪGA LINEĻĻA – Painteco.com

painteco.eu

69

Painteco.com is an e-commerce website specializing in natural linseed oil coatings for wood, targeting primarily Latvian-speaking customers with multilingual support for German and English. The business appears to be a small, niche player in the natural wood coatings market, founded in 2014, leveraging the Shopify platform for its online presence. The website features professional design and consistent branding, with customer reviews integrated via Judge.me, enhancing trust signals. Technically, the site uses modern web technologies and Shopify's infrastructure, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS and hCaptcha protection on forms, but lacks some advanced security headers and DNSSEC. Privacy compliance is weak due to the absence of explicit privacy and cookie policies, and no visible terms of service or incident response information. Overall, the site is functional and professional but would benefit from enhanced privacy and security disclosures to improve compliance and trust.

N

Nordea

nordea.lv

75

Nordea is a leading Nordic universal bank providing a wide range of financial services including personal and business banking, asset management, and investment solutions. The bank targets individuals and corporate clients primarily in the Nordic region, maintaining a strong market position supported by comprehensive corporate governance and investor relations transparency. The website is built on Drupal 10, indicating a modern and maintainable technical infrastructure with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforcement, security headers, and secure login portals, although explicit incident response and vulnerability disclosure information are not publicly available. Overall, the site demonstrates a high level of professionalism and trustworthiness, though the absence of WHOIS data for the domain is unusual and should be further verified to ensure domain legitimacy.

A

Accio Communication by Jérôme Duchêne

accio.be

48

Accio Communication by Jérôme Duchêne is a small digital communication and marketing agency based in Wallonia, Belgium, founded in 2022. The company offers services including website creation (both showcase and e-commerce), visual identity, marketing materials, and photo/video production. Their target audience consists primarily of local businesses seeking to improve their online presence and marketing effectiveness. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, reflecting a solid market position as a regional service provider. Technically, the website is built on WordPress and leverages modern front-end libraries such as Swiper.js and AOS for animations. It uses Typekit fonts and is hosted by OVH, a reputable hosting provider. The site implements GDPR-compliant cookie consent management via the Complianz plugin, indicating a good level of digital maturity and privacy awareness. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and manages cookie consent properly. However, no explicit security headers were detected, and there is no visible security policy or incident response information. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the security posture is good but could be enhanced by adding security headers and formal policies. The overall risk assessment is low, with no critical issues detected. Strategic recommendations include implementing security headers, enhancing accessibility, and publishing a security policy or incident response plan to improve trust and compliance further.

The website videodone.io operates as an adult content affiliate platform, primarily linking to third-party adult image galleries. It targets adult users interested in explicit content, leveraging affiliate marketing to monetize traffic. The site lacks direct business transparency, with domain registration protected by a privacy service, and no clear company contact information or policies presented on the site. The business model is typical for small-scale adult affiliate sites, focusing on volume of external links rather than original content creation. Technically, the site uses basic web technologies including JavaScript and CSS with Google Fonts, hosted via GoDaddy. The site is served over HTTP without HTTPS, lacks modern security headers, and includes a pop-under ad script that opens a suspicious external domain, raising security concerns. The site’s design and user experience are poor, with minimal mobile optimization and accessibility features. SEO practices are basic, with minimal metadata and no structured data. From a security perspective, the absence of HTTPS and security headers, combined with the presence of potentially malicious pop-under scripts, significantly lowers the security posture. There is no evidence of privacy or cookie policies, nor GDPR compliance mechanisms. Incident response contact is limited to an abuse removal link, with no dedicated security or data protection contacts. These factors collectively indicate a high risk for users and low trustworthiness. Overall, the site scores poorly on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic improvements are necessary to enhance security, transparency, and user trust, including enabling HTTPS, implementing security headers, providing clear privacy and cookie policies, and removing suspicious scripts.

ATLETICA operates as a small e-commerce business specializing in athletic-related products, leveraging the Shopify platform for its online storefront. The website is currently password protected, indicating a private or pre-launch phase. The company targets consumers interested in athletic wear, primarily in Mexico, as evidenced by geo-redirects and social media presence. The domain is well-established, registered since 1998, which supports the legitimacy of the business. However, the website content is basic with limited public information and no visible privacy or cookie policies, which impacts compliance and user trust. Technically, the site uses modern web technologies and Shopify's infrastructure, ensuring a moderate level of performance and mobile optimization. The absence of DNSSEC and security headers suggests room for improvement in security hardening. The site uses HTTPS exclusively, and password protection adds a layer of access control. Analytics and marketing pixels are present, indicating moderate user tracking. From a security perspective, the site benefits from Shopify's platform security but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of privacy and cookie policies is a compliance gap, especially under GDPR. The domain registration data aligns well with the website's business claims, enhancing trustworthiness. Overall, ATLETICA presents as a legitimate small e-commerce business with a solid technical foundation but requires enhancements in privacy compliance, security headers, and public policy disclosures to improve trust and regulatory adherence.

T

TransIP

bbq.nl

51

The website bbq.nl is a reserved domain placeholder page managed by TransIP, a major Dutch domain registrar and hosting provider. The page indicates the domain is registered by a TransIP customer and offers no direct business services or contact information. The business behind the domain is TransIP, founded in 2003, with a strong market position as the largest registrar in the Netherlands. The site is primarily informational and designed to redirect or inform visitors about domain availability and related services. Technically, the site uses standard HTML, CSS, and JavaScript with responsive design for mobile devices. Hosting is provided by TransIP itself. Security posture is minimal on this page, with no visible security headers or explicit HTTPS enforcement visible in the HTML content, though DNSSEC is enabled at the domain level. Privacy and terms policies are linked to TransIP's main sites, indicating compliance at the parent company level. Overall, the domain is legitimate and well-managed but the placeholder page offers limited content and security features.

C

Clinical Research Foundation EEU

crfound-eeu.org

58

The Clinical Research Foundation EEU is a specialized academic advisory and clinical research organization focused on bridging the gap between excellent clinical practice and clinical research processes in Northern, Central, and Eastern Europe as well as the MENA region. Founded in 2007, it provides expert clinical advisory services, patient accrual strategies, site and team training, and project collaboration primarily targeting pharmaceutical and medical device industry sponsors. The website is professionally designed using the Squarespace platform, offering good user experience and mobile optimization, though it lacks some advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is limited, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is not explicitly provided, which may affect user trust. Overall, the website is credible and functional but could improve in privacy compliance and security best practices.

The website ceona-offshore.com currently hosts a default IIS Windows Server placeholder page with no substantive business content or branding. The domain is registered since 2012 with Network Solutions, LLC, indicating a stable registration history, but the website itself does not reflect an active or credible business presence. There are no privacy policies, cookie notices, terms of service, or contact information available on the site, which severely limits its usability and trustworthiness. Technically, the site is very basic, using only static HTML and CSS served by IIS on a Windows Server platform, with no modern web technologies or CMS detected. The absence of HTTPS and security headers represents a significant security risk and compliance gap.

A

Alpha agency

alphabaltic.lv

50

Alpha agency operates a website at alphabaltic.com, presenting itself as a digital or marketing agency. The domain is mature, registered since 2008, and uses Cloudflare DNS services. The website includes multiple third-party marketing and analytics scripts such as Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and Google Tag Manager, indicating a focus on digital marketing and user tracking. Cookie consent is managed via Cookiebot, demonstrating some privacy compliance efforts. However, the website lacks visible privacy policy, terms of service, contact information, and security policy pages, which are critical for trust and compliance. The technical infrastructure is moderate, with HTTPS enabled and clientTransferProhibited domain status, but DNSSEC is not enabled, representing a security gap. Overall, the website's content quality and business information are basic, with limited textual content and no structured data detected. The security posture is fair but could be improved with additional headers and policies. The absence of contact details and privacy documentation reduces the site's credibility and compliance standing.

V

Väderstad

vaderstad.co.uk

66

Väderstad is an international manufacturer specializing in high-performance farm machinery designed to improve fuel efficiency, reduce work hours, and increase profitability for agricultural professionals. The website presents a professional and well-branded digital presence with clear messaging targeted at farmers and agricultural businesses. The technical infrastructure includes modern web technologies and integrates multiple analytics and marketing tools such as Google Tag Manager, Matomo, and Microsoft Application Insights, indicating a mature digital marketing strategy. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS data and lack of visible contact or privacy policy information slightly reduce trustworthiness but do not negate the overall legitimacy of the business presence online.

S

SoftConEx

softconex.de

54

SoftConEx is a specialized IT solutions provider focused on the flight travel industry, offering software products and SaaS platforms for booking and fulfillment of scheduled flights. With over 20 years of experience, the company integrates with major global distribution systems and airline direct connect technologies, positioning itself as a niche player with a solid product portfolio. The website is built on WordPress and uses standard web technologies, providing a professional and consistent user experience. Security posture is generally good with HTTPS enforced and PCI compliance indicated, but lacks explicit security policies and cookie consent mechanisms. Overall, the site is trustworthy and well-maintained but could improve privacy compliance and incident response transparency.

Smallsquad is a small creative agency specializing in branding, UX/UI design, digital campaigns, packaging, and print services. The website presents a minimalistic design with basic content describing their capabilities but lacks detailed business information or contact details. The domain is registered since 2013, indicating a stable presence in the market, but the website itself does not provide extensive information about the company or its operations. Technically, the website uses standard web technologies including HTML, CSS, JavaScript, and jQuery, with Google Analytics for tracking. Hosting appears to be on Amazon AWS infrastructure based on DNS servers. The site shows basic performance and SEO optimization but lacks advanced accessibility features or modern frameworks. No CMS or platform is detected. From a security perspective, the website lacks critical security headers and does not have DNSSEC enabled. There is no visible HTTPS status in the provided data, and no privacy or cookie policies are present, indicating poor privacy compliance. The use of Google Analytics without a consent mechanism suggests moderate user tracking without clear privacy safeguards. The domain registration is consistent and legitimate, but the website's security posture is weak and could be improved significantly. Overall, the website scores moderately due to its minimal content and weak security and privacy practices. Strategic improvements in security headers, privacy policies, and contact transparency would enhance trust and compliance.

N

Nameshift.com

concordis.eu

45

Nameshift.com operates a domain transfer and escrow service, facilitating safe and fast domain purchases without fees for buyers. The website concordis.eu is a landing page for selling the domain via Nameshift's platform. The business targets individuals and companies seeking secure domain acquisition with escrow protection. Technically, the site uses modern SvelteKit framework and CDN hosting, providing moderate performance and mobile optimization. However, the content is minimal and primarily placeholder, reflecting its purpose as a domain sales page rather than a full service site. Security posture is adequate with HTTPS and no visible vulnerabilities, but lacks explicit security headers and policies. Privacy and cookie policies are absent, reducing compliance confidence. Contact information is limited to a physical address with no emails or phone numbers. Overall, the site is legitimate and consistent with its business model but would benefit from enhanced transparency and security disclosures.

U

UnitedPress Trykkeri

unitedpress.no

49

UnitedPress Trykkeri is a modern printing company operating primarily in Latvia and Estonia, serving the Baltic region with a strong focus on environmentally friendly printing solutions. The company targets Scandinavian markets, especially Norway, offering cost-effective printing services for magazines, catalogs, brochures, and other printed materials. Their business model emphasizes quality, delivery reliability, and environmental certifications, positioning them as a trusted partner in the printing industry. Technically, the website employs standard Google analytics and tag management tools but lacks advanced CMS or modern frameworks. The site is moderately optimized for performance and accessibility but could improve mobile responsiveness. Security posture is basic with HTTPS implied but missing explicit security headers and policies. No privacy or cookie policies were found, and no contact emails or phone numbers are provided, which impacts trust and compliance. WHOIS data is unavailable, limiting domain legitimacy verification. Overall, the website is functional and professional but requires improvements in privacy compliance, security best practices, and transparency to enhance trust and regulatory adherence.

J

Johnsco LLC

statelocalgov.net

53

StateCity.ai is an online informational directory focused on providing comprehensive access to state and local government resources, business guides, and car insurance information across the United States. The platform aggregates links and topic pages to assist users in navigating government services and insurance options at both state and local levels. The business operates under Johnsco LLC, a US-based entity, and targets individuals and businesses seeking localized government and insurance information. The website content is basic but relevant, with a straightforward navigation structure and moderate mobile optimization. Technically, the website uses standard HTML, CSS, and JavaScript with Cloudflare DNS services. The site lacks advanced frameworks or CMS indications and shows basic performance and SEO optimization. Mobile responsiveness and accessibility are present but minimal. Security posture is moderate with HTTPS enabled but lacks DNSSEC, security headers, and published security or privacy policies. The domain WHOIS data presents a notable anomaly with a future creation date, which raises concerns about registration legitimacy. Overall, the website is functional and provides useful content but requires significant improvements in privacy compliance, security best practices, and domain legitimacy verification. The absence of contact information and security policies limits trustworthiness. Strategic enhancements in these areas will improve user confidence and regulatory compliance.

The website intarsbusulis.com currently serves as a minimal login portal for hosting or server management services, specifically providing access to webmail and account administration via external URLs. The domain is registered with a reputable registrar and has been active since 2005, but the website content does not represent a public-facing business or commercial site. The technical infrastructure is basic, with no HTTPS enabled on the domain itself, and the site relies on external domains for secure access. Security posture is weak due to lack of HTTPS, absence of security headers, and no visible privacy or cookie policies. Overall, the site appears to be a placeholder or control panel rather than a business website.

S

SIA PREMIUM CHOCOLATE

nelleulla.com

68

NELLEULLA is a Latvian-based premium chocolate brand operating an e-commerce platform focused on high-quality, Nordic forest-inspired sweets. The company offers a variety of chocolate products including truffles, bars, slabs, and corporate gifting solutions, complemented by chocolate workshops and tastings. The website is professionally designed on the Shopify platform, featuring clear navigation, multilingual support, and integrated marketing tools such as Klaviyo and Judge.me for customer engagement and reviews. The business targets chocolate enthusiasts and corporate clients within Europe, emphasizing quality and authenticity. Technically, the site leverages modern web technologies and Shopify's infrastructure, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website and business demonstrate a mature digital presence with strong credibility and trust indicators.

P

PHOTORED SIA

photored.lv

52

PHOTORED SIA is a Latvian photography agency specializing in high-quality professional photo and video services for both businesses and private individuals. Their offerings include business story photoshoots, architecture and interior photography, event reportage, drone photo and video materials, seminar and conference photography, and product photography. The company maintains a professional online portfolio and active social media presence, targeting local clients in Latvia. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and Google Analytics for visitor tracking. The site is mobile-optimized and presents a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS with HSTS enabled, but lacks some advanced security headers and published security policies. Privacy compliance is partial, with a cookie consent banner present but no explicit privacy policy or terms of service. WHOIS data could not be retrieved due to query limits, limiting domain trust verification. Overall, the website is professional and functional but would benefit from enhanced privacy and security disclosures to improve trust and compliance.

Reportum is a small Latvian company specializing in providing financial institutions with advanced technology and knowledge for regulatory reporting and risk management. It serves as the official representative of Wolters Kluwer Financial Services in Latvia and the Baltic region, offering compliance, audit, and consultancy services tailored to the financial sector. The website is professionally designed with clear navigation and relevant content targeting financial institutions and regulatory bodies. Technically, the site uses standard HTML and CSS with Google Analytics for visitor tracking but lacks modern security headers and visible privacy or cookie policies, which are critical for GDPR compliance. The absence of WHOIS data limits domain registration transparency, but the business legitimacy is supported by its association with a reputable global brand and consistent contact information. Overall, the site demonstrates moderate digital maturity with room for improvement in security and privacy compliance.

Resursu Kontroles Grupa is a Latvian energy consulting company specializing in electricity procurement, energy efficiency solutions, ISO 50001 implementation, smart metering, and energy consulting services. The company targets businesses and organizations in Latvia seeking to optimize their energy consumption and procurement strategies. Their website presents a professional image with clear navigation and relevant content tailored to their sector. Technically, the site is built on WordPress using the Avia Framework and employs modern web technologies such as jQuery and CSS. The site is accessible, mobile-optimized, and SEO-friendly, though performance is moderate. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, which impacts compliance and trust. No WHOIS data was retrievable due to query limits, limiting domain legitimacy verification. Overall, the website is functional and professional but could improve in privacy compliance and security best practices.

The website www.vmsplay.com represents a Chinese company specializing in packaging testing instruments and equipment, founded in 2002. The company offers a range of products including oxygen permeability testers, water vapor transmission testers, and biodegradation testing devices. It holds certifications such as ISO9001:2008 and CNAS accreditation, positioning itself as a significant player in the packaging manufacturing and testing sector in China. The website content is primarily in Chinese and targets packaging industry professionals and research institutions. Technically, the website uses legacy technologies like jQuery 1.4.2 and loads multiple external scripts, some over insecure HTTP connections, which poses security risks. The site lacks modern security headers and does not provide privacy or cookie policies, indicating poor privacy compliance. Contact information is present but no company email addresses are found. The domain WHOIS data is missing, which raises concerns about domain legitimacy and registration status. From a security perspective, the site has moderate security posture but suffers from mixed content issues and lacks essential security headers. No WAF or blocking mechanisms are detected, allowing full content access. The absence of privacy policies and unclear domain registration status are notable vulnerabilities. Overall, the site is functional but requires significant improvements in security and compliance to enhance trustworthiness. Strategically, the company should prioritize securing its domain registration, implementing HTTPS fully, adding privacy and cookie policies, and updating its technology stack to modern standards. These steps will improve both user trust and regulatory compliance.

G

Goldman Sachs Asset Management

nnip.com

72

Goldman Sachs Asset Management operates a professional website targeting financial intermediaries and advisors, offering asset and investment management services. The site is branded consistently with Goldman Sachs and positions itself as a leading global asset manager. The technical infrastructure leverages modern web technologies including React and Next.js, hosted likely via Akamai, with performance monitoring implemented through Akamai mPulse. The website is well-optimized for mobile and accessibility, with good SEO practices evident. Security posture is strong with HTTPS enforced and modern TLS usage, though explicit security headers and vulnerability disclosure mechanisms are absent. The WHOIS data is unavailable for the subdomain, consistent with it being a subdomain under the main gs.com domain, which is owned by Goldman Sachs. Overall, the site is legitimate, professional, and secure, but could improve privacy compliance disclosures and incident response transparency.

خ

خمسات

khamsat.com

71

Khamsat.com is a well-established Arabic online marketplace founded in 2010, specializing in microservices across diverse categories including design, writing, marketing, programming, video production, engineering, business services, audio, remote education, data, and lifestyle. The platform targets Arabic-speaking freelancers and clients, offering a comprehensive and professional service ecosystem. Technically, the site uses a custom CMS with JavaScript and CSS, hosted on AWS infrastructure, and employs proprietary Hsoub JS components for UI elements. The website is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy and cookie policies are present with a forced consent mechanism, indicating GDPR compliance. No direct contact emails or phone numbers are published, and no formal security policy or incident response contacts are found. Overall, Khamsat.com demonstrates a mature digital presence with strong business credibility and user trust, though improvements in security transparency and DNS security are recommended.

N

NVA Online Advertising B.V.

tkb.eu

51

The website tkb.eu is a domain sales landing page operated by NVA Online Advertising B.V., a Dutch company specializing in domain brokerage and escrow services since 2004. The site offers the domain tkb.eu for sale through the Nameshift.com platform, which provides a secure and fast domain transfer process with no fees for buyers. The business model focuses on facilitating domain ownership transfers with escrow protection, targeting domain investors and buyers. The website content is minimal but functional, emphasizing trust signals such as a Trustpilot widget and free transfer services. Technically, the site is built using modern web technologies including SvelteKit and JavaScript, served securely over HTTPS with good performance and mobile optimization. The site uses external CDNs and integrates third-party widgets for reviews and analytics. However, it lacks explicit privacy, cookie, and security policies, which limits its privacy compliance posture. No social media or direct contact emails are provided, but a physical address and domain purchase form are present. From a security perspective, the site enforces HTTPS and uses secure form inputs but does not implement advanced security headers or publish incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, showing no privacy protection or suspicious registration patterns. Overall, the site demonstrates a moderate security posture but would benefit from enhanced privacy and security disclosures. The overall risk is moderate with no critical issues detected. Strategic recommendations include publishing privacy and cookie policies, adding incident response contact information, implementing security headers, and improving transparency to enhance trust and compliance.

The website hosted at unicreditbank.lv currently serves a generic CentOS placeholder page unrelated to the domain name or any banking business. The content describes CentOS Linux distribution and community resources, indicating the domain is either unused or misconfigured. There is no business-specific content, contact information, or compliance documentation present. Technically, the site lacks HTTPS and security headers, and no modern web technologies or tracking scripts are detected. The WHOIS data could not be retrieved due to query limits, preventing verification of domain ownership or legitimacy. Overall, the site appears inactive or abandoned, with minimal security posture and no privacy compliance measures.

G

Get & Post LLC

getandpost.com

29

Get & Post LLC operates a small-scale website primarily focused on sharing media content and providing simple utility links such as surveys, calendar alerts, and lost and found boards. The site is minimalistic, under construction, and lacks comprehensive business or security information. The technical infrastructure is basic, relying on jQuery and custom JavaScript with no modern frameworks or CMS detected. The site is hosted via GoDaddy with no HTTPS enabled, which significantly impacts its security posture. There are no privacy or cookie policies, no contact information, and no security headers, indicating a low maturity level in compliance and security practices. Overall, the site appears to be a hobbyist or small local business project with limited digital maturity and security readiness.

Kāgo is a Latvian small business specializing in the retail and service of quality flooring materials such as parquet, laminate, linoleum, and carpets. The company also offers installation, restoration, and maintenance services, positioning itself as a trusted local provider with over 20 years of experience. The website content is well-structured and provides clear contact information, targeting consumers and businesses seeking flooring solutions in Latvia. Technically, the website uses basic HTML, CSS, and JavaScript with FontAwesome icons but lacks advanced frameworks or CMS. Mobile optimization and accessibility are basic, and no analytics or tracking scripts are detected. Security posture is weak due to the absence of HTTPS verification, security headers, and privacy policies, which poses compliance and trust risks. WHOIS data could not be retrieved, limiting domain legitimacy verification. Overall, the website is functional and professional but requires significant improvements in security and privacy compliance to enhance trust and protect user data.

S

Spaceship.com

bbit.com

55

The website bbit.com is a domain parking and sales page operated through Spaceship.com, a domain marketplace platform. The site offers the domain for sale at a premium price and provides multiple payment options. The business model is focused on domain resale targeting domain investors and buyers. The website content is minimal and primarily transactional, with no detailed business or legal information provided. Technically, the site uses standard HTML, CSS, and JavaScript served via Spaceship's CDN, with moderate performance and basic mobile optimization. Security posture is limited, with no detected security headers or privacy policies, and the domain is very recently registered, consistent with a domain resale strategy. Overall, the site is functional for its purpose but lacks comprehensive compliance and security features.

SWD Factory is a Latvia-based software development company specializing in enterprise-level, data-intensive, and scientific software solutions. With over two decades of experience, they serve key industries including health science, solar energy, and transportation. Their business model focuses on flexible partnership and engagement models, offering full-cycle software development and IT consulting services. The company demonstrates a solid market position with long-term client relationships and a portfolio of specialized projects. Technically, the website is built on a modern React/Next.js stack, hosted by Hetzner, with good performance and mobile optimization. However, the site lacks explicit privacy and cookie policies, security headers, and published incident response or vulnerability disclosure information. Security posture is adequate with HTTPS enabled but could be improved by implementing DNSSEC and security headers. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

A

AS PNB Banka

pnbbanka.eu

72

AS PNB Banka operates as a financial institution serving private customers primarily in Latvia. The website provides announcements, news, and essential banking service information such as loan liabilities and commission fee payments. The bank appears to be undergoing insolvency proceedings as indicated by creditor meeting announcements. The digital presence is professional with clear navigation and relevant content targeting private customers and residents. The business model focuses on traditional banking services including asset sales and customer support.

V

VFS Films

vfs.lv

61

VFS Films is a Latvian film production company specializing in award-winning documentaries, fiction, and animation with over 25 years of experience. The website showcases a comprehensive portfolio of films, including upcoming projects and VOD availability, targeting film enthusiasts and industry professionals. The company maintains an active social media presence across major platforms such as IMDb, YouTube, Vimeo, Facebook, and Instagram, enhancing its outreach and audience engagement. Technically, the website is built on the Webflow platform, leveraging modern web technologies including JavaScript, CSS, and HTML5. The site demonstrates good mobile optimization and moderate performance, with a clean design and clear navigation structure. Security is well addressed with HTTPS enforcement and multiple security headers, though privacy and cookie policies are notably absent, indicating room for compliance improvement. The security posture is strong in terms of transport security and header implementation, but lacks explicit incident response and data protection disclosures. The absence of WHOIS data limits domain legitimacy verification, but the website content and business information suggest a credible and established entity. Overall, the site is professional and functional but would benefit from enhanced privacy compliance and transparency measures.

O

OP Corporate Bank plc filiāle Latvijā

opbank.lv

56

OP Corporate Bank plc filiāle Latvijā is a corporate banking branch of the leading Finnish financial services group OP Financial Group. The bank focuses on serving large and medium-sized enterprises in Latvia, offering a comprehensive portfolio of financial products including loans, guarantees, letters of credit, factoring, and cash flow and risk management solutions. The website reflects a professional and consistent brand presence aligned with its parent company, targeting business clients in the Baltic region. Technically, the website is built using modern web technologies such as React and is hosted on Microsoft Azure infrastructure, leveraging Application Insights for telemetry and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Privacy and cookie policies are present and indicate GDPR compliance. From a security perspective, the site enforces HTTPS and uses monitoring tools but lacks explicit security policies or incident response information publicly available. No critical vulnerabilities or suspicious indicators were detected in the website content or linked domains. The absence of WHOIS data limits full domain legitimacy verification, but the overall digital footprint and corporate affiliations support a trustworthy profile. Overall, the website demonstrates a solid business and technical foundation with room for improvement in security transparency and enhanced compliance disclosures.

C

CMA laenud

cma.ee

51

CMA laenud operates as a small Estonian financial information website focused on providing content about various loan and credit products, including unsecured loans and credit accounts. The site targets Estonian-speaking individuals seeking financial solutions and appears to function primarily as an informational and possibly affiliate platform. The website is built on WordPress, leveraging modern SEO tools such as Rank Math, and is hosted behind Cloudflare DNS services, ensuring good SSL configuration and moderate performance. Mobile optimization and SEO practices are well implemented, though accessibility features are basic. From a security perspective, the site benefits from HTTPS and Cloudflare DNS but lacks important security headers and formal security policies. No privacy or cookie policies are present, and contact information is limited to a contact form without direct emails or phone numbers, which may impact user trust and compliance with GDPR. There is no evidence of incident response or vulnerability disclosure mechanisms. The domain registration is consistent with the website's geographic and business focus, registered to an Estonian company since 2016, supporting legitimacy. Overall, CMA laenud presents a professional and functional online presence with good content quality and technical implementation but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trustworthiness and regulatory adherence.

I

Internetstiftelsen

iis.se

73

Internetstiftelsen is an established Swedish non-profit organization responsible for managing the top-level domains .se and .nu. The organization focuses on promoting a positive internet experience for individuals and society, providing domain registration services, knowledge dissemination, and community meeting places. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored for Swedish internet users and domain registrants. Technically, the website is built on WordPress with a modern tech stack including SVG icons, JavaScript, and CSS. It employs Matomo analytics with a consent-based tracking mechanism managed by OneTrust, indicating a mature approach to privacy compliance. The site is mobile-optimized and accessible, with good SEO practices including structured data and meta tags. From a security perspective, the site uses HTTPS and cookie consent blocking before tracking activation, but lacks DNSSEC and explicit security headers, which are recommended for enhanced security. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and consistency with the organization's claims, with a domain age appropriate for the business history. Overall, Internetstiftelsen's website demonstrates a strong security posture, good privacy compliance, and high business credibility. Strategic improvements include enabling DNSSEC, adding security headers, and publishing explicit security and incident response policies to further enhance trust and security maturity.

O

OCHOUNOS.COM

ochounos.com

46

Ochounos.com is a small technology service provider specializing in web development, graphic design, photography, web hosting, and software projects including game and Android app development. The company has a long-standing domain since 2008 and offers a diverse portfolio of services targeting businesses and individuals seeking custom digital solutions. The website content is well-structured and provides detailed descriptions of services and projects, reflecting a good level of professionalism and technical capability. The technical infrastructure includes a custom PHP MVC framework (Almanzor Framework), use of modern game engines like Unreal Engine 4 and CRYENGINE, and hosting via Hetzner Online GmbH. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features. No CMS or third-party analytics tools are detected, indicating a custom-built platform. From a security perspective, the site uses HTTPS but lacks important security headers and formal privacy or cookie policies, which are critical for GDPR compliance and user trust. No contact or incident response information is provided, limiting transparency and responsiveness to security issues. DNSSEC is not enabled, and no vulnerability disclosure or security certifications are present. Overall, the website presents a solid business offering with good technical foundations but requires improvements in security posture, privacy compliance, and transparency to enhance trustworthiness and regulatory adherence.

A

Atea Global Services

ateaglobal.com

65

Atea Global Services is a significant branch of the Atea group, a leading IT infrastructure company in Northern Europe and the Baltic region. The company operates in multiple countries with a large workforce, providing IT infrastructure, business services, personnel management, and marketing support. Their Riga office is a major hub with around 600 professionals. The website reflects a mature digital presence with modern technologies and good content quality, targeting businesses seeking IT transformation services in the Nordics and Baltics. However, the absence of WHOIS data raises some concerns about domain registration transparency. The site uses HTTPS and Google Tag Manager but lacks some security headers and cookie consent mechanisms, indicating room for improvement in privacy compliance and security posture.

P

PRmotion

prmotion.me

51

PRmotion is a Russian-based online service specializing in social media promotion and follower/engagement boosting across multiple platforms such as Instagram, TikTok, VK, YouTube, and Telegram. The company targets social media users, influencers, and businesses seeking to increase their online presence and engagement metrics. The website is professionally designed, mobile-optimized, and offers a broad range of services with transparent pricing and positive customer reviews, positioning it as a competitive player in the Russian SMM market. Technically, the site uses modern web technologies and integrates Yandex Metrika for analytics, with secure HTTPS and CSRF protections in place. However, DNSSEC is not enabled, and security headers are not explicitly detected, indicating room for improvement in security hardening. Privacy compliance is basic, with a privacy policy present but lacking explicit GDPR adherence and no cookie consent mechanism. Contact information is comprehensive, including email, phone, Telegram, and a physical address in Moscow. Overall, the site demonstrates a moderate to good security posture and business credibility but should enhance privacy and security practices to improve trust and compliance.

J

Joom

joom.com

70

Joom operates as a global e-commerce marketplace offering a wide range of products at competitive prices with free shipping. The platform targets online shoppers seeking affordable goods across diverse categories. The website demonstrates a modern technical infrastructure leveraging React and JavaScript frameworks, optimized for mobile and desktop users alike. Security posture is strong with HTTPS enforcement and comprehensive security headers, although explicit security policies and incident response contacts are not publicly available. The absence of WHOIS registration data introduces some uncertainty regarding domain legitimacy, but the professional presentation and market presence mitigate this concern. Strategic recommendations include enhancing transparency around security policies and contact information to bolster trust.

I

Inspectahire Instrument Co. Limited

inspectahire.com

68

Inspectahire Instrument Co. Limited is a UK-based industrial inspection specialist established in 1981, offering remote visual inspection services, equipment hire, sales, maintenance, and training primarily to energy sector clients including oil & gas, power generation, renewables, and civil engineering industries. The company positions itself as a leading UK specialist with international operations across 23 countries and a strong reputation supported by client testimonials and ISO 9001 certification. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and analytics tools, providing a good user experience with mobile optimization and clear navigation. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, although explicit incident response and vulnerability disclosure information are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the lack of WHOIS domain registration data introduces some uncertainty regarding domain legitimacy, which slightly impacts overall trust. Strategic recommendations include enhancing incident response transparency, publishing vulnerability disclosure policies, and improving accessibility compliance to further strengthen security and trust.

C

Chili Labs

chi.lv

55

Chili Labs is a specialized mobile app development agency based in Riga, Europe, focusing on native iOS and Android development as well as Flutter-based cross-platform solutions. With over 8 years of experience and a portfolio of more than 80 businesses, they position themselves as a top-tier agency delivering high-quality, user-centric mobile applications. Their services extend beyond development to include design and app marketing, supported by recognized industry awards such as Clutch and Red Dot. Technically, the website is built on modern frameworks like Next.js and React, optimized for performance and mobile responsiveness, and integrates common analytics and marketing tools. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and published policies. Privacy compliance is minimal, with no visible privacy or cookie policies, which is an area for improvement. Overall, Chili Labs presents a credible and professional digital presence suitable for their target market.