High-risk security reports

E

Enterwell

enterwell.net

49

Enterwell is a small technology company specializing in software design and development services, established in 2014. The company focuses on delivering simple software solutions with excellent results, targeting businesses seeking software projects, team augmentation, webshops, and websites. Their market position is strengthened by long-term partnerships and a high client retention rate of 94%. The website reflects a professional and consistent brand image with clear service offerings and partner references. Technically, the website is built on WordPress with Yoast SEO and uses Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers and cookie consent mechanisms could be made. Performance is moderate, with modern web technologies employed. From a security perspective, the site uses HTTPS with a good SSL configuration and respects user privacy by disabling cookies in analytics and honoring Do Not Track. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Overall, Enterwell presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic improvements in security policy transparency and cookie consent would enhance compliance and user trust.

E

Elektronički oglasnik javne nabave Republike Hrvatske

eojn.hr

47

Elektronički oglasnik javne nabave Republike Hrvatske (EOJN RH) is the official Croatian government platform for managing and publishing public procurement procedures. It serves contracting authorities and economic operators by providing a centralized, transparent, and legally compliant environment for procurement activities. The platform is developed under the National Recovery and Resilience Plan, reflecting a strategic government initiative to modernize public procurement processes. The website offers comprehensive services including procurement plans, notices, decisions, contract registers, and access to public data, targeting primarily government entities and suppliers in Croatia.

D

Dosta je mržnje

dostajemrznje.org

40

DostaJeMrznje.org is a non-commercial advocacy platform designed to enable users to report hate speech and hate-motivated acts across various public and digital spaces. The website is built as a React single-page application with a focus on simplicity and user safety, including a quick escape button to redirect users instantly to a safe site. The platform targets individuals concerned about hate speech and aims to facilitate reporting and tracking of such incidents. Technically, the site uses modern web technologies such as React and Webpack, and includes Google Fonts for styling. However, it lacks advanced SEO metadata, structured data, and comprehensive accessibility features. Security-wise, the site uses HTTPS and includes a user safety feature but lacks important security headers and published policies, which limits its security posture. No contact or business information is provided, which impacts trust and compliance evaluation. Overall, the site is functional for its purpose but would benefit from enhanced security, privacy compliance, and transparency measures.

G

GOOD Inicijativa

goo.hr

40

GOOD Inicijativa is a Croatian non-profit organization focused on promoting and systematically implementing civic education and human rights education within the formal education system. The website serves as a platform for educational resources, online courses, events, and advocacy related to democratic citizenship and human rights. The organization targets educators, civil society organizations, and stakeholders in the education sector. Technically, the website is built on WordPress with modern plugins for SEO and analytics, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA integration, but lacks explicit security policies and some security headers. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy, supporting its mission effectively.

H

Hrabri telefon

hrabritelefon.hr

39

Hrabri telefon is a well-established Croatian non-profit organization founded in 1997, providing vital counseling and support services to children, teenagers, parents, and adults. The organization operates multiple specialized helplines, including telephone lines, WhatsApp chat, email support, and forums, positioning itself as a trusted resource in child protection and family support. The website reflects a professional and consistent brand image, targeting a broad audience with clear navigation and relevant content. Technically, the site is built on WordPress with standard plugins and integrates Google Tag Manager for analytics, showing moderate digital maturity. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though security headers and explicit incident response policies are absent. Privacy compliance is addressed with cookie consent and privacy policies, aligning with GDPR requirements. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Overall, the site demonstrates a solid foundation for its mission but could benefit from enhanced security policies and technical improvements.

E

ENOC

enoc.eu

40

ENOC (European Network of Ombudspersons for Children) is a non-profit network organization that unites 44 independent children's rights institutions across 34 countries in Europe. The organization focuses on advocacy, participation projects, and dissemination of resources to ensure the respect and implementation of children's rights. The website is professionally designed using WordPress with modern plugins for SEO and analytics, providing a good user experience and clear navigation. The technical infrastructure is mature, leveraging caching, lazy loading, and Google services for performance and tracking. Security posture is solid with HTTPS and reCAPTCHA integration, though it lacks some advanced security headers and explicit cookie consent mechanisms. Overall, the website reflects a credible and trustworthy organization with a clear mission and active engagement in children's rights advocacy.

Poslovna Spajalica d.o.o. is a Croatian IT solutions provider focused on delivering innovative technology services including custom software development, cybersecurity, digital transformation, and computer maintenance. The company targets modern enterprises seeking to enhance their business operations through technology. Their market position appears to be that of a small to medium-sized local IT service provider with a professional online presence. The website demonstrates a moderate level of digital maturity, utilizing modern web technologies such as React and JavaScript, with a responsive design and clear navigation. However, some content areas like testimonials contain placeholder text, indicating incomplete content. Security posture is moderate with HTTPS assumed but lacking explicit security headers and policies. Privacy compliance is basic with a cookie consent banner but no visible privacy or terms of service pages. Overall, the website is professional and trustworthy but could improve in security and compliance transparency.

K

Kuća Ljudskih Prava

kucaljudskihprava.hr

39

Kuća Ljudskih Prava is a Croatian non-profit organization dedicated to the promotion and protection of human rights, including freedom of speech and media freedom. The website serves as a platform for news, publications, educational resources, and advocacy activities targeting civil society, legal professionals, and the general public interested in human rights issues in Croatia. The organization maintains a consistent brand presence and provides multilingual support in Croatian and English, enhancing accessibility to a broader audience. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for SEO, multilingual support, and user engagement. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Cookie consent mechanisms are implemented to comply with EU regulations, though explicit privacy and terms of service pages are not found. From a security perspective, the site uses HTTPS with excellent SSL configuration and employs cookie consent banners. However, it lacks advanced security headers and does not provide visible security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The domain registration is consistent with the organization's profile, indicating legitimacy and stable operation. Overall, the website is professional, trustworthy, and serves its non-profit mission effectively. Strategic improvements in security policies, privacy documentation, and incident response transparency would enhance compliance and user trust.

The website dislajkammrznju.hr is a parked domain landing page primarily aimed at domain resale. It lacks substantive business content, contact information, or clear branding, indicating it is not an active commercial or service website. The site relies heavily on advertising scripts from Google Adsense and third-party ad networks, serving as a monetization placeholder rather than a functional business platform. Technically, the site uses standard HTML, CSS, and JavaScript with Amazon Cloudfront CDN hosting and Google ad services integration. However, it lacks modern security headers, cookie consent mechanisms, and comprehensive privacy policies, which are critical for compliance and user trust. The security posture is basic with no advanced protections or incident response information. Overall, the site presents low business credibility and poor user experience, with minimal content and no direct contact channels.

U

Ured pravobranitelja za djecu

dijete.hr

43

The website dijete.hr is the official online presence of the Croatian Ombudsperson for Children, a governmental institution dedicated to protecting and promoting children's rights in Croatia. It offers comprehensive information, publications, reports, and news relevant to children, parents, educators, and policymakers. The site is well-structured, professionally designed, and provides content primarily in Croatian with an English version available. The institution holds a strong market position as the national authority on children's rights, supported by partnerships with European and national child protection organizations.

U

Ured pučke pravobraniteljice

ombudsman.hr

48

The website represents the official Croatian Ombudsman institution, providing human rights protection, complaint handling, legal assistance, and public reporting services. It targets Croatian citizens and vulnerable groups, operating as a governmental public service entity with a medium organizational size. The site is well-branded, consistent, and provides comprehensive contact information and privacy policies, reflecting a trustworthy public institution. Technically, the website is built on WordPress with modern plugins and frameworks such as Elementor and Bootstrap. It uses HTTPS and integrates Google Analytics and Mailchimp for analytics and marketing. The site is moderately performant and mobile-optimized, with basic accessibility features. From a security perspective, the site enforces HTTPS and uses secure forms but lacks some advanced security headers and explicit security or incident response policies. No vulnerabilities or blocking mechanisms were detected, indicating a solid security posture for a government site. Overall, the website is professional, credible, and compliant with GDPR, with room for improvement in security policy transparency and technical security headers. The domain registration data aligns well with the institution's identity, supporting high legitimacy.

A

Arc Rec Project

arc-rec-project.eu

42

The ARC Rec Project website serves as an awareness raising campaign focused on GDPR compliance for Small and Medium-sized Enterprises (SMEs), primarily within the European Union, with a strong connection to Croatia. The project is EU co-funded and aims to provide educational materials, webinars, and self-assessment tools to help SMEs understand and implement GDPR requirements. The website is professionally designed using WordPress with the Divi theme and includes multilingual support for English, Croatian, and Italian. It features a modern technical infrastructure with SEO optimization and a cookie consent mechanism, reflecting a mature digital presence. Security posture is good with HTTPS enforced and no evident vulnerabilities, though some security headers could be improved. The site lacks explicit incident response or vulnerability disclosure policies, which could be enhanced to improve trust and compliance. Overall, the website is credible, well-maintained, and aligned with its educational mission.

The website at studioiframesandbox.com is a minimal sandbox environment with very limited content and no visible business or contact information. It appears to serve as a development or testing platform rather than a public-facing commercial site. The technical infrastructure is minimal, relying on a single JavaScript ES module and basic HTML structure without SEO or accessibility enhancements. Security posture cannot be fully assessed due to lack of data, but no HTTPS or security headers are evident in the provided content. Privacy and compliance policies are absent, indicating a lack of GDPR or similar regulatory adherence. Overall, the site presents a low trust profile and minimal business presence.

P

Povjerenstvo za odlučivanje o sukobu interesa

sukobinteresa.hr

44

The website represents the official online presence of the Croatian Commission for the Prevention of Conflict of Interest, a government regulatory body focused on transparency and integrity in public service. It provides comprehensive information about the commission's activities, legal acts, educational programs, and public registers. The site targets Croatian public officials and citizens interested in conflict of interest matters. Technically, the site is built on Drupal 7 with common web technologies such as jQuery and Bootstrap, and uses Google Analytics for visitor tracking. While the site is functional and professionally designed, it uses outdated software components that may pose security risks. Security posture is moderate with HTTPS enabled but lacks modern security headers and explicit privacy compliance mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy but would benefit from modernization and improved privacy and security policies.

A

Agencija za zaštitu osobnih podataka

azop.hr

43

The Agencija za zaštitu osobnih podataka (AZOP) is an independent Croatian government agency responsible for overseeing the implementation of the General Data Protection Regulation (GDPR) within Croatia. The website serves as an official portal providing comprehensive information about data protection rights, regulatory activities, educational initiatives, and public resources. It targets Croatian citizens, data controllers, processors, and public institutions, positioning itself as the authoritative national data protection authority. The site features multilingual support, primarily Croatian and English, enhancing accessibility for diverse audiences. Technically, the website is built on WordPress using the Divi theme and incorporates several plugins such as Yoast SEO for search optimization, Contact Form 7 for user inquiries, and Pojo Accessibility for compliance with accessibility standards. The infrastructure supports modern web standards including HTTPS, responsive design, and accessibility features, reflecting a mature digital presence. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses secure form handling mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. However, explicit security policies and incident response contacts are not prominently published, suggesting areas for improvement in transparency and readiness. Overall, AZOP's website demonstrates a high level of professionalism, compliance with GDPR, and a strong trust profile consistent with its role as a government regulator. Strategic recommendations include publishing detailed security policies, establishing clear incident response channels, and maintaining vigilance on third-party plugin security to sustain and enhance its security posture.

株式会社名鉄ホテルホールディングス operates a large hotel group primarily in the Chubu region of Japan, managing 20 facilities including well-known brands such as ANA Crowne Plaza and Meitetsu Grand Hotel. The website serves as an official portal providing information about their hotel brands, press releases, and news updates, targeting both business and leisure travelers in the Aichi and Gifu areas. The business model focuses on hospitality services with a strong regional presence and multiple subsidiary hotel brands. Technically, the website employs modern JavaScript libraries including jQuery, Slick Carousel, and Swiper for interactive UI elements and responsive design. It uses Google Tag Manager for analytics and tracking. The site is well-optimized for mobile devices and provides a good user experience with clear navigation and professional design. However, no CMS or hosting provider information was detected. From a security perspective, the site uses HTTPS with excellent SSL configuration, but lacks explicit security headers and does not provide a security policy or vulnerability disclosure information. No privacy or cookie policies were found, which is a compliance gap. The absence of direct contact emails or phone numbers reduces transparency in user support and incident response. Overall, the website is functional, professional, and credible from a business standpoint but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

P

pj101

pj101.net

42

pj101.net is a Japanese website focused on providing comprehensive food event coordination, vendor support, and transportation logistics services. The company targets event organizers, convention centers, and facilities, aiming to streamline food event operations through integrated logistics solutions. The website uses modern web technologies including Nuxt.js and Vue.js, hosted on Google Cloud Storage, and demonstrates good mobile optimization and SEO practices. However, it lacks explicit privacy, cookie, and terms of service policies, and does not provide direct contact emails or phone numbers, relying solely on a contact form for communication. Security posture is moderate with HTTPS enabled but missing security headers and incident response information. Overall, the site is professional and functional but could improve transparency and compliance.

The website bjgc.lv currently serves as a security challenge page implemented by BitNinja, designed to block automated or malicious visitors through CAPTCHA validation. It does not provide business content or services directly but acts as a gatekeeper to protect the underlying site or infrastructure. The page uses Google reCAPTCHA v2 and Google Analytics for bot mitigation and visitor tracking. The presence of legacy CMS meta tags (Joomla 1.5 and WordPress 2.5) suggests either outdated software or placeholder content, but no active CMS functionality is evident. The technical infrastructure is basic with moderate performance and limited mobile optimization. From a security perspective, the site employs CAPTCHA to prevent automated abuse, which is a positive control. However, no explicit security headers were detected, and the legacy CMS references raise concerns about potential vulnerabilities if those systems are in use. Privacy and cookie policies are absent, and no contact or business information is provided, limiting transparency and compliance with data protection regulations. Overall, the site is primarily a security checkpoint rather than a business-facing website. The domain uses privacy protection for WHOIS data, which is common for security-related services. The AI score is low due to the blocked content and lack of business or compliance information. Strategic recommendations include updating or removing legacy CMS references, implementing security headers, providing privacy and cookie policies, and improving accessibility and SEO to enhance trust and compliance.

L

Latvijas Organiskās sintēzes institūts

osi.lv

47

Latvijas Organiskās sintēzes institūts is a leading research institute in the Baltic region specializing in drug substance discovery and development, with expertise in organic chemistry, pharmacology, molecular biology, and bioorganic chemistry. The institute serves researchers, pharmaceutical companies, and academic institutions by providing research services, laboratories, and project collaborations. The website reflects a professional and well-structured digital presence, leveraging WordPress with modern plugins and SEO tools to deliver content effectively. The technical infrastructure is robust, with good mobile optimization and moderate performance. Security posture is solid with HTTPS enforcement and cookie consent compliance, though some security headers could be improved. Privacy policies are comprehensive and GDPR compliant, supporting user trust. Overall, the website demonstrates high business credibility and trustworthiness, aligned with the organization's public research mission.

駐

駐日欧州連合代表部 (Delegation of the European Union to Japan)

ehef-japan.org

45

The website '欧州留学フェア2025' is an official event platform managed by the Delegation of the European Union to Japan, promoting European higher education opportunities to Japanese students. It serves as an annual fair providing direct access to EU member universities, public institutions, and embassy representatives, facilitating information exchange and engagement for prospective students. The site targets Japanese students interested in studying abroad in Europe, offering event details, presentations, and registration options. Technically, the site is built on WordPress 6.1.7 with modern web technologies including jQuery, Google Tag Manager, and Google reCAPTCHA v3 for security. It uses HTTPS exclusively, integrates social media, and loads fonts and icons from reputable CDNs. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers and published privacy or cookie policies, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. The domain registration aligns well with the official EU delegation, supporting legitimacy and trustworthiness. Overall, the website is professional, trustworthy, and functional, but would benefit from enhanced privacy compliance documentation and additional security headers to strengthen its posture and user trust.

N

Nagoya International Exhibition Hall

portmesse.com

44

Nagoya International Exhibition Hall (ポートメッセなごや) operates as a major international exhibition and event venue located in Nagoya, Japan. The facility caters to a broad range of events including seminars, business meetings, exhibitions, ceremonies, parties, incentives, concerts, and other communication spaces. It serves event organizers and visitors primarily in the hospitality and government sectors, positioning itself as a key regional player in event hosting and venue services. Technically, the website is built on WordPress 4.9.9 with a variety of plugins such as Contact Form 7 for forms, Smart Slider 3 for visual content, and FooBox for image lightbox functionality. The site uses jQuery and jQuery UI libraries and integrates Google Tag Manager for analytics and marketing. The site is mobile optimized and includes accessibility features, but the WordPress version is outdated, which may pose security risks. From a security perspective, the site enforces HTTPS and uses Google Tag Manager and reCAPTCHA on forms, but lacks comprehensive security headers and runs an outdated CMS version. No explicit security or incident response policies are published. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy with good business credibility and content quality. However, security and privacy compliance could be improved by updating software, adding security headers, and implementing cookie consent mechanisms.

A

Atrium Ljungberg

nobelberget.se

45

Nobelberget is a real estate development project by Atrium Ljungberg, focusing on sustainable urban living in the Stockholm area. The website presents detailed information about residential offerings, community features, and ongoing projects, targeting prospective residents and investors. The company holds a strong market position as a leading sustainable urban developer in Sweden. Technically, the website employs modern technologies including Google Tag Manager, Facebook Pixel, HubSpot, and Microsoft Azure services, ensuring robust analytics and marketing capabilities. The site is hosted on Microsoft Azure and uses Episerver CMS, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, CSRF protections, and cookie consent management via Cookiebot, although some security headers could be more explicitly implemented. Privacy compliance is well addressed through Cookiebot and linked privacy policies, supporting GDPR adherence. Overall, the website is professional, trustworthy, and well-structured, with clear contact information and active social media presence.

L

Leva i Östersund

levaiostersund.se

46

Leva i Östersund is a regional informational website focused on promoting living, working, and moving to Östersund, Sweden. It serves as a portal providing job listings, local event information, and resources for new residents. The site is supported by local government entities and partners, positioning itself as a trusted source for regional information. The content is primarily in Swedish with translation options, targeting individuals interested in relocating or engaging with the Östersund community. Technically, the website is built on WordPress using popular plugins such as Yoast SEO for search optimization, WPBakery Page Builder for layout management, and Complianz for GDPR cookie compliance. It integrates Google reCAPTCHA for form security and uses Vizzit Analytics for visitor tracking. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. From a security perspective, the website enforces HTTPS and employs reCAPTCHA to protect forms. However, it lacks some recommended security headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear cookie consent mechanisms and a comprehensive privacy policy linked to an official municipal domain. Overall, the website presents a low-risk profile with a good balance of content quality, technical implementation, and privacy compliance. Strategic improvements could include enhancing security headers, adding explicit security policies, and improving accessibility to further strengthen trust and compliance.

The website at cdn-sitegainer.com is currently inaccessible due to an Access Denied error, indicating that the content is blocked or restricted. This prevents any meaningful extraction of business, technical, or security information. The domain appears to be a content delivery network (CDN) or a restricted resource rather than a public-facing business website. Due to the lack of accessible content, no metadata, contact information, or policies are available for analysis. From a technical perspective, the site does not expose any detectable technologies, scripts, or frameworks. The security posture cannot be assessed due to the absence of accessible content and headers. The domain's WHOIS data is privacy protected, limiting the ability to verify registrant legitimacy or domain age. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility. The primary risk is the lack of transparency and accessibility, which hinders trust and usability. Strategic recommendations include resolving access issues, publishing clear business and privacy information, and implementing standard security practices.

O

Office&Print

officeandprint.se

44

Office&Print is a Swedish e-commerce retailer specializing in office products and supplies, serving both businesses and private customers. The website offers a broad product range with a focus on customer service, fast delivery, and price guarantees. The company emphasizes a personalized approach with dedicated contact persons for clients. Technically, the website is built on WordPress with WooCommerce and uses modern tools like WPBakery, Font Awesome, and integrates marketing and analytics services such as Klaviyo and Clerk.io. Security is well-managed with HTTPS, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. The site is accessible, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Overall, the risk profile is low with recommendations to enhance security headers and maintain regular updates.

V

Veikals.lv

veikals.lv

42

Veikals.lv is a Latvian e-commerce retailer specializing in office supplies, computer equipment, packaging materials, cartridges, and related services such as printer repair and cartridge refilling. The website offers a broad product catalog with multiple language options (Latvian, Russian, English), targeting both business and individual customers in Latvia. The platform is built on OpenCart CMS with modern web technologies including Bootstrap, jQuery, and Swiper.js, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, though the absence of security headers and explicit security policies suggests room for improvement. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Overall, the site appears legitimate and professional, with clear contact information and consistent branding.

Check These is a small French-language informational website focused on IT topics such as cloud computing, web hosting, shell scripting, and Apache mod_rewrite. It serves individuals and businesses interested in technology and web infrastructure by providing educational articles. The site is built on WordPress 6.8.1 and uses modern web technologies with good mobile optimization and accessibility. However, it lacks critical privacy and security documentation such as privacy policies, cookie consent mechanisms, and security policies. No contact information or incident response channels are provided, which limits trust and compliance. The site uses HTTPS but does not implement security headers or vulnerability disclosure mechanisms. Overall, the website is functional and informative but requires improvements in privacy, security, and business transparency to enhance trust and compliance.

Satura darbnīca TAPT is a Latvian creative media workshop specializing in producing inspiring content such as TV projects, video advertising, YouTube shows, books, and other creative media. The company positions itself as a niche creative content producer, targeting creative professionals and content consumers interested in media and creative projects. The website is built on WordPress using Elementor and related plugins, with a moderate performance and good mobile optimization. Security posture is basic with HTTPS enforced but lacking security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is limited but includes a phone number and physical address. Social media presence is established on Facebook and Instagram.

The website www.hixie.ch is a personal site primarily focused on sharing web-related materials, weblog entries, and indexes of other related personal sites. It serves as a hub for the site owner’s web content and personal projects, targeting web developers and technology enthusiasts. The site is small in scale, with basic content and minimal interactive features. Technically, the site uses simple HTML and CSS without any detected CMS or advanced frameworks. There is no evidence of modern analytics, advertising, or tracking technologies, indicating a low digital maturity level. Security posture is minimal with no HTTPS or security headers detected in the provided data, and no privacy or cookie policies are present. Overall, the site is accessible and functional but lacks professional security and compliance features, which limits its trustworthiness and business credibility.

F

FHU TELVICOM

telvicom.pl

37

FHU TELVICOM is a small Polish technology service provider specializing in web development, e-commerce platforms, CMS solutions, 3D product photography, panoramic imaging, hosting, and domain registration services. The website targets local businesses and individuals in Poland seeking digital presence and hosting solutions. The site uses basic modern web technologies such as HTML5, CSS, JavaScript, and Modernizr but lacks advanced frameworks or CMS detection. The content is minimal and primarily marketing-oriented with no visible privacy, cookie, or terms of service policies, and no contact information or forms are present on the homepage. Security posture is weak with no detected security headers or HTTPS confirmation in the provided data. No analytics or tracking scripts are present, indicating minimal user tracking. Overall, the website demonstrates a basic digital maturity level with room for improvement in security, privacy compliance, and content richness.

C

CX80 Polska

cx80.com

38

CX80 Polska is a well-established Polish manufacturer specializing in multifunctional chemical products, including the world's strongest cold welding adhesive 'AUTO WELD' and specialized lubricants. Founded in 1991, the company serves both industrial sectors such as construction, mining, and transportation, as well as the consumer FMCG market through major retail chains. The website reflects a mature digital presence with multilingual support and e-commerce capabilities via WooCommerce. Technically, the site uses modern WordPress technologies and plugins, ensuring good performance and SEO optimization. Security posture is adequate with HTTPS and no exposed sensitive data, though security headers could be improved. Privacy compliance is partially met with a privacy policy but lacks a cookie consent mechanism. Overall, CX80 Polska presents a credible and professional business with clear contact information and trust indicators.

W

World Orienteering Week

worldorienteeringweek.com

47

World Orienteering Week is an international sports event initiative managed under the International Orienteering Federation. The website serves as a global platform for promoting orienteering events, enabling organizers worldwide to register activities during the designated week in May 2025. The site targets orienteering enthusiasts, schools, and clubs, providing event information, maps, and social media engagement. Technically, the website is built on WordPress with modern plugins and frameworks, including Bootstrap and Google Maps API, ensuring a responsive and user-friendly experience. Security posture is strong with HTTPS enforced and GDPR compliance actively managed through a cookie consent plugin. No critical vulnerabilities or blocking mechanisms were detected, indicating a mature and secure digital presence. Overall, the website demonstrates good professionalism, trustworthiness, and technical implementation, supporting its role as a key resource in the orienteering community.

N

New Element

emit.no

46

Emit AS is a Norwegian company specializing in the development and sales of timing systems for sports such as orienteering, cross-country skiing, and biathlon. Established in 1994, Emit is a market leader in the Nordic region, offering products like the EKT-brikkesystem and online result services. The website reflects a mature business with a clear focus on sports technology and e-commerce. Technically, the site is built on WordPress with WooCommerce, enhanced by modern plugins for SEO and multilingual support. The infrastructure supports secure payment options including Klarna and PayPal, indicating a robust e-commerce setup. Security posture is good with HTTPS enforced and anti-spam measures in place, though explicit security headers could be improved. Privacy compliance is basic with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-maintained, suitable for its target audience of sports clubs and event organizers in the Nordic countries.

S

SIA «Latvijas Zaļais punkts»

zalais.lv

47

Latvijas Zaļais punkts is a well-established Latvian environmental organization focused on promoting waste sorting, recycling, and environmental education. With over 20 years of experience, it serves a broad audience including children, youth, and businesses, aiming to foster a greener Latvia through educational campaigns and responsible business practices. The website reflects this mission with comprehensive content, including sorting location maps, news updates, and educational resources. Technically, the site employs modern web technologies such as React and Next.js, integrates Google Maps for interactive features, and uses standard analytics and tracking tools like Google Analytics and Facebook Pixel. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting the organization's credibility and outreach efforts.

Kāpa is a Latvian orienteering club focused on organizing orienteering and adventure sports events such as the Kāpas Saulkrastu Pavasaris series and rogaining competitions. The website serves as a hub for event information, results, and community engagement, targeting orienteering enthusiasts primarily in Latvia. The site is built on WordPress using the Overlay theme and several plugins including Ghostkit and SimpleLightbox, with Google Tag Manager integrated for analytics. The technical infrastructure is modern and mobile-optimized, providing a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is legitimate and consistent with a small sports club's online presence, but could improve in privacy and security transparency.

The website magneticlatvia.lv is currently a parked domain page indicating that the domain is for sale. It does not provide any business-related content, contact information, or services. The page is minimalistic, serving primarily as a placeholder with a link to a domain sales service. The target audience appears to be potential domain buyers or investors interested in acquiring the domain name. The business model is domain resale with no active operational business presence or offerings. Technically, the site uses basic HTML, CSS, and JavaScript with an iframe embedding content from an external suspicious domain, which raises security concerns. There is no evidence of modern CMS or frameworks, and the site lacks SEO and accessibility features. Security posture is weak, with no HTTPS enforcement visible in the HTML content, no security headers, and no privacy or cookie policies. The use of an iframe from a suspicious third-party domain further degrades trust and security. Overall, the site has a low trustworthiness score and minimal digital maturity.

OK Kāpa is a Latvian orienteering club focused on organizing orienteering competitions, training sessions, and community sports activities. The website serves as an informational hub for event announcements, results, maps, and news primarily targeting local orienteering enthusiasts and athletes. The club maintains a presence through multiple subdomains dedicated to past events and uses Google Analytics for visitor tracking. The site content is mostly static and text-heavy, with limited interactive features or modern web design elements. Technical infrastructure is basic, relying on traditional HTML, CSS, and JavaScript without modern frameworks or CMS. Security posture is moderate with HTTPS usage implied but lacks visible security headers and modern charset encoding. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the website reflects a small, community-focused sports organization with room for technical and compliance improvements.

B

Biedrība Ādažu uzņēmēji

adazuuznemeji.lv

39

Biedrība Ādažu uzņēmēji is a non-profit employer organization focused on fostering collaboration among businesses in the Ādaži region of Latvia. The organization represents business interests and facilitates dialogue with government institutions, municipalities, and international organizations. The website serves as an information hub for members and partners, providing news, events, and contact details. The market position is regional with a focus on local business community support and networking. Technically, the website is built on Joomla CMS using the Helix Ultimate template framework and Bootstrap 5 for responsive design. The site is mobile-optimized and presents a professional design with clear navigation. However, performance is moderate and accessibility features are basic. No advanced analytics or tracking tools are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. There are no visible vulnerabilities or exposed sensitive data, but the absence of privacy and cookie policies, as well as incident response information, indicates compliance gaps. The security posture is moderate but could be improved with standard best practices. Overall, the website is trustworthy and professionally maintained, with clear contact information and legitimate domain registration details. The main risks relate to privacy compliance and security hardening. Strategic improvements in these areas would enhance trust and regulatory adherence.

Bright is a Latvian digital agency specializing in web development, graphic design, animations, social media marketing, and e-commerce solutions. Established in 2015, the company has built a solid market position with a portfolio of notable clients and a consistent brand presence. Their website reflects a professional digital maturity with good content quality, clear navigation, and mobile optimization. Technically, the site is built on WordPress with modern tools such as Yoast SEO, Google Analytics, Facebook Pixel, and CookieYes for consent management, indicating a well-rounded digital infrastructure. Security posture is strong with HTTPS enforcement, bot protection via Google reCAPTCHA, and cookie consent mechanisms, although additional security headers and a published security policy would enhance their stance. Overall, Bright demonstrates a trustworthy and credible online presence with good privacy compliance and marketing transparency.

The website llkc.lv represents SIA Latvijas Lauku konsultāciju un izglītības centrs, a well-established Latvian organization focused on agricultural consultancy, education, and rural development services. With over 33 years of operation, it serves farmers, rural entrepreneurs, and communities by providing knowledge, consultations, and sector-specific services. The site is professionally designed with clear navigation and multiple service categories including business development, crop farming, animal husbandry, forestry, fisheries, accounting, and education. Contact information is comprehensive, including phone, email, physical address, and multiple interactive forms for user engagement. Technically, the website is built on WordPress using the Breakdance theme and several plugins such as WPForms and WP Grid Builder. It integrates Google Analytics and MailerLite for marketing and analytics purposes. The site is mobile optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and some security headers present, though there is room for improvement in header completeness and form security audits. Privacy and cookie policies are present and include consent mechanisms, indicating GDPR compliance. No critical security issues or WAF blocking were detected, allowing full content access and analysis. The domain registration details are consistent with the website's claims, showing a legitimate and trustworthy organization. The site links to multiple partner domains, reinforcing its ecosystem and credibility. Overall, llkc.lv is a credible, professionally maintained website serving an essential role in Latvia's agricultural and rural education sector. Strategic recommendations include enhancing security headers, conducting regular security audits especially for file uploads, and maintaining privacy compliance to uphold trust and security.

A

admin

aurianagency.lv

48

Aurian agency is a Latvian-based digital marketing and design agency specializing in website development, SEO optimization, social media marketing, and visual identity creation. The company positions itself as a professional service provider helping businesses grow and acquire more clients. The website is built on WordPress using Elementor and several plugins to enhance user experience and functionality. The technical infrastructure is modern and includes security features such as HTTPS and Google reCAPTCHA, although some security headers are missing. Privacy and cookie policies are not present, indicating a gap in compliance. Overall, the website is accessible, well-structured, and targets local Latvian businesses seeking digital marketing and design services.

V

Valsts Lauku tīkls

laukutikls.lv

47

Valsts Lauku tīkls is a Latvian governmental rural network focused on supporting agriculture, forestry, fisheries, and rural entrepreneurship. The website serves as an information hub providing news, events, educational resources, and sector-specific support primarily targeting Latvian rural communities and stakeholders. It is supported by the Ministry of Agriculture and the European Agricultural Fund for Rural Development, positioning it as a trusted official source in its domain. Technically, the site is built on Drupal 7 with legacy JavaScript libraries, indicating a need for modernization. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and IP anonymization in analytics, but it lacks modern security headers and uses outdated JavaScript libraries, which pose potential risks. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR explicit indicators. Overall, the site is professional and trustworthy but would benefit from technical and security updates to enhance compliance and resilience.

B

Biedrība “Latvijas Lauku forums”

laukuforums.lv

48

Latvijas Lauku forums is a national-level non-profit organization in Latvia focused on balanced rural development, civic society strengthening, and supporting local initiatives through projects and strategic priorities such as LEADER/SVVA. The website is built on WordPress with Elementor and several plugins, providing a modern and visually appealing platform showcasing their projects, members, and initiatives. Contact information and social media presence are clearly provided, enhancing business credibility. Security posture is adequate with HTTPS and no exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

Vidzemes jūrmalas Mūzikas un mākslas skola is a small regional educational institution in Latvia focused on music and arts education. The website serves primarily as an informational portal with basic navigation to music and arts programs and exhibitions. The content is minimal and lacks modern interactive features or comprehensive business information. Technically, the site relies on outdated technologies such as Flash and uses a legacy character encoding, indicating a need for modernization. Security posture is weak with no visible HTTPS enforcement or security headers, and no privacy or cookie policies are present, which raises compliance concerns. Overall, the site is functional but basic, with significant room for improvement in security, privacy, and technical modernization.

The website skulteport.lv is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block. The landing page is a standard Cloudflare block page indicating that the visitor has been blocked from accessing the site, likely due to security rules triggered by the request. As a result, no actual business content, contact information, or policies are available for analysis. The site appears to be protected by Cloudflare's security services, but this also prevents assessment of its digital maturity or business operations. The lack of accessible content severely limits the ability to evaluate the website's compliance, security posture, or business credibility.

S

SIA “Saulkrastu komunālserviss”

komunalserviss.lv

49

SIA “Saulkrastu komunālserviss” is a local Latvian company providing communal services including water supply, sewage, heating, and property management primarily in the Saulkrasti region. The company positions itself as a reliable service provider with a focus on quality and timely delivery. Their website reflects a small-sized business with a clear local market focus and a straightforward business model centered on municipal and residential service provision. Technically, the website is built on WordPress using Elementor, with modern web practices such as lazy loading and HTTPS encryption, indicating a moderate level of digital maturity. However, the absence of privacy and cookie policies, as well as security headers, suggests room for improvement in compliance and security posture. The integration with bill.me for online payments shows adoption of modern payment solutions, enhancing customer convenience. Overall, the website is professional and trustworthy but lacks some critical compliance and security features.

B

Biedrība "Jūras zeme"

juraszeme.lv

43

Biedrība "Jūras zeme" is a Latvian non-profit organization dedicated to supporting coastal and rural community development through various projects and cooperation initiatives. The organization targets local communities and project applicants, providing funding and facilitating collaboration to enhance regional development. Their website reflects a professional and consistent brand presence with a focus on project information and community engagement. Technically, the site is built on WordPress with a modern tech stack including accessibility features and responsive design, though some components like WordPress core are slightly outdated. Security posture is moderate with HTTPS enabled but lacking explicit security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and trustworthy but would benefit from enhanced privacy and security measures.