Website Security
Guard

A

Andele Mandele

andelemandele.lv

64

Score

Andele Mandele is a Latvian e-commerce marketplace specializing in a wide range of retail products, including clothing for women, men, and children, as well as home goods and transport-related items. The platform serves as a popular local portal with a large catalog exceeding 300,000 items, targeting Latvian-speaking consumers. The website employs modern web technologies such as Vue.js, Bootstrap, and integrates Google services like reCAPTCHA and Tag Manager to enhance user experience and security. While the site is well-structured and mobile-optimized, it lacks explicit privacy policy and terms of service pages, which are critical for compliance and user trust. Security posture is generally good with HTTPS and bot protection in place, but could be improved with clearer security policies and incident response information. Overall, the site presents a professional and trustworthy retail platform with room for enhanced privacy and security transparency.

S

ss sia

ss.lv

56

Score

SS.LV is a well-established Latvian online classifieds platform operated by ss sia since 2000. It serves as the largest classifieds server in Latvia, offering a wide range of categories including jobs, transport, real estate, construction, electronics, clothing, home goods, production work, children, animals, agriculture, and entertainment. The platform targets Latvian residents and businesses seeking to buy, sell, or advertise goods and services locally. Its business model revolves around user-submitted classified ads and monetization through paid advertisements and promotional services. Technically, the website employs standard web technologies including JavaScript, AJAX, and Google Tag Manager for analytics and marketing. The site is mobile-optimized with a clear navigation structure and good SEO practices. Performance is moderate, and accessibility is basic but functional. The site uses HTTPS with a good SSL configuration, though no advanced security headers were detected. From a security perspective, the site demonstrates basic best practices such as HTTPS enforcement and cookie consent mechanisms compliant with GDPR. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were identified. The WHOIS data confirms the legitimacy and long-standing presence of the business, with consistent registrant information matching the website's claims. Overall, SS.LV presents a trustworthy and professional online classifieds service with solid business credibility and moderate technical maturity. Strategic improvements in security policy transparency and incident response readiness would enhance its security posture and user trust.

C

CERT.LV

cert.lv

61

Score

CERT.LV is the official Latvian government institution responsible for cybersecurity incident response and IT security awareness in Latvia. It serves as the national CERT/CSIRT, providing critical services such as incident handling, vulnerability coordination, security advisories, and training. The website reflects a professional government agency with a clear mission to enhance IT security across public and private sectors in Latvia. The target audience includes government entities, IT professionals, and the general public interested in cybersecurity. The institution holds a strong market position as the authoritative cybersecurity body in Latvia, supported by partnerships with international organizations like FIRST and Trusted Introducer. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and accessible, with a clear navigation structure and cookie consent mechanisms compliant with GDPR. While no CMS or hosting provider is explicitly identified, the site demonstrates moderate performance and good SEO practices. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and the site lacks a security.txt file for vulnerability disclosure. The security posture is robust, reflecting the nature of a government cybersecurity entity. The site provides incident response information and vulnerability disclosure processes, though dedicated security contact emails are not visible. The cookie policy and privacy policy are comprehensive and GDPR compliant. No critical vulnerabilities or suspicious patterns were detected. The domain WHOIS data is consistent with the website's official status, showing active domain status and matching authoritative name servers. Overall, CERT.LV presents a trustworthy, professional, and secure web presence aligned with its mission. Strategic recommendations include implementing security headers, publishing a security.txt file, enhancing incident response contact channels, and considering a Terms of Service page to improve transparency and compliance.

C

ClearTok

cleartok.io

59

Score

ClearTok is a technology startup offering a privacy-first, open-source browser extension and mobile app designed to bulk remove reposted videos from TikTok, Instagram, and X profiles. The company positions itself as a niche player focused on user privacy and ease of use, targeting social media users who want to clean their repost history efficiently. The product operates locally within the user's browser session, requiring no passwords or external data transmission, which enhances trust and security. Technically, ClearTok leverages modern web technologies including React and integrates with popular platforms like Chrome and Edge via extensions. The website is hosted with Cloudflare DNS and uses Google Tag Manager and Microsoft Clarity for analytics, reflecting a mature digital infrastructure. The site is well-optimized for performance, mobile responsiveness, and accessibility, with a professional design and clear navigation. From a security perspective, ClearTok demonstrates strong practices such as HTTPS enforcement, no external data collection, and open-source transparency. However, it lacks explicit privacy and cookie policies, security headers, and published incident response contacts, which are areas for improvement. The domain WHOIS data shows privacy protection but is consistent with a new startup timeline and reputable registrar. Overall, ClearTok presents a trustworthy and professional service with a strong privacy focus, suitable for users seeking efficient TikTok repost cleanup. Strategic enhancements in privacy disclosures and security documentation would further strengthen its compliance and user confidence.

B

Baltic Beauty Awards

balticbeautyawards.lv

46

Score

Baltic Beauty Awards is a specialized event and awards organizer focused on recognizing innovation and sustainability in the Baltic beauty product market. The website serves as a platform to showcase finalists and promote the annual awards ceremony, targeting beauty industry professionals and brands within the Baltic region. The business operates as a small entity closely linked with the Baltic Beauty exhibition and the E-BEAUTY.LV portal, positioning itself as a niche leader in regional beauty industry recognition. Technically, the website is built on a modern stack including Django, Bootstrap, HTMX, and uses Cloudflare for DNS and likely CDN services. It is mobile optimized with good SEO practices and integrates Google Analytics 4 for user tracking. The site is performant with moderate loading speeds and basic accessibility features. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, indicating awareness of security best practices. However, it lacks important security headers and does not publish privacy, cookie, or terms of service policies, which are critical for GDPR compliance and user trust. No contact information or incident response channels are provided, limiting transparency. Overall, the website is professional and trustworthy with no adult or questionable content. The domain registration is consistent and legitimate. The main risks relate to privacy compliance and security policy transparency. Strategic improvements in these areas would enhance trust and regulatory adherence.

O

o2

o2online.de

49

Score

The website www.o2online.de represents a major German telecommunications provider offering a wide range of mobile, fixed-line, internet, and device sales services. The site targets both private and business customers with comprehensive product offerings including mobile contracts, prepaid tariffs, internet solutions, and entertainment services. The technical infrastructure is modern, leveraging proprietary Telefonica components, Usercentrics for consent management, and Trbo for marketing, ensuring a responsive and user-friendly experience. Security posture is strong with HTTPS enforced and consent mechanisms in place, although explicit security policies and incident response details are not publicly visible. Overall, the domain and website present a legitimate, professional, and trustworthy digital presence with a high-quality user experience.

S

skinlounge.lv

skinlounge.lv

40

Score

Skinlounge.lv is an e-commerce website specializing in professional cosmetics and skincare products, targeting Latvian customers. The site offers free consultations for home care products, positioning itself as a niche retailer in the cosmetics retail sector. The website uses the OpenCart platform with the Journal3 theme, incorporating modern JavaScript libraries to enhance user experience. The design is professional and mobile-optimized, providing a good user experience and clear navigation. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is weak due to missing security headers and unclear SSL configuration. No contact information or social media presence is evident, which may impact business credibility. Overall, the site is functional and safe but requires improvements in security and compliance to enhance trust and regulatory adherence.

D

deSEC e.V.

desec.io

65

Score

deSEC e.V. is a non-profit organization based in Berlin providing free, secure DNS hosting services with a strong focus on security and privacy. Their platform supports modern DNS features including DNSSEC with elliptic-curve cryptography, cloud integrations, and a user-friendly web interface and API. The organization is supported by reputable entities such as ICANN, NLnet Foundation, RIPE NCC, and the European Union, positioning it as a trusted niche provider in the DNS hosting market. Technically, the website is built with modern JavaScript frameworks (Vue.js with Vuetify), offers fast performance, and is mobile-optimized. Security posture is strong with HTTPS, multi-factor authentication, and DNSSEC signing, though DNSSEC is not enabled at the registrar level for the domain itself. Privacy compliance is good with a clear privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-maintained.

O

openPetition gGmbH

openpetition.org

66

Score

openPetition gGmbH operates a politically neutral, non-profit online platform enabling citizens to create and support petitions, facilitating direct democratic participation. The platform serves a broad audience with multilingual support and a strong presence in Europe, particularly Germany. It offers tools for petition creation, signature collection, and campaign management, positioning itself as a leading civic engagement platform with over 16 million users. Technically, the website employs modern web standards, uses self-hosted analytics (Piwik), and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and secure form handling, though security headers and explicit cookie consent mechanisms could be improved. WHOIS data is incomplete, which slightly impacts trust but does not overshadow the platform's evident legitimacy and professionalism. Overall, the site is well-designed, user-friendly, and trustworthy, with recommendations to enhance privacy compliance and security transparency.

Edgars Bruģis operates a professional photography website based in Latvia, showcasing a portfolio that includes cityscape, portrait, product, and nature photography. The business targets a general audience seeking photography services and positions itself as a local professional photographer. The website is well-structured with clear navigation and consistent branding, providing essential contact information including email and phone number. The technical infrastructure is straightforward, relying on standard HTML, CSS, and JavaScript, hosted on a Latvian hosting provider as indicated by the nameservers. The site demonstrates good mobile optimization and SEO practices but lacks advanced frameworks or CMS indications. From a security perspective, the website uses HTTPS as implied by canonical URLs, but no explicit security headers were detected in the provided data. There is no evidence of privacy or cookie policies, which presents compliance gaps especially under GDPR. No forms or data collection mechanisms were found, reducing immediate data protection risks but also limiting user interaction. The absence of incident response contacts or vulnerability disclosure policies suggests limited security maturity. Overall, the security posture is moderate but could be improved with basic security best practices and compliance documentation. The website content is safe for general audiences with no adult or questionable content detected. The business credibility is supported by clear contact details and a professional portfolio presentation. However, the lack of privacy and cookie policies, as well as security headers, slightly reduces trustworthiness. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and establishing vulnerability disclosure mechanisms to enhance compliance and security posture.

S

SIA Dativa

dativa.lv

53

Score

SIA Dativa is a Latvian IT company specializing in the development, implementation, and maintenance of original software solutions, primarily targeting government entities, municipalities, and commercial sectors. Their services include system integration, artificial intelligence and knowledge management, e-identity solutions, healthcare IT, accounting software, document and resource management systems, and personnel tracking systems. The company positions itself as a reliable partner for critical IT infrastructure, emphasizing stability and security. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, the site is built on WordPress with modern JavaScript modules and uses Yoast SEO for optimization. Security posture is good with HTTPS and secure forms, though lacking explicit security policies or incident response details. Privacy compliance is strong with a clear cookie consent mechanism and privacy policy. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

L

linkjob.ai面试问题

linkjob.ai

59

Score

Linkjob.ai is a technology-focused company offering AI-powered interview assistant tools, specializing in technical and finance interview preparation. The website positions itself as a competitive alternative to Final Round AI, providing real-time AI guidance, mock interviews, and multilingual support. The business model is subscription-based with free trials and affordable pricing plans, targeting job seekers in tech and finance sectors. Technically, the website uses modern web technologies including Google Tag Manager, Google Analytics, Hotjar, and Microsoft Clarity for analytics and tracking. The site is built on the QuickCreator CMS platform and is mobile-optimized with good SEO practices. Security posture is solid with HTTPS enforced, but lacks visible security headers and privacy/cookie policies, which are areas for improvement. WHOIS data is unavailable due to privacy protection or query failure, but the website content and technical setup indicate a legitimate and professional business. Overall, the site is well-designed, content-rich, and trustworthy, though it should enhance privacy compliance and security headers to improve user trust and regulatory adherence.