Security Directory

S

SIA B2 Impact

b2-impact.lv

0

B2 Impact, formerly Creditreform Latvija, is a medium-sized finance company specializing in debt management and collection services across Europe, with a strong presence in Latvia. The company emphasizes transparent and ethical debt administration, serving individuals and businesses requiring debt solutions. Their website reflects a professional and consistent brand image, providing clear information about their services, contact details, and corporate changes. Technically, the site leverages modern technologies including React, Microsoft Azure hosting, and integrates analytics tools such as Google Analytics and Microsoft Application Insights, indicating a mature digital infrastructure. Security-wise, the website enforces HTTPS, employs security headers, and offers a comprehensive cookie consent mechanism aligned with GDPR requirements. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. Overall, the website is well-designed, accessible, and trustworthy, with no signs of blocking or malicious activity.

D

Digital Storyteller

digitalstoryteller.io

0

Digital Storyteller is a specialized digital marketing agency focused on providing outsourced marketing services to B2B financial services companies. Founded in 2018 and based in the US, the company offers a comprehensive suite of services including organic digital marketing, content creation, SEO, social media management, CRM management, and website design. Their market position is that of a niche provider with compliance awareness and a strong emphasis on measurable results and transparent pricing. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on WordPress using the Enfold theme and integrates modern marketing and analytics tools such as Google Analytics, HubSpot, Facebook Pixel, and Metricool. The site is mobile optimized and uses structured data for SEO enhancement. Hosting is likely provided by GoDaddy, consistent with the domain registrar information. Performance is moderate with good SEO practices but could benefit from enhanced accessibility features. From a security perspective, the site uses HTTPS and implements reCAPTCHA and cookie consent mechanisms, indicating a baseline security posture. However, the absence of security headers and explicit security policies or incident response information suggests room for improvement. No vulnerabilities or exposed sensitive data were detected. The domain registration is privacy protected but consistent with the business type and location, supporting legitimacy. Overall, the website presents a low risk profile with good business credibility and technical implementation. Strategic recommendations include publishing privacy and security policies, enabling DNSSEC, adding security headers, and improving accessibility and compliance disclosures to enhance trust and security posture.

Dun & Bradstreet Credit AB operates the Soliditet.se website, providing leading Nordic credit and business information services. Their offerings include credit reports, automated credit decision support, fraud detection solutions, and business monitoring tools tailored for companies operating in Sweden and the Nordic region. The website reflects a medium-sized finance sector B2B service provider with a strong market position and a history dating back to 2004. Technically, the website uses a traditional tech stack including jQuery 1.12.4, Bootstrap 4.1.0, and Font Awesome 4.7.0, with external resources loaded from reputable CDNs. The site is mobile optimized and presents a professional design with clear navigation, though it lacks advanced SEO and accessibility features. No CMS or hosting provider details are explicitly identified beyond the registrar CSC Corp Domains. From a security perspective, the site lacks visible security headers and does not enable DNSSEC, which are areas for improvement. There is no evidence of privacy or cookie policies, which impacts GDPR compliance. No forms or analytics scripts are present, reducing data collection risks but also limiting user engagement tracking. The WHOIS data is consistent with a legitimate, long-standing domain registration. Overall, the website is functional and professional but would benefit from enhanced security controls, privacy compliance measures, and updated technology to reduce risk and improve trustworthiness.

S

Swaper

swaper.com

0

Swaper operates as a loan marketplace platform specializing in unsecured consumer loans, offering investors the opportunity to earn up to 16% annually. The platform targets investors interested in peer-to-peer lending and positions itself as a transparent and easy-to-use service within the finance sector. The website content and branding are consistent and professional, supporting a medium-sized business with a mature domain age dating back to 1997. Technically, the website is built on modern web technologies including React and Next.js, hosted likely behind Cloudflare DNS services. It integrates multiple third-party analytics and marketing tools such as Google Analytics, Hotjar, and Zendesk, and employs Cookiebot for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS with strong security headers and does not expose sensitive data in the HTML content. However, DNSSEC is not enabled, and there is no published security policy or incident response contact information, which are areas for improvement. The WHOIS data indicates a legitimate and consistent domain registration with no privacy protection, appropriate for the business type. Overall, Swaper presents a solid digital presence with good security and privacy compliance, though it could enhance transparency around security policies and incident response. The risk profile is low, with recommendations focusing on DNS security enhancements and formalizing security governance documentation.

L

Latvijas Bankas Naudas skola

naudasskola.lv

0

Latvijas Bankas Naudas skola is an official educational website operated by Latvijas Banka, aimed at improving financial literacy among Latvian citizens, including students and teachers. The platform offers a wide range of resources such as budgeting tools, savings and investment information, insurance, credit guidance, fraud awareness, games, podcasts, videos, and infographics. The website is well-branded, professionally designed, and provides comprehensive content in the Latvian language. Technically, it is built on Drupal 10 and integrates modern analytics and user experience tools like Google Analytics, Microsoft Clarity, Hotjar, and ReadSpeaker, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS, employs security headers, and uses cookie consent mechanisms, reflecting good security hygiene. However, the absence of explicit contact information and terms of service pages, along with unavailable WHOIS data due to query limits, slightly reduce the overall trust score. Overall, the site presents a low-risk profile with strong educational and governmental backing.

L

Latvijas Banka

e-monetas.lv

0

The website www.e-monetas.lv serves as the official e-commerce platform for Latvijas Banka, offering commemorative and collection coins to collectors and the general public. It positions itself as the authoritative source for Latvian coin collections, providing detailed product information, news updates, and purchasing capabilities. The site targets coin enthusiasts and investors interested in Latvian numismatics, operating under a retail e-commerce business model with a medium-sized organizational footprint. Technically, the site employs a modern JavaScript stack including jQuery, Bootstrap, Google reCAPTCHA v3, and various UI libraries such as Slick Carousel and Fancybox. The platform appears custom-built or uses a proprietary CMS, with moderate performance and good mobile optimization. SEO and accessibility are basic but functional. Security measures include HTTPS enforcement and bot protection via reCAPTCHA, though HTTP security headers are not explicitly detected. Security posture is solid with no critical vulnerabilities observed, but improvements are recommended in publishing security policies, incident response information, and security.txt files. Privacy compliance is basic with a clear privacy policy and cookie consent mechanism, but lacks detailed GDPR compliance disclosures. Business credibility is high due to official branding, clear contact information, and trust signals. Overall, the site is trustworthy and professionally maintained, though the absence of WHOIS data limits domain registration verification. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and continuous monitoring of third-party libraries for vulnerabilities.

L

Latvijas Banka

makroekonomika.lv

0

The website makroekonomika.lv is an official macroeconomic analysis platform maintained by Latvijas Banka, the central bank of Latvia. It provides a comprehensive range of economic articles, expert commentary, research publications, forecasts, and educational resources targeted at economists, researchers, students, and policymakers. The site is well-positioned as a trusted government source for macroeconomic data and analysis in Latvia. Technically, the site is built on Drupal 10 CMS and incorporates modern web technologies including jQuery, Google Tag Manager, Hotjar for analytics, and Highcharts for data visualization. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Performance is moderate with asynchronous loading of scripts and lazy loading of images. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, indicating compliance with privacy regulations such as GDPR. While explicit security headers are not fully visible in the HTML, the overall posture is good with no exposed sensitive data or vulnerabilities detected. The absence of WHOIS data limits domain trust analysis, but the strong affiliation with Latvijas Banka and professional presentation support legitimacy. Overall, makroekonomika.lv is a high-quality, authoritative resource for macroeconomic information in Latvia with a solid technical foundation and good security and privacy practices. Continued monitoring of security headers and third-party scripts is recommended to maintain security posture.

M

MQL5

mql5.com

0

MQL5.com is a comprehensive platform and community hub for algorithmic trading using the MetaTrader 5 platform. It offers a marketplace for automated trading applications, trading signals, freelance programming services, VPS hosting, and educational content. The platform targets traders and developers interested in automated forex and financial trading solutions. Technically, the website employs modern web technologies with good performance and mobile optimization. Security posture is strong with HTTPS and some security headers, but lacks explicit privacy and cookie policies. WHOIS data is unavailable, which slightly reduces trust but does not detract from the platform's legitimacy given its extensive content and community presence.

D

Dukascopy Bank

dukascoin.com

0

Dukascoin.com is the official website for Dukascoin (DUK+), a cryptocurrency project issued by Dukascopy Bank, a reputable Swiss financial institution. The site promotes the cryptocurrency with features such as free initial coins, staking rewards, and integrated banking services including multi-currency accounts and crypto lending. The business model leverages the trust and regulatory compliance of a Swiss bank to position Dukascoin as a credible crypto asset in the finance sector. Technically, the website uses standard web technologies including jQuery and Google Analytics, hosted on AWS infrastructure, with a moderate performance and good mobile optimization. Security posture is solid with HTTPS enabled and domain locked with multiple prohibitions, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy disclosures and security policies.

D

Domains By Proxy, LLC (registrant proxy)

911p2p.io

0

911 Crypto P2P operates as a peer-to-peer cryptocurrency exchange platform specializing in fiat settlement for crypto transactions. The website targets cryptocurrency traders seeking direct exchange services with fiat currency integration. Positioned as a niche player in the crypto finance sector, it leverages partnerships with related financial and crypto services such as Dukas.io and Dukascoin. The platform was established in 2021 and maintains a modern, mobile-optimized web presence with consistent branding and moderate trust indicators.

D

Dukascopy Bank

dukas.io

0

Dukascopy Bank operates a specialized crypto services platform offering clients the ability to buy, sell, store, and trade cryptocurrencies, including their proprietary Dukascoin. The bank leverages its Swiss regulatory status and FINMA authorization to provide fiduciary custody and blockchain operations, positioning itself as a pioneer in regulated crypto banking. The website reflects a mature digital infrastructure with integration of Google Tag Manager and AWS hosting, delivering a professional and mobile-optimized user experience. Security posture is solid with HTTPS and domain protections, though improvements such as DNSSEC and explicit security policies are recommended. Privacy compliance is currently weak due to absence of visible privacy and cookie policies. Overall, the site is trustworthy and well-branded but would benefit from enhanced transparency and security disclosures.

D

Dukascopy Bank SA

dukascopy.bank

0

Dukascopy Bank SA is a Swiss financial institution offering a broad range of banking services including multi-currency accounts, private and corporate banking, investment options, and payment card solutions. The bank emphasizes Swiss precision and innovation, providing a mobile app for seamless banking access. The website reflects a mature digital presence with professional design and comprehensive content targeting individuals and businesses seeking Swiss banking services. Technically, the site employs modern JavaScript libraries, analytics tools, and security best practices including HTTPS and security headers. However, public WHOIS data is unavailable due to .bank domain privacy policies, which is typical for regulated banking domains. The security posture is strong with no evident vulnerabilities, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations.

G

Grupo Nacional Provincial S.A.B.

gnp.com.mx

0

Grupo Nacional Provincial S.A.B. (GNP Seguros) is a leading Mexican insurance company offering a broad portfolio of insurance products including auto, medical, life, home, and pet insurance. The company targets both individual and business customers within Mexico, positioning itself as a financially solid and trusted insurer. The website reflects a mature digital presence with comprehensive product information, online quoting tools, and client portals. Technically, the site is built on Adobe Experience Manager, leveraging modern analytics and marketing tools such as Google Tag Manager, Adobe Analytics, Facebook Pixel, and Hotjar, indicating a high level of digital maturity. Security posture is strong with HTTPS, security headers, and bot protection via reCAPTCHA, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is professional, well-branded, and trustworthy, supporting GNP's market position as a major insurance provider in Mexico.

М

Московская биржа

moex.com

0

The Moscow Exchange (Московская биржа) operates as the largest Russian exchange holding, providing a comprehensive platform for trading stocks, bonds, derivatives, currencies, money market instruments, precious metals, and commodities such as grain and sugar. The website targets investors, issuers, and market participants, offering detailed market data and trading information. The platform is technologically modern, leveraging React and Next.js frameworks, with integrated analytics from Yandex Metrika and Google Tag Manager. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is basic, with cookie consent mechanisms in place but limited GDPR-specific disclosures. The absence of WHOIS data is a notable anomaly but does not detract from the site's apparent legitimacy given its market position and content quality. Overall, the site is professional, well-branded, and trustworthy, serving a critical role in the Russian financial market infrastructure.

V

ValPro

valpro.co.in

0

ValPro is a boutique investment banking and financial advisory firm based in India, operating since 2005 as an initiative of the ANG Group. The company offers a comprehensive suite of services including mergers and acquisitions, portfolio management, startup funding, ESG advisory, and business development. Their market position is strengthened by a seasoned management team and advisory board with extensive industry experience. The website is built on a modern WordPress platform with professional design and SEO optimization, supporting a good user experience and mobile responsiveness. Security posture is solid with HTTPS and reCAPTCHA integration, though lacking explicit privacy and cookie policies. Overall, the digital maturity is moderate with room for improvement in privacy compliance and security disclosures.

Baltic Partners is a small financial advisory firm focused on providing independent advisory services in the Baltic countries and the broader Central and Eastern European region, including Ukraine. Their core services include M&A advisory, fundraising, capital markets advisory, and financial advisory to prepare companies for transactions. The company has a regional presence with offices in Latvia and Ukraine and has received industry recognition for its work. The website is built on WordPress using Bootstrap and FontAwesome, indicating a standard modern web infrastructure but with basic technical sophistication. The site lacks advanced SEO and accessibility features and does not implement privacy or cookie policies, which are critical for GDPR compliance given their European focus. Security posture is moderate with HTTPS enabled but missing key security headers and no visible incident response or vulnerability disclosure information. Overall, the website presents a professional but basic digital presence with room for improvement in security, privacy compliance, and technical optimization.

R

Rödl & Partner USA

roedl.us

0

Rödl & Partner USA is a professional services firm specializing in accounting, auditing, tax, and business consulting services tailored for foreign-owned businesses operating in the United States. The firm leverages its expertise as licensed German Steuerberater and Wirtschaftsprüfer, as well as Certified Public Accountants in the USA, to serve a niche market of international clients, particularly from German-speaking regions. Their market position is strong within this segment, supported by multiple US office locations and a comprehensive service portfolio including assurance, tax compliance, transaction services, and global mobility. Technically, the website is built on Microsoft SharePoint, indicating a mature enterprise-grade CMS platform. The use of Matomo analytics reflects a privacy-conscious approach to user tracking. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and professional design. However, there is room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is noted but is common for privacy-protected domains and does not detract significantly from the site's legitimacy. Overall, the website presents a credible and professional front for Rödl & Partner USA, with a solid technical foundation and good privacy compliance. Strategic enhancements in security transparency and accessibility would further strengthen their posture.

F

Fintelum

fintelum.com

0

Fintelum operates a compliant crypto crowdfunding platform specializing in the issuance and trading of tokenised assets, including security and utility tokens. The company targets businesses seeking compliant fundraising solutions and investors interested in high-growth tokenised projects. Their platform offers services such as KYC/AML compliance, token transfer agency, and secondary peer-to-peer trading, positioning them as a niche player in the intersection of finance and blockchain technology. The website demonstrates a professional and consistent brand presence with comprehensive legal and privacy documentation, supporting their market credibility. Technically, Fintelum's website is built on WordPress with modern web technologies including jQuery, Google Analytics, Facebook Pixel, and CookieYes for consent management. The site is mobile-optimized with good SEO practices and moderate performance. Security measures include HTTPS enforcement and bot management via Cloudflare, although some security headers are not explicitly detected, suggesting room for improvement. From a security standpoint, the platform shows good practices such as cookie consent and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security policies and incident response information is a gap. The missing WHOIS data for the domain raises concerns about domain registration transparency, although the active and professional website presence mitigates some risk. Overall, Fintelum presents a credible and functional platform with solid technical and privacy compliance foundations. Strategic recommendations include enhancing security header implementation, publishing explicit security policies, and verifying domain registration details to improve trustworthiness and compliance posture.

C

CembraPay AG

byjuno.ch

0

CembraPay AG is a leading Swiss financial services company specializing in flexible payment solutions such as invoice purchase, installment payments, monthly billing, and digital wallets. It operates primarily in the Swiss market, targeting both consumers and merchants, and is a subsidiary of the publicly listed Cembra Money Bank AG. The website presents a professional and user-friendly interface with clear navigation and multilingual support, reflecting a mature digital presence. Technically, the site employs modern web standards and integrates Google reCAPTCHA v3 to secure its contact forms, indicating a good level of security awareness. However, there is room for improvement in implementing comprehensive security headers and publishing explicit security policies. Overall, the site is secure, compliant with GDPR, and trustworthy, supported by consistent WHOIS data and transparent contact information.

C

Compensa Life

compensalife.lv

0

Compensa Life is a medium-sized insurance company operating primarily in Latvia, offering a range of insurance products including life insurance, health insurance, pension plans, and specialized oncology insurance. The website targets private individuals and provides detailed product information and consent management compliant with GDPR. The company appears to be well-positioned in the regional insurance market with a focus on customer-centric insurance solutions. Technically, the website is built on the DotNetNuke CMS platform using ASP.NET WebForms and incorporates modern JavaScript libraries such as jQuery and jQuery UI. It integrates third-party services including Google Analytics, Facebook Pixel, Hotjar, and Cookiebot for analytics, marketing, and cookie consent management. The site demonstrates moderate performance and basic mobile optimization. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and explicit security policies. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS data limits domain registration verification, but the website content and external references suggest legitimacy. Overall, the website presents a professional and trustworthy front for Compensa Life, with good privacy compliance and marketing transparency. Strategic improvements in security headers, mobile optimization, and explicit contact information would enhance trust and security posture.

M

M&T Bank

mtb.com

0

M&T Bank is a large regional financial institution focused on providing personal, business, and commercial banking services with a community bank approach. The website reflects a mature digital presence with comprehensive banking, mortgage, loan, and investment services targeted at individuals and businesses primarily in the United States. The company maintains a consistent brand image and active social media channels, reinforcing its market position as a trusted banking partner. Technically, the website leverages modern technologies including Adobe Experience Manager CMS, Google Tag Manager, reCAPTCHA, and various marketing and analytics tools such as Quantum Metric and Tealium. The site is well-optimized for mobile devices and accessibility, with good SEO practices and fast loading times. Security best practices are observed with HTTPS enforcement, security headers, and form protections, although explicit security policies and incident response information are not publicly detailed. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the WHOIS data for the domain is missing or unavailable, which is unusual for a major bank and warrants monitoring. Overall, the website presents a low risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing detailed security and incident response policies, adding a vulnerability disclosure program, enhancing transparency on data protection officer contacts, and continuous auditing of third-party scripts to maintain security integrity.

F

Finitera JSC

finitera.com

0

Finitera JSC is an international fintech company specializing in financial services targeted primarily at private individuals. The company operates in three markets, serving over 250,000 customers with a workforce exceeding 450 employees. Founded in 2017, Finitera positions itself as a leading finance partner with a focus on data-driven financial solutions. The website reflects a professional and consistent brand image with clear business information and a focus on customer engagement through job opportunities and company history. Technically, the website is built on WordPress and integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. The site is mobile-optimized with good navigation and content quality. However, there is room for improvement in accessibility and SEO best practices. Performance is moderate, and the site uses HTTPS with a good SSL configuration, but lacks advanced security headers. From a security perspective, the site demonstrates basic best practices such as HTTPS and no visible sensitive data exposure. However, the absence of security headers, privacy and cookie policies, and incident response information indicates gaps in compliance and security maturity. The missing WHOIS registration data raises concerns about domain legitimacy and trustworthiness, which should be addressed to improve business credibility. Overall, Finitera presents a solid fintech business with a professional online presence but requires enhancements in privacy compliance, security policies, and domain registration transparency to strengthen its security posture and trust with customers.

I

inBudget

inbudget.net

0

inBudget is a personal finance management application focused on helping users organize and plan their finances through customizable budgets, transaction tracking, and social sharing features. The business targets individual users interested in personal finance, including cryptocurrency users and travelers. The app is distributed primarily via the iOS App Store and offers both private and public budgeting capabilities. The website content is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the website uses a moderate technology stack including jQuery 1.11.1, Font Awesome, Google Maps API, and Localytics for analytics. Hosting and DNS are managed through reputable providers, including Cloudflare for DNS. The site is served over HTTPS with a valid SSL configuration, but lacks some modern security headers and uses an outdated jQuery version, which could pose security risks. No CMS was detected, indicating a custom or static site. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, it lacks visible security headers, cookie consent mechanisms, and explicit privacy compliance statements, which are important for GDPR and other privacy regulations. No contact information or incident response policies are published, limiting transparency and user trust in security matters. Overall, the website is functional and professional but could improve its privacy compliance and security posture. The presence of unrelated gambling and casino links in the footer may affect trustworthiness. Strategic improvements in security headers, cookie consent, and contact transparency are recommended to enhance user confidence and regulatory compliance.

E

ECNG Digital, UAB

estchange.io

0

ECNG Digital is a Lithuanian-registered virtual currency exchange service provider targeting high net worth individuals and business customers. The company offers an efficient platform for on- and off-ramping of virtual currencies, positioning itself as a niche player in the Lithuanian financial technology sector. Founded in 2021, the company maintains a clear and professional online presence with comprehensive legal disclosures and policy documents. Technically, the website leverages modern frameworks such as Vue.js and Nuxt.js, with Google Tag Manager integrated for analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and domain transfer protection but lacks advanced security headers and published security policies, which are recommended for improvement. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, the website demonstrates a solid business credibility and privacy compliance posture, though it could enhance its security transparency and incident response readiness.

W

WunderTrading

wunderbit.co

0

WunderTrading operates the website wunderbit.co, providing a platform for instant purchase of Bitcoin and over 100 other cryptocurrencies using credit and debit cards. The company targets both novice and experienced crypto investors seeking a fast, secure, and user-friendly buying experience. The platform emphasizes safety by partnering with accredited providers and enforcing AML and KYC policies. The website is well-branded, professionally designed, and offers multi-language support, enhancing its global reach. Technically, the site uses modern web technologies with Cloudflare DNS hosting, JavaScript, and CSS for a responsive and accessible user experience. SEO and social media integrations are well implemented, though some accessibility features could be improved. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and no direct storage of user assets, but lacks some advanced security headers and DNSSEC. Privacy compliance is mostly addressed with clear privacy and terms policies, but the absence of a cookie consent mechanism and incident response contacts are notable gaps. The domain is privacy protected but consistent with the business profile, and the domain age supports legitimacy. Tracking and marketing tools like Google Analytics, Facebook Pixel, and Trustpilot are used, indicating moderate user tracking. Overall, the website is credible, professional, and secure with minor areas for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

P

PSI-Pay Ltd

psi-pay.co.uk

0

PSI-Pay Ltd is a UK-based financial services company specializing in international payment solutions, particularly focusing on Mastercard® and Discover payment networks. Established in 2007, the company operates under FCA authorization for electronic money issuance, positioning itself as a transparent and efficient payment processor serving global business clients. Their key offerings include payment processing, regulatory compliance support, and partner sponsorship programs. The website reflects a professional and consistent brand image with clear navigation and relevant content aimed at businesses requiring payment and compliance services. Technically, the website is built on WordPress with a custom theme and uses legacy technologies such as jQuery 1.12.3 and Font Awesome 4.5.0. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features and modern security headers. No analytics or tracking scripts were detected, indicating minimal user tracking. The site is fully accessible without WAF or blocking mechanisms. From a security perspective, the site enforces HTTPS but lacks visible security headers and uses an outdated jQuery version, which could pose vulnerabilities. There is no published security policy or incident response contact information, and cookie consent mechanisms are absent, representing compliance gaps. The domain WHOIS data is consistent with the business claims, showing a long-standing registration and no privacy protection, supporting legitimacy. Overall, PSI-Pay's website demonstrates good business credibility and content quality but requires improvements in privacy compliance, security best practices, and technical modernization to enhance trust and reduce risk.

P

Professional Partner OÜ

propartner.lv

0

Infoproff, operated by Professional Partner OÜ, is a licensed and insured financial services agency based in Estonia, specializing in credit reporting, debt collection, marketing databases, and credit risk management. The company targets businesses seeking reliable credit information and risk evaluation tools, offering a broad portfolio of services including KYC/KYB/AML checks and API integrations. Their market position is strengthened by memberships in reputable business federations and a multilingual, multi-currency reporting capability. Technically, the website employs modern frameworks such as Yii and Bootstrap, integrates error monitoring via Sentry, and uses Cloudflare for CDN and security, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, CSRF protection, and cookie consent mechanisms, though explicit security policies and incident response details are absent. The missing WHOIS data for the domain is a notable anomaly that slightly detracts from overall trust but does not overshadow the professional presentation and operational transparency of the business. Strategic recommendations include publishing detailed security and incident response policies and enhancing accessibility compliance.

L

Latvijas Privātā un Iespējkapitāla asociācija

lvca.lv

0

Latvijas Privātā un Iespējkapitāla asociācija (LVCA) is a Latvian private equity and venture capital association representing 40 organizations in the finance sector. Founded in 2003, it serves as a key industry body promoting private equity financing, facilitating member collaboration, and advocating with government institutions. The website presents a professional image with clear business information, leadership team details, and event news. Technically, the site uses modern web standards, including HTTPS, external trusted scripts, and responsive design, though it lacks advanced CMS or frameworks. Security posture is generally good with HTTPS enforced, but absence of security headers and cookie consent mechanisms indicate room for improvement. WHOIS data could not be retrieved due to query limits, limiting domain legitimacy verification. Overall, the site is credible and functional, serving its target audience effectively.

G

Gerlionti SP. Z o. o.

gerlionti.group

0

Gerlionti Group is a medium-sized financial services company established in 2014, providing tailored investment, payment, and advisory services primarily in Poland and other European countries. The company emphasizes compliance, confidentiality, and professional expertise, supported by a network of reputable partners. Their website reflects a professional and consistent brand image with clear service offerings and contact mechanisms. Technically, the site uses modern web technologies including Google Analytics, reCAPTCHA, and Cloudflare DNS, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and spam protection, though improvements are recommended in DNSSEC and security headers. The domain registration uses privacy protection, which is common but reduces transparency. Overall, the website is trustworthy and well-positioned in the financial sector.

F

FIDEA SIA

fidea.lv

0

FIDEA SIA is a Latvian consulting company specializing in financial and management consulting with over 20 years of experience, focusing on innovation in European markets. The website is professionally designed using the Wix platform, indicating a moderate level of digital maturity. The technical infrastructure relies on Wix's Thunderbolt framework and standard web technologies, providing a stable but moderately performing platform. Security posture is adequate with HTTPS usage but lacks visible advanced security headers and explicit privacy or cookie policies, which are critical for compliance and trust. Overall, the site presents a legitimate small business with room for improvement in security and privacy compliance.

E

EcoPayz Georgia LLC

ecopayz.com

0

EcoPayz Georgia LLC operates a secure online payment platform offering personal and merchant accounts with multi-currency support and instant money transfers. The company targets individuals and merchants seeking reliable digital payment solutions, leveraging over 20 years of experience. The website is built on WordPress with modern SEO and multilingual capabilities, providing a good user experience and mobile optimization. Security posture is strong with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Contact is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy financial service provider.

Gen Re operates as a global reinsurer specializing in Life & Health and Property & Casualty insurance sectors. The website presents a professional and comprehensive overview of their services, including risk transfer solutions, consulting, underwriting, claims management, and educational resources. The company targets insurance professionals and companies seeking reinsurance expertise. Technically, the site is built on Adobe Experience Manager with modern JavaScript libraries and includes cookie consent mechanisms compliant with GDPR. Security posture is generally good with HTTPS and consented third-party scripts, though explicit security headers and incident response contacts are absent. The lack of WHOIS registration data for the domain is a notable concern, suggesting a need for further verification of domain legitimacy. Overall, the website is well-structured, content-rich, and trustworthy from a user perspective but requires improvements in transparency and security disclosures.

L

LANDE Platform Ltd.

lendsecured.eu

0

LANDE Platform Ltd. operates lande.finance, a European crowdfunding platform specializing in agricultural investments. The platform enables investors to diversify portfolios by funding secured agricultural loans, primarily targeting farmers. Licensed by the Latvian Financial and Capital Market Supervisory Authority and partnered with Lemon Way for payment processing, LANDE positions itself as a trustworthy fintech player in the EU market. The website offers detailed project listings, investment features like auto-invest, and transparency through legal and risk documentation. Technically, the site uses modern web technologies including Bootstrap, Google Tag Manager, and Facebook Pixel, hosted behind Cloudflare DNS. Security posture is solid with HTTPS and no exposed sensitive data, though explicit security headers and published security policies could enhance trust. Privacy and cookie policies are comprehensive with consent mechanisms, supporting GDPR compliance. Overall, the platform demonstrates good professionalism, user experience, and trustworthiness, though direct contact information is not publicly disclosed.

B

Bloom Finance Ltd / PionPay OU

pion.finance

0

Pion Finance operates as a payment processing platform specializing in card and alternative payment methods, offering merchants a secure and efficient way to accept payments and make payouts globally. The company emphasizes PCI DSS Level 1 compliance and regulatory adherence in the UK and EU markets through Bloom Finance Ltd and PionPay OU. Their services include recurring payments, mass payouts, and a merchant dashboard, targeting online businesses seeking seamless payment solutions. Technically, the website is built on WordPress with the Divi theme, integrating modern technologies such as Google reCAPTCHA for security. The site is well-structured, mobile-optimized, and provides clear navigation, though it lacks some advanced security headers and cookie consent mechanisms. Security posture is strong with HTTPS and PCI compliance, but incident response and vulnerability disclosure information are absent. Overall, the domain registration is privacy protected but consistent with the business profile, and the website presents a professional and trustworthy image with room for improvement in privacy compliance and security best practices.

M

MCM Global Markets Ltd.

mcmbroker.com

0

MCMBroker is an online binary options trading platform operated by MCM Global Markets Ltd., licensed under the Financial Services Authority of Saint Vincent and the Grenadines. The platform targets global traders in permitted regions, offering demo, standard, and elite accounts with fast execution and up to 95% payouts. The website is built on WordPress with Elementor and uses modern web technologies, hosted behind Cloudflare DNS. Security posture is generally good with HTTPS and anti-fraud claims, but lacks DNSSEC and explicit vulnerability disclosure mechanisms. The WHOIS data shows a suspicious future domain creation date, which requires further verification. Overall, the platform presents a professional trading service with moderate trustworthiness and room for security and privacy improvements.

E

EcoFinance

dyninnofintech.com

0

EcoFinance is a fintech company founded in 2015 and part of the Dyninno Group, specializing in providing inclusive lending products such as short-term loans, installment loans, and credit lines across Europe and the Philippines. The company positions itself as a data-driven and customer-focused lender with a strong emphasis on technology and personalized service. Their market presence includes operations in multiple countries with over 500,000 satisfied clients and a loan portfolio exceeding €179 million since inception. Technically, the website is built on the Webflow platform, leveraging modern web technologies including Google Tag Manager, Google Analytics, and Cloudflare Turnstile CAPTCHA for bot protection. The site is well-optimized for mobile devices, fast loading, and accessible, with professional design and clear navigation. However, some security best practices such as explicit security headers and cookie consent mechanisms could be improved. From a security perspective, the site enforces HTTPS and uses CAPTCHA on forms, reducing risk of automated abuse. No exposed sensitive data or vulnerable libraries were detected. The absence of public security policies and incident response information is a gap that could be addressed to enhance trust and compliance. The domain WHOIS data is privacy protected as per EURid policy, which is typical for .eu domains, and no suspicious patterns were found. Overall, EcoFinance presents a credible and professional fintech business with a solid digital presence and good security posture. Strategic improvements in privacy compliance and security transparency would further strengthen their risk profile and customer trust.

F

FinTeX

fintex.ch

0

FinTeX is a Geneva-based IT consulting company specializing in finance industry solutions, particularly trading room deployments. The website presents a professional and consistent brand image with a focus on financial technology consulting. The technical infrastructure is built on WordPress with modern plugins such as Yoast SEO and Smart Slider 3, indicating a moderate level of digital maturity. The site is mobile optimized and SEO friendly but lacks comprehensive privacy and cookie policies, which impacts compliance posture. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Overall, the site is legitimate and functional but would benefit from enhanced privacy, security, and contact transparency to improve trust and compliance.

T

true-vision.net

true-vision.net

0

True-vision.net is a French accounting service provider focused on the Lyon region, offering a range of services including accounting, fiscal advice, optimization, and payroll management. The website is professionally designed using WordPress and common plugins, providing good content quality and clear service descriptions. However, the absence of privacy and cookie policies, lack of contact information, and missing WHOIS registration data reduce the overall trust and compliance posture. Technically, the site uses HTTPS and modern web technologies but lacks security headers and explicit privacy compliance indicators.

FSE Listings is a specialized consulting firm focused on facilitating listings on the Frankfurt Stock Exchange, with a strong emphasis on dual listings for companies from Australia, Canada, and fintech sectors. The company offers multi-jurisdictional registration, capital raising, and investor roadshow services, positioning itself as a leading provider with over 1000 listings since 2000. Technically, the website is built on WordPress with standard plugins and scripts, providing moderate performance and basic mobile optimization. Security posture is adequate with HTTPS but lacks advanced security headers and explicit privacy compliance mechanisms. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and contact information suggest a legitimate business. Overall, the site is functional and informative but would benefit from enhanced security and privacy compliance measures.

B

Balance

balance.lv

0

Balance.lv is a Latvian small business specializing in accounting and financial services including bookkeeping, tax planning, and financial statement preparation. The company positions itself as a reliable partner for businesses seeking simplified accounting solutions, supported by client testimonials and a professional web presence. The website is built using Mobirise with modern frontend technologies and provides clear contact information and service descriptions. However, the absence of privacy and cookie policies indicates compliance gaps. Security posture is moderate with HTTPS assumed but lacking security headers and explicit incident response contacts. WHOIS data is unavailable due to query limits, limiting domain trust verification. Overall, the site is functional and credible but could improve in privacy and security transparency.

F

FxPro UK Limited

fxpro.co.uk

0

FxPro UK Limited operates a comprehensive online trading platform specializing in forex and CFDs, serving a global client base with over 3 million accounts. The company is well-regulated across multiple jurisdictions including the UK (FCA), Cyprus (CySEC), South Africa (FSCA), and the Bahamas (SCB), which reinforces its market credibility. The website offers a wide range of trading instruments and platforms, including MetaTrader 4, MetaTrader 5, and cTrader, supported by mobile applications and extensive educational resources. Technically, the site employs modern web technologies such as React and integrates multiple analytics and marketing tools, ensuring a robust digital presence with fast performance and excellent mobile optimization. Security measures are strong, with HTTPS enforcement and comprehensive security headers, though no public vulnerability disclosure or incident response contact is evident. The WHOIS data for the domain www.fxpro.co.uk is unavailable due to registration issues, which is a notable anomaly; however, the broader FxPro group domains and regulatory disclosures support the legitimacy of the business. Overall, FxPro presents a professional, secure, and user-friendly trading environment with strong compliance and trust indicators.

G

Grant Thornton Latvia

grantthornton.lv

0

Grant Thornton Latvia is a professional services firm specializing in audit, accounting, tax, legal, and financial consulting services. It operates as part of the globally recognized Grant Thornton International network, targeting businesses and professionals in Latvia. The website is localized in Latvian and English, reflecting a focus on the Latvian market. The business model centers on providing expert advisory and compliance services to corporate clients. The site demonstrates consistent branding and professional content, supporting its market position as a reputable service provider.

Express Credit is a Latvian online loan comparison platform operated by SIA "AB Software". The website aggregates multiple loan providers offering various credit products such as quick loans, consumer loans, credit lines, auto leasing, and mortgage loans. The platform targets Latvian consumers seeking convenient access to loan options and facilitates applications through affiliate links. The business operates a small-scale, finance-focused service with a WordPress-based website launched in 2021. Technically, the site uses common web technologies including jQuery, Bootstrap, and Google Analytics, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit privacy or terms of service pages. No direct contact information or incident response policies are published, which limits transparency. WHOIS data could not be retrieved due to query limits, restricting domain legitimacy assessment. Overall, the site presents a functional and professional loan comparison service with room for improvement in privacy, security, and business transparency.

Superia is a leading financial advisory firm operating in the Baltic region with offices in Estonia, Latvia, and Lithuania. The company specializes in mergers and acquisitions, capital markets advisory, and investment advisory services. Their website reflects a professional and active business with recent transaction references and news updates. The firm targets corporate clients seeking financial advisory services in the Baltic states. Technically, the website is built on Drupal 10, uses modern JavaScript libraries, and is mobile optimized with good accessibility and SEO practices. Security posture is adequate with HTTPS usage and no visible vulnerabilities, but lacks explicit security headers and formal privacy or cookie policies. Overall, the domain registration data is consistent and supports the legitimacy of the business.

F

Fintech Labs

fintechstartup.com

0

Fintech Labs is a specialized digital platform established in 2009 that serves small business owners by providing curated information and affiliate marketing content related to fintech products and services. The website offers comprehensive resources including digital banking reviews, credit card offers, loan listings, payment solutions, and fintech conference information, positioning itself as a niche leader in fintech content for SMBs. The platform leverages WordPress CMS with a suite of plugins for analytics, advertising, and marketing automation, reflecting a mature digital infrastructure with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and no exposed sensitive data, but could be improved by enabling DNSSEC and implementing additional security headers. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though the absence of a cookie consent mechanism is a minor gap. Overall, the website demonstrates good business credibility and professionalism, supported by a well-established domain and consistent branding.

V

VediCard

vedicard.eu

0

VediCard is a specialized consultancy firm operating in the payment and banking sector, providing expert advisory services including project management, feasibility studies, certification support, and strategic business guidance. The company targets financial institutions, payment service providers, and related stakeholders, positioning itself as a trusted partner with over 20 years of industry experience. The website reflects a professional and consistent brand image with clear service offerings and reputable client associations. Technically, the website is built on WordPress with modern plugins such as Visual Composer and MetaSlider, ensuring a responsive and user-friendly experience. The hosting and domain registration are consistent and legitimate, with no signs of privacy protection or suspicious registrations. Performance is moderate with good mobile optimization, though SEO and accessibility could be improved. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks important security headers and formal policies such as privacy, cookie, and incident response disclosures. No vulnerability disclosures or security.txt files are present, indicating room for improvement in security transparency and compliance. Overall, the website is credible and professional but would benefit from enhanced privacy compliance and security best practices to strengthen trust and regulatory adherence.

Marsh is a globally recognized leader in insurance broking and risk management, offering tailored solutions across various industries and regions. The website reflects a mature enterprise with a professional digital presence, leveraging Adobe Experience Manager and modern analytics and consent management tools. Security posture is strong with HTTPS enforcement, secure login forms, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data limits domain registration trust analysis but is consistent with large enterprises using privacy protections. Overall, Marsh's website demonstrates a solid balance of business credibility, technical sophistication, and privacy compliance.

S

SIA “Investimus”

investimus.lv

0

SIA Investimus is a Latvian insurance brokerage company established in 2002, specializing in providing a wide range of insurance services to private individuals, companies, and farmers. The company emphasizes collaboration with stable and reliable European partners and offers products such as life insurance with savings, accident insurance, vehicle insurance, property insurance, travel insurance, and liability insurance. Their website presents a professional image with clear contact information and a team of brokers, positioning them as a trusted player in the Latvian insurance market. Technically, the website is built on WordPress 5.0.22, utilizing common libraries and frameworks such as jQuery, Bootstrap, FontAwesome, and Google Maps API. The site is mobile-optimized with good navigation and moderate performance. However, there is room for improvement in SEO and accessibility features. The website uses HTTPS, but lacks advanced security headers and visible privacy or cookie policies, which are important for compliance and user trust. From a security perspective, the site shows basic good practices such as HTTPS and form validation but misses critical elements like security headers and incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data due to query limits limits the ability to fully verify domain legitimacy, but the website content and contact details support a moderate trust level. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, improved security headers, and better transparency regarding data protection and incident response. These improvements would strengthen user trust and regulatory compliance, reducing risk and enhancing the company’s digital maturity.

B

B2F Srl

b2f.it

0

B2F Srl is a specialized fintech digital solution provider based in Italy, with nearly two decades of experience integrating financial services into sales processes through pay-per-use digital platforms. Their offerings target both territorial networks (companies, agents, points of sale) and virtual networks (e-commerce sites, marketplaces), providing customizable and versatile fintech integration solutions. The company positions itself as a game changer in the fintech arena, emphasizing simplicity, customization, and versatility in its platform architecture. Technically, the website employs modern frontend technologies including Tailwind CSS and Alpine.js, with Google Tag Manager and Iubenda for analytics and cookie consent management. The site is mobile optimized and SEO friendly, with good performance and accessibility basics. Security practices include HTTPS enforcement and CSRF protection on forms, though formal security policies and incident response details are not published. The security posture is solid with no detected vulnerabilities or exposed sensitive data, but could be improved by adding security headers and formal security documentation. Privacy compliance is strong with comprehensive privacy and cookie policies and active consent mechanisms. Business credibility is supported by clear company information, professional content, and trust indicators. Overall, B2F presents a professional, secure, and compliant online presence aligned with its fintech business focus, with recommendations to enhance security transparency and accessibility for further trust and compliance improvements.

TBC Pay is a well-established Georgian online payment platform, founded in 2008 and operated under the TBC Bank Group umbrella. It offers a comprehensive suite of payment services including mobile balance top-ups, banking payments, utility bills, transportation fines, and state services. The platform targets Georgian residents and businesses seeking convenient, fast, and secure online payment solutions. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization. Technically, it leverages modern technologies such as React, Google Analytics, Facebook Pixel, and AWS hosting, ensuring good performance and scalability. Security posture is strong with HTTPS, security headers, and secure form handling, though cookie consent mechanisms and explicit security policies could be improved. Overall, the platform demonstrates high business credibility and trustworthiness, supported by consistent WHOIS data and a long domain history.