Skip to main content

Is psihoterapijasprakse.lv a Scam? Security Check Results - Andris Veselovskis Reviews

A

Is psihoterapijasprakse.lv Safe? Security Analysis for Andris Veselovskis

https://psihoterapijasprakse.lv

Check if psihoterapijasprakse.lv is a scam or legitimate. Free security scan and reviews.

HealthcareLatviasmall
jQuery 3.6.3jQuery 1.7.2Fancybox 1.3.1Bootstrap Grid 5.0.0-alpha1Cufon font replacement
Analyzed 7/30/2025Completed 10:21:47 PM
38
Security Score
HIGH RISK

AI Summary

The website psihoterapijasprakse.lv represents a small psychotherapy practice operated by Andris Veselovskis, a certified medical psychotherapist with over two decades of experience. The site offers psychotherapy services, supervision for colleagues, and educational content such as articles and podcasts primarily targeting Latvian-speaking individuals seeking mental health support. The business model is service-oriented with additional subscription-based educational materials. The website content is professional and relevant, though the design and technical implementation are basic and somewhat outdated. Technically, the site uses a mix of older and newer JavaScript libraries including jQuery and Fancybox, with some reliance on deprecated versions that may pose security risks. The site shows basic mobile optimization and moderate performance but lacks modern CMS or frameworks. There is no evidence of advanced SEO or accessibility features. Security posture is moderate with HTTPS assumed but no visible security headers or cookie consent mechanisms, indicating gaps in compliance and best practices. Security evaluation reveals potential vulnerabilities due to outdated libraries and missing security headers. Privacy compliance is limited, with a privacy policy page present but no cookie consent or explicit GDPR compliance indicators. Contact information is clearly provided via phone and Facebook, but no email contacts or incident response details are published. WHOIS data could not be retrieved, limiting domain legitimacy verification. Overall, the website is functional and serves its business purpose but requires technical and security improvements to enhance trust, compliance, and user experience. Strategic recommendations include updating technical components, implementing security headers, adding cookie consent, and publishing comprehensive privacy and security policies.

Detected Technologies

jQuery 3.6.3jQuery 1.7.2Fancybox 1.3.1Bootstrap Grid 5.0.0-alpha1Cufon font replacement

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The business is positioned as a specialized psychotherapy practice in Latvia, leveraging the personal brand and credentials of Andris Veselovskis. The practice benefits from a niche market with high demand for mental health services. The business model combines direct client services with educational content, potentially generating recurring revenue through article subscriptions. The website supports client engagement and professional networking via social media and supervision groups. Growth opportunities may include expanding digital content offerings and improving online presence. The lack of advanced digital marketing or analytics tools suggests room for modernization. Partnerships or related domains are not evident, indicating a primarily independent operation.

Extracted Contact Information

Marketing Intelligence Data

Phone Numbers (1)

+3712944****

Physical Addresses (1)

Rīga, Maiznīcas 12-1, LV-1001, Latvia

Security Posture Analysis

Comprehensive Security Assessment

The current security posture is moderate but with notable gaps. The site uses HTTPS, which is mandatory, but lacks visible security headers such as Content Security Policy, HSTS, or X-Frame-Options that help mitigate common web attacks. The presence of outdated JavaScript libraries increases the risk of vulnerabilities. No cookie consent or privacy compliance mechanisms are implemented, which may expose the business to GDPR compliance risks. There is no published incident response or security policy, limiting transparency and preparedness. Overall, the security culture appears informal and could benefit from structured improvements to protect client data and enhance trust.

Strategic Recommendations

Priority Actions for Security Improvement

1

Update all JavaScript libraries to their latest secure versions to mitigate known vulnerabilities.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Andris Veselovskis

Description:

Psychotherapist practice of Andris Veselovskis, a certified medical psychotherapist with over 21 years of experience offering psychotherapy services, articles, podcasts, and supervision for colleagues.

Key Services:
Psychotherapy sessionsSupervision for psychotherapistsEducational articles and podcasts
Content Quality:

good

Branding:

moderate

Technical Stack

Technologies:
jQuery 3.6.3jQuery 1.7.2Fancybox 1.3.1Bootstrap Grid 5.0.0-alpha1Cufon font replacement
Performance:

moderate

Mobile:

basic

Accessibility:

basic

SEO:

basic

Security Assessment

Security Score:
55/100
Best Practices:
  • HTTPS usage assumed (URL is https)
  • No visible forms with sensitive inputs on main page

Analytics & Tracking

Tracking Level:minimal
Privacy Compliance:poor

Advertising & Marketing

Transparency Level:poor

Website Quality Assessment

Design Quality:basic
User Experience:basic
Content Relevance:good
Navigation Clarity:good
Professionalism:basic
Trustworthiness:moderate

Key Observations

1

Website is a small psychotherapy practice site in Latvian language.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

20/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

10/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

EU business without adequate privacy measures

CRITICAL

EU businesses are subject to strict GDPR requirements

Third-party services without privacy policy

HIGH

Detected services: Facebook, Cloudflare, Google APIs

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

70/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 +a +mx -all
DNS Lookups:2/10
Policy:-all

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

62/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 32 days

Mixed Content Detected

MEDIUM

1 resources loaded over insecure HTTP

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.2TLSv1.3TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

75/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

No DMARC Record

MEDIUM

DMARC policy not configured

DNS Records

A Records:92.240.68.125
Name Servers:
ns.hostme.lvDNS only
nsz2.nic.lvDNS only
MX Records:
10: mail.psihoterapijasprakse.lv
SOA:Serial: 1741768537, TTL: 10800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:203ms

SPF Analysis

SPF Record:
v=spf1 +a +mx -all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

0/100
Score

High-Risk Service Exposed: FTP

HIGH

Port 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer

Service Exposed: SSH

MEDIUM

Port 22 (SSH) is publicly accessible - SSH - Secure but can be brute-forced

Critical Service Exposed: MySQL

CRITICAL

Port 3306 (MySQL) is publicly accessible - MySQL - Database server

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website relies on a combination of older and newer JavaScript libraries, including jQuery versions 1.7.2 and 3.6.3, Fancybox 1.3.1, and Bootstrap Grid 5.0.0-alpha1. The use of Cufon for font replacement is outdated compared to modern web font techniques. The site does not appear to use a modern CMS or framework, indicating potential technical debt. Performance is moderate with some mobile optimization via JavaScript redirection, but accessibility and SEO features are basic. No advanced analytics or tracking scripts are detected, suggesting minimal data collection. The technical stack is functional but would benefit from modernization to improve security, performance, and maintainability.
Analyze Another Website