Security Directory

H

Holidays

holidays.com

0

Holidays.com is a travel discovery and inspiration platform offering curated travel lists, destination guides, hotel and resort recommendations, and travel tips. The website targets travel enthusiasts, couples, and families seeking vacation ideas. It holds a strong market position as a leading travel content publisher with a professional and consistent brand presence. Technically, the site is built on WordPress, leveraging modern technologies such as Alpine.js, Google Tag Manager, and Adobe Fonts, delivering a responsive and accessible user experience. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and cookie consent mechanisms could be improved. The absence of WHOIS registration data raises some legitimacy concerns, but the active content and social media presence mitigate this risk. Overall, the site is professional, trustworthy, and well-optimized for its audience.

F

Freedom

freedom.nl

0

Freedom is a well-established Dutch internet service provider founded in 1999, offering Internet, TV, and VoIP services with a strong emphasis on privacy, security, and customer support. The company holds a reputable market position, having been recognized multiple times by the Dutch Consumers’ Association as the best Alles-in-1 provider. Their business model focuses on subscription-based services with added value such as free .nl domains, security software, and a dedicated helpdesk. Technically, the website is built on the Bolt CMS platform, uses Matomo for privacy-respecting analytics, and is hosted by a reputable Dutch registrar with DNSSEC enabled. Security posture is strong with HTTPS enforced and coordinated vulnerability disclosure policies in place, though improvements can be made by adding explicit security headers and cookie consent mechanisms. Overall, the website is professional, trustworthy, and aligns well with its privacy-centric brand identity.

S

Sketch

sketch.com

0

Sketch is a well-established design software company targeting designers and creative professionals with a macOS native application focused on design, prototyping, collaboration, and developer handoff. The website is professionally designed, rich in content, and demonstrates a mature digital presence with modern technologies and privacy-conscious analytics. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not publicly detailed. WHOIS data is unavailable or privacy protected, which slightly reduces trust but is common for established brands. Overall, Sketch presents a trustworthy and professional business with a strong market position in the design software industry.

M

mave.io B.V.

mave.io

0

mave.io B.V. operates a European-focused video platform emphasizing privacy, user experience, and developer-friendly integration. The company offers a cookieless video streaming solution with features such as adaptive streaming, accessibility enhancements, API access, and open-source components. Positioned as a European alternative to major video platforms, mave.io targets developers and businesses seeking GDPR-compliant, customizable video solutions. The website reflects a modern, professional SaaS business with strong branding and customer testimonials from reputable clients like Sketch and Freedom Internet. Technically, the site is built using Hugo CMS, Alpine.js, Chart.js, and custom web components, delivering fast performance, excellent mobile optimization, and good accessibility. The platform uses HTTPS exclusively and avoids exposing sensitive data. However, explicit security headers and a published security policy are absent, representing areas for improvement. Privacy compliance is well addressed with a clear privacy policy, cookie consent banner, and GDPR adherence. Security posture is solid but could be enhanced by publishing incident response contacts and vulnerability disclosure programs. The WHOIS data is unavailable due to privacy protection, which is justified for this business type. Overall, the site demonstrates high trustworthiness, professional content, and a strong commitment to privacy and user experience.

K

Krajowa Izba Rozliczeniowa S.A.

kir.pl

0

Krajowa Izba Rozliczeniowa S.A. (KIR) is a key technological hub and infrastructure provider for the Polish payment system, offering a broad range of digital solutions for banks, companies, public sector entities, and individual clients. Their services include interbank settlements (Elixir), instant payments (Express Elixir), electronic signatures (Szafir and mSzafir), electronic identification (mojeID), and open banking interfaces (HUB PSD2). The company holds a strong market position as a critical infrastructure entity in Poland's financial ecosystem. Technically, the website employs modern web technologies including Google Tag Manager and Google reCAPTCHA, with a CMS platform (edito) supporting content management. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security measures such as HTTPS, CSRF tokens, and bot protection are implemented, though explicit security headers could be further verified. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user data protection. However, no explicit incident response or vulnerability disclosure policies were found, which could enhance trust and security readiness. Overall, the website and business present a low-risk profile with strong credibility and professional digital infrastructure. Strategic recommendations include enhancing security header transparency, publishing vulnerability disclosure information, and improving contact information visibility to further strengthen trust and compliance.

The website karierawunum.pl serves as a professional career recruitment platform for Unum Życie Towarzystwo Ubezpieczeń i Reasekuracji S.A., a large insurance company based in Poland. It targets individuals interested in sales and advisory roles within the insurance sector, offering detailed information about career benefits, training, and company values. The site is well-branded and includes testimonials and awards that reinforce trust and professionalism. Technically, the site is built on WordPress with modern analytics and marketing tools integrated, including Google Analytics, Facebook Pixel, and Hotjar, supporting extensive user tracking and marketing efforts. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although security headers could be improved. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism and links to detailed privacy policies. WHOIS data is unavailable, likely due to privacy protection, but the website content and business registration details indicate legitimacy. Overall, the site is professional, secure, and compliant, serving its business purpose effectively.

O

OnCourse Technologies, Inc.

oncourse.ai

0

OnCourse AI is a technology company specializing in AI-powered lead qualification and nurturing solutions primarily targeting real estate and hospitality sectors. Their flagship product, Oli, is a conversational AI assistant designed to engage leads 24/7 via chat, email, SMS, and voice, improving conversion rates and reducing sales costs. The company positions itself as a cost-effective alternative to human sales agents, leveraging AI trained on client data to provide accurate and timely responses. Technically, the website is built on the Webflow platform, utilizing modern JavaScript frameworks, Google Analytics, and Google Tag Manager for tracking and marketing. The site is well-optimized for mobile devices, has good SEO practices, and features interactive elements such as Lottie animations and embedded videos. Hosting appears to be managed by Webflow, with content delivered via CDN. From a security perspective, the site enforces HTTPS and shows no signs of exposed sensitive data or vulnerable libraries. However, some standard security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, and no public security policy or incident response information is published. Privacy and cookie policies are present and appear GDPR compliant, though no explicit consent mechanism for cookies is observed. Overall, the website demonstrates a professional and trustworthy online presence with strong business credibility supported by client testimonials and partner logos. The lack of publicly available WHOIS registrant data due to privacy protection slightly reduces trust but is common for tech startups. The site is free from WAF blocking or security challenges, allowing full content access and analysis.

The website bestoflasvegas.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, specifically an error 1005 indicating that the ASN of the visitor's IP address is banned by the site owner. This prevents any meaningful content analysis or business information extraction. The domain is long-established since 2000 and registered with Network Solutions, LLC, but no privacy protection or registrant details are publicly available. The site relies on Cloudflare for security and performance, but no privacy, cookie, or terms of service policies are visible. No contact information or forms are present on the blocked page. Due to the WAF block, the technical infrastructure and digital maturity cannot be fully assessed, and the security posture is unknown beyond the use of Cloudflare. Overall, the site scores very low on AI evaluation due to inaccessibility and lack of visible content or policies.

H

HTA Software

hta.nl

0

HTA Software is a Dutch software development company specializing in creating software solutions for local governments, healthcare, public sector, real estate, and transport industries. Established in 1994, the company offers both standard and custom software products, including appointment scheduling, digital reception, customer guidance systems, contract management, and logistics platforms. Their market position is that of a niche provider serving multiple sectors with tailored software solutions. Technically, the website is built on WordPress using the Avada theme and Yoast SEO plugin, with integrations such as Google Analytics and Cookiebot for privacy compliance. The site demonstrates good SEO, accessibility, and mobile optimization. Security-wise, the site uses HTTPS and DNSSEC, with a cookie consent mechanism in place, but lacks explicit security policy and incident response information. Overall, the website is professional and trustworthy, though it would benefit from publishing explicit privacy and terms of service pages and providing direct contact information.

M

Museumvereniging

museum.nl

0

Museumvereniging operates the website museum.nl, a leading platform dedicated to promoting museums and cultural events in the Netherlands. The site provides comprehensive information about museums, exhibitions, events, and the Netherlands Museum Pass, targeting a broad audience of museum visitors and cultural enthusiasts. The organization positions itself as a key non-profit entity supporting Dutch museums and cultural heritage. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Google Analytics for analytics and marketing purposes. The site is well-optimized for mobile devices, features lazy loading for images, and uses SVG icons for scalable graphics. SEO and accessibility practices are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policy documentation and incident response contact information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's claims, showing consistent registrant information and domain age appropriate for the business. Overall, the website demonstrates a strong balance of content quality, technical implementation, and privacy compliance, with room for improvement in formal security policy disclosures and incident response readiness.

H

Het Cultuurfonds

cultuurfonds.nl

0

Het Cultuurfonds is a prominent Dutch non-profit organization dedicated to funding and promoting cultural and nature projects across the Netherlands and its territories. With an annual investment of over 40 million euros, it supports thousands of cultural initiatives, ranging from local to large-scale projects. The organization maintains a strong market position as a key cultural funder with a broad target audience including cultural makers, donors, and the general public. The website reflects a professional and consistent brand image with comprehensive content and clear navigation.

B

Bullhorn

bullhorn.com

0

Bullhorn is a leading enterprise software provider specializing in staffing and recruiting solutions. Their platform offers a comprehensive applicant tracking system (ATS), customer relationship management (CRM), recruitment automation, onboarding, and analytics services tailored for recruiting agencies and staffing firms. The company positions itself as a market leader with a strong focus on automating the recruiting lifecycle to increase placements. The website reflects a mature digital presence with professional branding and extensive use of structured data for SEO. Technically, Bullhorn's website is built on WordPress and leverages modern web technologies including jQuery, Google Tag Manager, Marketo marketing automation, and a performance CDN. The site is well-optimized for SEO, mobile responsive, and includes accessibility features. Privacy compliance is robust with a comprehensive privacy policy and cookie consent managed by OneTrust. From a security perspective, the site enforces HTTPS and integrates security best practices such as asynchronous loading of third-party scripts and cookie consent mechanisms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present in the HTML source, and no public security or incident response policies were found. The WHOIS data is unavailable, which slightly reduces trust but the professional site and strong branding mitigate concerns. Overall, Bullhorn's website demonstrates a high level of professionalism, technical maturity, and privacy compliance. The main risk area is the lack of publicly available WHOIS data and explicit security policies, which should be addressed to enhance trust and transparency.

L

Lexip

lexip.co

0

Lexip is a French-based e-commerce company specializing in premium gaming accessories and peripherals, including controllers, headsets, keyboards, mice, and limited edition collector items. Positioned as one of the main French manufacturers in this niche, Lexip targets professional and enthusiast gamers seeking high-quality gaming hardware. The website is built on a modern WordPress infrastructure utilizing WooCommerce for e-commerce capabilities, Elementor for design, and integrates marketing automation tools such as Sendinblue and Klaviyo. The site demonstrates good content quality, branding consistency, and a professional user experience, although explicit privacy and cookie policies are not readily found. From a security perspective, the website enforces HTTPS and uses security plugins like Wordfence, but lacks visible security headers and explicit incident response or security policy information. No WHOIS data is available due to privacy protection, which is common for commercial sites but limits domain trust verification. The site does not exhibit any adult or questionable content and is accessible without WAF or blocking mechanisms. Overall, Lexip presents a credible and professional e-commerce platform with moderate technical maturity and security posture. Improvements in privacy compliance documentation, security header implementation, and clearer contact information would enhance trust and compliance.

U

Ubisoft

ubisoftgearshop.com

0

The Official Ubisoft Gear Shop is an e-commerce platform dedicated to selling exclusive Ubisoft-branded merchandise including apparel and collectibles. The website leverages the Shopify platform, indicating a modern and scalable e-commerce infrastructure. The site targets gamers and fans of Ubisoft franchises such as Assassin's Creed and Rainbow Six Siege, positioning itself as the official merchandise outlet for Ubisoft. The domain is newly registered, which aligns with a recent launch or rebranding effort. The website demonstrates good design quality, mobile optimization, and basic SEO practices, but lacks visible privacy and terms of service pages in the provided content.

A

Art4Fans

art4fans.com

0

Art4Fans is a niche e-commerce retailer specializing in official gaming and entertainment artwork and posters. Founded in 2023 and operating primarily from Canada, the company offers unique printed creations on various materials such as canvas, wood, metal, and museum-grade paper. The website targets gaming and cinema fans seeking high-quality, authentic artwork with fast international shipping. The business leverages Shopify as its e-commerce platform, integrating multiple marketing and analytics tools to enhance customer experience and business insights. The site demonstrates good content quality, professional design, and consistent branding, supporting a positive market position within its niche. Technically, the website is built on a modern Shopify infrastructure with standard third-party libraries and apps, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and domain registration protections, though minor improvements such as enabling DNSSEC and publishing explicit security policies are recommended. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, Art4Fans presents a trustworthy and professional online presence with room for enhanced security transparency and technical hardening.

F

FocusFuel

thefocusfuel.com

0

FocusFuel is a recently established e-commerce business specializing in energy products marketed as convenient and fun. The company operates primarily through a Shopify platform, leveraging various third-party marketing and subscription tools to enhance customer engagement and sales. The website demonstrates a professional design and consistent branding, targeting consumers seeking on-the-go energy solutions. Technically, the site uses modern web technologies and is hosted on a reliable infrastructure with HTTPS enabled, though DNSSEC is not configured. Security practices are adequate but could be improved by adding explicit privacy and cookie policies, as well as a vulnerability disclosure mechanism. Overall, the domain registration is legitimate and consistent with the business profile, though the company is relatively new.

R

RHINOSHIELD

rhinoshield.io

0

RhinoShield is an established e-commerce business specializing in mobile phone protective cases, screen protectors, and accessories. Founded in 2016, the company operates a professional Shopify-based online store targeting mobile phone users seeking durable and customizable protection solutions. The website demonstrates consistent branding and offers comprehensive product support, warranty information, and order tracking, indicating a mature business model with a focus on customer service. The target audience is general consumers interested in mobile device protection.

M

MADRINAS

madrinas.com

0

MADRINAS is a specialty coffee e-commerce business offering premium coffee products including instant coffee, small batch roasted whole bean coffee, and charged refreshers. The company operates a professionally designed Shopify-based online store targeting coffee enthusiasts and consumers seeking high-quality coffee experiences. The website demonstrates a mature digital infrastructure with integrations of multiple marketing and analytics tools, reflecting a moderate to advanced digital maturity level. Security posture is generally good with HTTPS enforced and domain registration protections in place; however, the absence of DNSSEC and security headers indicates room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which could expose the business to regulatory risks. Overall, the website is trustworthy and professional but should enhance privacy transparency and DNS security to strengthen its security and compliance posture.

J

Japan Crate

japancrate.com

0

Japan Crate is a medium-sized e-commerce business specializing in Japanese snack and candy subscription boxes, targeting foodies, anime fans, and Japanese pop culture enthusiasts worldwide. Founded in 2014, the company offers bi-monthly themed snack boxes shipped globally. The website is built on the Shopify platform, leveraging modern web technologies and multiple third-party marketing and analytics tools. The technical infrastructure is solid with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and clientTransferProhibited domain status, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Overall, the business demonstrates a consistent brand and trustworthy online presence.

F

Fulllife

full.life

0

Fulllife is a French e-commerce company specializing in eco-responsible streetwear apparel targeted at the gaming community. The website presents a professional and consistent brand image with a focus on sustainability and gaming culture. The business operates primarily online using a Magento-based platform, integrating various marketing and analytics tools such as Google Tag Manager, Klaviyo, and Adobe Commerce SDK. The domain is registered with Scaleway SAS in France since 2018, aligning well with the company's profile and market presence. Technically, the website employs a modern e-commerce stack with responsive design and moderate performance. However, there is room for improvement in security practices, including enabling DNSSEC, implementing security headers, and publishing comprehensive privacy and cookie policies. No WAF or blocking mechanisms were detected, indicating full accessibility. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and formal incident response or vulnerability disclosure information. Privacy compliance is weak due to missing policies and consent mechanisms, which could expose the company to regulatory risks. Overall, the website is functional and credible but would benefit from enhanced security and privacy compliance measures to strengthen trust and regulatory adherence.

B

Blend Cota Studios

blendcotastudios.com

0

Blend Cota Studios operates a professionally designed Shopify-based e-commerce website specializing in original and licensed artwork, including oil paintings and prints. The business targets art collectors and fans of licensed franchises, positioning itself as a niche artist brand with a growing online presence since its domain registration in 2019. The website leverages modern e-commerce technologies and integrates third-party services for reviews and product customization, reflecting a moderate level of digital maturity.

P

Piggyback Interactive Limited

piggyback.com

0

Piggyback Interactive Limited operates a professional website focused on publishing premium official guides for major video game franchises. The company has a niche market position with a strong focus on quality and official licensing, targeting gamers and enthusiasts seeking authoritative game guides. The website is built on a modern WordPress CMS infrastructure, leveraging SEO plugins, cookie consent mechanisms, and analytics tools to optimize user experience and compliance. The technical infrastructure is robust, with fast performance, mobile optimization, and accessibility features. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are absent. The WHOIS data for the domain is missing or unavailable, which is a concern but the website content and branding indicate legitimacy. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in security transparency and domain registration clarity.

M

Ministerstvo životního prostředí

zelenamodernizace.cz

0

The website zelenamodernizace.cz represents a government-backed initiative by the Czech Ministry of Environment focused on promoting green modernization efforts including energy savings, climate adaptation, and environmental protection. It targets citizens, businesses, and regions within the Czech Republic, providing information and support for sustainable practices. The site is well-structured, professionally designed, and uses modern technologies such as Drupal 10 CMS and integrates standard tracking and marketing tools with GDPR-compliant cookie consent mechanisms. From a technical perspective, the site demonstrates moderate to good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and secure form handling, though it lacks some advanced security headers and a public vulnerability disclosure policy. The absence of WHOIS data limits domain trust assessment, but the strong government affiliation and consistent branding mitigate concerns. Overall, the website is a credible and trustworthy source of information for environmental modernization in the Czech Republic, with good privacy compliance and user experience. Strategic improvements in security headers, incident response transparency, and WHOIS data availability could further enhance trust and security posture.

N

Nadace Vodafone

nadacevodafone.cz

0

Nadace Vodafone is a Czech Republic based non-profit foundation established in 2006 and sponsored by Vodafone Czech Republic, a.s. The foundation focuses on social innovation, education, and community support programs, including digital literacy for seniors and acceleration of technological social innovations. The website is professionally designed with consistent branding and provides rich content about its programs and news. Technically, the site uses modern web technologies including JavaScript libraries like Swiper and Plyr, and integrates cookie consent and tag management tools such as OneTrust and Tealium. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies are not explicitly published. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. The domain WHOIS data is unavailable, which limits trust analysis, but the website's content and social media presence support its legitimacy. Overall, the site is well-maintained, user-friendly, and trustworthy for its target audience.

V

vanStijl

vanstijl.nl

0

vanStijl is a Netherlands-based full-service creative agency specializing in on- and offline design, branding, events, and communication services. The company positions itself as an external creative department for clients, offering tailored solutions such as website creation, newsletters, print media, and event communication. The website reflects a mature business with a portfolio showcasing diverse projects and clients, indicating a stable market presence since its founding in 2016. Technically, the website is built on WordPress 6.8 with modern libraries like jQuery 3.7.1 and integrates Google Analytics and Google Tag Manager for tracking. It uses HTTPS with good SSL configuration and employs anti-spam and CAPTCHA tools to protect forms. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS and spam protection, but lacks explicit security headers and public security policies. Privacy compliance is limited as no privacy or cookie policies are found, which could be improved to meet GDPR standards. Contact information is clearly presented, enhancing business credibility. Overall, vanStijl's website is professional, trustworthy, and well-structured, suitable for its target audience of businesses seeking creative services. Strategic improvements in privacy compliance and security policy transparency would further strengthen its risk profile and user trust.

W

Welkom Toegankelijkheid & Evenement - Marianne Dijkshoorn

geenbeperkingmeer.nl

0

Welkom Toegankelijkheid & Evenement, founded in 2014 by Marianne Dijkshoorn, is a specialized consultancy focused on improving accessibility and inclusivity for events and locations. The company offers tailored advice, speaking engagements, product sales and rentals, and experience parcours to enhance the visitor experience for people with disabilities. The website reflects a strong market position in the Netherlands with international recognition through awards and projects. Technically, the site is built on WordPress with a modern tech stack including Divi theme, Yoast SEO, and accessibility plugins, providing good performance and excellent accessibility features. Security posture is solid with HTTPS, DNSSEC, and reCAPTCHA, though some security headers and explicit policies could be improved. Privacy compliance is basic with terms of service available but no explicit privacy or cookie policies. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

K

KETEL 1

ketel1.nl

0

KETEL 1 is a premium Dutch gin brand with a well-structured website built on WordPress, leveraging modern SEO and compliance tools such as Yoast SEO and Cookiebot. The company targets mature consumers interested in quality spirits, offering products like KETEL 1 Original and Signature Blend. The website demonstrates a good level of digital maturity with mobile optimization and clear navigation. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though additional security headers and policies could enhance protection. Privacy compliance is well addressed through Cookiebot and a comprehensive privacy policy, aligning with GDPR requirements. Overall, the site is professional and trustworthy, with no critical security or compliance gaps detected.

V

VOCAST

presscloud.com

0

VOCAST operates a brand sharing platform accessible via the provided login page. The platform appears to target businesses and brand managers seeking to share and manage brand content digitally. The website is technically supported by Cloudflare DNS and uses Font Awesome Pro for iconography, indicating a moderate level of technical maturity. However, the site lacks visible privacy, cookie, or terms of service policies, which are critical for compliance and user trust. Security posture is adequate with HTTPS enabled and domain transfer protections, but could be improved by adding security headers and incident response information. Overall, the site is functional but basic in content and compliance, suggesting room for enhancement in privacy and security transparency.

C

CookieCode

cookiecode.be

0

CookieCode is a Dutch company specializing in automated privacy and cookie compliance solutions tailored to meet GDPR (AVG) requirements. Their business model revolves around a partner network that delivers customized cookie banners, detailed cookie declarations, and privacy statements to website owners and managers. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, targeting ICT companies, website builders, and marketing agencies. Technically, the site uses modern frontend technologies including Bootstrap and jQuery, integrates Google Analytics and Tag Manager with consent blocking, and employs proprietary scripts for cookie management. Security-wise, the site demonstrates good privacy compliance practices such as anonymizing IPs and blocking tracking scripts until consent, but lacks explicit security policies, incident response contacts, and security headers. The domain uses privacy protection in WHOIS, which is justified given the privacy-focused nature of the business. Overall, the website is trustworthy, compliant, and well-positioned in its niche, though it could improve security posture by publishing formal policies and enhancing technical security controls.

The website rouwpost.nl is currently inaccessible due to an IP ban enforced by Cloudflare's Web Application Firewall (WAF), resulting in an access denied error page. This prevents any meaningful content or business information from being retrieved or analyzed. The domain is newly registered in March 2023 with no DNSSEC enabled, and the registrar is XS Anywhere B.V. The lack of accessible content means no privacy, cookie, or terms of service policies are available, nor any contact or security-related information. The technical infrastructure relies on Cloudflare for security and performance, but no further technology stack details can be determined. Due to the blocking, the security posture cannot be fully assessed, but the presence of Cloudflare indicates some level of protection. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility due to the lack of accessible data.

U

Unigra in Katwijk | Fabrikant van uitvaartkisten

unigra.nl

0

The website www.unigra.nl is a small business site built on the Wix platform, utilizing Wix Thunderbolt framework and standard JavaScript polyfills. The site content is minimal and primarily technical, with no visible business descriptions, contact information, or privacy-related policies in the provided HTML content. The technical infrastructure is modern but lacks advanced SEO, accessibility, and security headers. The security posture is basic with HTTPS implied but missing explicit security headers and privacy compliance mechanisms. Overall, the site appears legitimate but lacks transparency and comprehensive business and security information, which limits trust and compliance confidence.

V

Van der Lans & Busscher

staatsie.nl

0

Van der Lans & Busscher is a specialized transportation service provider in the Netherlands, offering dignified state and funeral transport services since 1896. Their website reflects a well-established niche business with a clear focus on providing memorable and respectful transport options including traditional and alternative funeral vehicles. The company maintains a professional online presence with consistent branding and active social media channels. Technically, the website uses a modern JavaScript stack centered around jQuery and Font Awesome, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the site is trustworthy and professionally maintained, supporting the company’s market position as a reputable funeral transport provider.

A

Alvasco

alvasco.nl

0

Alvasco is a well-established family-owned artisanal stone masonry business based in Rotterdam, Netherlands, specializing in personalized grave monuments and memorial stones. With five generations of experience, the company offers custom designs, monument maintenance, and on-site consultations, positioning itself as a trusted local provider in the memorial industry. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with WooCommerce and uses modern SEO and tracking tools, though some security headers and privacy policies are missing. The security posture is solid with HTTPS and DNSSEC enabled, but improvements are recommended in privacy compliance and security best practices. Overall, the domain's long age and consistent WHOIS data support the legitimacy of the business.

A

AVe producties

aveproducties.nl

0

AVe producties is a small Dutch company specializing in audiovisual presentations for funeral services, combining photos and music to create meaningful memorials. The company operates as a niche service provider under the parent company HB Visuals and targets families and funeral service clients seeking personalized farewell presentations. The website is built on Joomla! CMS with common web technologies and integrates social media and analytics tools. While the site is professionally designed and provides clear contact information, it lacks essential privacy and cookie policies, which impacts GDPR compliance. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. Overall, the website is functional and trustworthy but would benefit from enhanced privacy and security measures.

B

Brands Bloemenhal

brandsbloemenhal.nl

0

Brands Bloemenhal is a well-established family-owned florist business based in Rotterdam, Netherlands, specializing in funeral and memorial flower arrangements. With over 50 years of history and three generations of experience, the company offers traditional and custom floral designs, serving a local clientele with both in-store and online ordering options. The website reflects a professional and trustworthy presence with clear contact details and social media engagement. Technically, the site uses a modern technology stack including Bootstrap, jQuery, and is hosted on Microsoft Azure Blob Storage, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are absent. Privacy compliance is basic with presence of privacy and cookie policies but lacking explicit consent mechanisms. Overall, the website is safe, well-structured, and credible, supporting the business's retail operations effectively.

De Big BV is a small Dutch company specializing in property clearance and professional cleaning services after death or in cases of heavily cluttered or contaminated homes. The company targets individuals and families in the Rotterdam area who require assistance with these sensitive and demanding tasks. Their business model focuses on providing relief to families by handling difficult cleaning and clearance tasks professionally. The website content is basic but relevant, providing clear descriptions of services and contact options. Technically, the site uses older JavaScript libraries and is hosted via Strato with DNSSEC enabled, indicating a reasonable level of technical infrastructure but with room for modernization. Security posture is moderate with HTTPS and DNSSEC but lacks explicit security headers and updated libraries, which could pose risks. Privacy compliance is weak due to absence of privacy and terms of service pages, though a cookie consent mechanism is present. Overall, the site is functional and trustworthy for its scale but would benefit from improved security and compliance measures.

M

Marijke Rosmolen Fotografie

marijkerosmolen.nl

0

Marijke Rosmolen Fotografie is a small local photography business based in Ridderkerk, Netherlands, specializing in funeral photography and related event photography services. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as HTML5, CSS, and JavaScript. The business targets individuals and families seeking respectful and professional photography services for funerals and life events. The website presents a professional design with clear navigation and relevant content, although it lacks some compliance elements such as privacy and cookie policies. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but could be improved by adding security headers and incident response information. Overall, the website is legitimate and functional but would benefit from enhanced privacy compliance and security best practices.

S

Schiedam viert 750

schiedamviert750.nl

0

Schiedam viert 750 is a government-backed initiative by the Gemeente Schiedam to celebrate the 750th anniversary of the city in 2025. The website serves as a hub for event information, news, and community engagement related to the anniversary celebrations. It targets residents and visitors interested in cultural and historical events in Schiedam. The business model is centered on public cultural programming and community involvement, supported by local government and sponsors. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience.

I

International Bank Note Society

theibns.org

0

The International Bank Note Society (IBNS) operates as a non-profit educational organization focused on the study and knowledge of worldwide banknotes and paper currencies. Established in 1961, it serves a global membership base of over 2,000 members across more than 90 countries. The website provides educational content, membership benefits, and publications such as a quarterly journal. The organization targets banknote collectors and numismatists, offering resources to support their interests and collections. Technically, the website is built on an outdated Joomla! 1.5 CMS platform, which poses security risks due to lack of support and updates. The site uses JavaScript libraries including MooTools and integrates Google Analytics and Google Tag Manager for tracking. The design and user experience are basic, with limited mobile optimization and accessibility features. Navigation is clear, but the site lacks modern performance and SEO optimizations. From a security perspective, the site uses HTTPS but lacks visible security headers and employs an outdated CMS version, increasing vulnerability exposure. There is no cookie consent mechanism despite the use of tracking scripts, and WHOIS data for the domain is malformed or unavailable, limiting trust verification. The site includes a login form but no advanced authentication features are evident. Overall, the security posture is moderate but requires improvements to reduce risk. The overall risk assessment suggests the IBNS website is a legitimate non-profit resource with moderate technical maturity and some security weaknesses primarily due to outdated infrastructure and incomplete privacy compliance. Strategic recommendations include upgrading the CMS, implementing security headers, adding cookie consent, and improving mobile and accessibility features to enhance trust and security.

I

IFSDA

ifsda.org

0

IFSDA (International Federation of Stamp Dealers Associations) is a non-profit organization established in 2000, headquartered in Switzerland, dedicated to promoting safe and honest trade of philatelic materials worldwide. The website serves as an informational platform for stamp dealers and collectors, providing event listings, membership information, and a contact portal. The organization positions itself as a reputable international federation with a focus on community and trust within the philatelic trade. Technically, the website is built on WordPress 5.7.12, utilizing common plugins such as ProfileGrid and The Events Calendar. It is hosted on Tophost.ch with HTTPS enabled, ensuring secure communications. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. The technical stack is modern but could benefit from enhanced security headers and DNSSEC implementation. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and security headers that could mitigate common web vulnerabilities. There is no evidence of a formal security policy, incident response contacts, or vulnerability disclosure mechanisms. Privacy compliance is partial, with a privacy policy present but no cookie consent or terms of service pages, which are recommended for GDPR compliance. Overall, the website is trustworthy and professional, with a clear business purpose and consistent WHOIS data supporting legitimacy. The site is safe for general audiences, with no adult or questionable content. Strategic improvements in privacy compliance, security hardening, and user engagement features would enhance its digital maturity and trustworthiness.

N

N.V.P.H. – Nederlandse Vereniging van Postzegelhandelaren

nvph.nl

0

N.V.P.H. – Nederlandse Vereniging van Postzegelhandelaren is a well-established Dutch association dedicated to stamp dealers and collectors. Founded in 1997, it offers a range of services including stamp catalogs, certification schemes, appraisal services, and organizes events for the philately community. The website serves as a central hub for members and enthusiasts, providing access to catalogs, news, and organizational information. The target audience primarily consists of stamp collectors and dealers within the Netherlands. The business model revolves around membership services and industry support.

K

Koninklijk Nederlands Genootschap voor Munt- en Penningkunde

koninklijkgenootschap.nl

0

The Koninklijk Nederlands Genootschap voor Munt- en Penningkunde is a Dutch royal society dedicated to numismatics, providing educational resources, events, and publications to enthusiasts and members. The website serves as an information hub with news, a calendar of events, a numismatic guide, and member login functionality. The society appears well-established with a domain age of over a decade and DNSSEC enabled, indicating a commitment to security. Technically, the site is built on WordPress with modern plugins like Elementor and Yoast SEO, and it integrates Google Analytics and reCAPTCHA for analytics and security. However, the site lacks visible privacy and cookie policies, which is a compliance gap. Security posture is good with HTTPS and DNSSEC, but could be improved by adding security headers and formal security policies. Overall, the site is professional, trustworthy, and serves a niche audience effectively.

The website nvmh.nl currently serves a security challenge page that blocks direct access to its content, indicating the presence of a Web Application Firewall or similar security mechanism. The domain is long-standing, registered since 2000, but the visible content is minimal and outdated, referencing legacy CMS versions such as Joomla 1.5 and WordPress 2.5. There is no accessible business information, contact details, or privacy and cookie policies, which limits the ability to assess the company's operations or compliance posture. The only external link points to bitninja.io, a security service provider, suggesting some level of security protection is in place. Overall, the site lacks modern technical and security best practices and provides a poor user experience due to the blocking mechanism.

F

Federatie TMV

federatie-tmv.nl

0

Federatie TMV is a well-established Dutch professional organization representing certified appraisers, brokers, and auctioneers specializing in movable goods. Founded in 1999, it serves as a national branch organization that certifies members, promotes quality standards, and provides educational resources. The website reflects a clear market position as a trusted certifying body with a focus on quality assurance and professional development. Technically, the site is built on WordPress with modern enhancements such as Google Analytics and reCAPTCHA, hosted by a reputable Dutch registrar with DNSSEC enabled, indicating good digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements can be made in cookie consent and formal security policies. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

Heritage Auctions operates as the world's largest collectibles auctioneer, specializing in a wide range of collectible categories including coins, comics, currency, art, luxury handbags, sports memorabilia, wine, historical items, books, and real estate. The company targets collectors and sellers seeking expert auction services, offering a comprehensive platform for consignments, bidding, and appraisals. Their market position is strong, supported by a large team of over 125 experts and a broad category coverage. The website reflects a mature business model focused on retail auction services with a global reach.

H

Heritage Auctions Belgium

ha-europe.be

0

Heritage Auctions Belgium operates as a specialized auction house focusing on collectibles such as coins, stamps, art, militaria, and jewelry. The company offers free appraisals, expert valuations, and facilitates international auctions with a broad customer base of 1.8 million worldwide. The website is professionally designed, multilingual, and provides detailed information about auctions, experts, and services, positioning the company as a credible player in the collectibles auction market. Technically, the website uses standard web technologies including JavaScript, jQuery, and Google Tag Manager for analytics and marketing. The site is mobile-optimized with good SEO practices, though it uses an outdated jQuery version which could be modernized. Hosting and domain registration are consistent with the business profile, and the site employs HTTPS with a cookie consent mechanism compliant with GDPR. From a security perspective, the website demonstrates good practices such as HTTPS and cookie consent but lacks visible security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Recommendations include updating JavaScript libraries, adding security headers, and publishing formal security and incident response policies to enhance trust and compliance. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements in security transparency and technical modernization would further strengthen its posture.

T

The Artistic Design Studio

theartisticdesignstudio.nl

0

The Artistic Design Studio is a small creative design business based in the Netherlands, founded in 2022. The company offers personalized and professional design services including branding, graphic design, photography, and website development. The website is built on WordPress using Elementor and integrates Google Analytics via Google Tag Manager. The technical infrastructure is modern and the site is mobile optimized with good SEO practices. Security posture is solid with HTTPS and DNSSEC enabled, but lacks security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Contact is primarily via a web form with no explicit emails or phone numbers displayed. Overall, the site is professional and trustworthy but could improve privacy and security transparency.

H

Holidays

tripstodiscover.com

0

Holidays.com is a professional travel discovery website offering inspirational travel content including articles, galleries, and videos aimed at vacation planners and travel enthusiasts. The site positions itself as a leading platform in travel inspiration with curated content on destinations, hotels, resorts, and travel tips. Technically, the website is built on WordPress with modern front-end technologies such as Alpine.js and Adobe Fonts, and integrates Google Tag Manager and Analytics for tracking. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and secure forms but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced compliance and protection. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, though the website content and structure appear trustworthy and professional. Overall, the site scores well on content quality and business credibility but should improve privacy compliance and security posture.

T

Tripadvisor

tripadvisor.ca

0

The website tripadvisor.ca is a regional domain of Tripadvisor, a globally recognized travel and hospitality platform founded in 2002. Tripadvisor provides travel reviews, hotel and restaurant bookings, and attraction guides targeting travelers and tourists. The domain registration data aligns with the business's Canadian presence and shows a long-established registration, supporting legitimacy. However, the provided HTML content is blocked by a security mechanism, likely a Web Application Firewall (WAF) or anti-bot challenge, preventing access to actual site content and limiting analysis. Technically, the domain uses multiple DNS providers including AWS and Google Cloud DNS, indicating a robust infrastructure. The presence of captcha-delivery.com scripts and iframe suggests active bot mitigation strategies. Due to content blocking, no detailed assessment of SEO, performance, or accessibility could be performed. No privacy, cookie, or terms of service policies were detected in the provided content, nor were contact details or forms visible. From a security perspective, the domain uses HTTPS (implied by the URL), but no security headers or policies were observable in the limited content. The WHOIS data shows no privacy protection, consistent registrant information, and a domain age appropriate for the business. No vulnerabilities or exposed sensitive data were detected, but the lack of visible security policies and contact information is a gap. Overall, the website is legitimate and associated with a major enterprise in the hospitality sector, but the current content is inaccessible due to security controls. This limits the ability to evaluate content quality, privacy compliance, and user experience. Strategic recommendations include improving transparency by publishing privacy and cookie policies, adding contact and incident response information, and enabling DNSSEC for enhanced DNS security.

Stash Rewards operates a loyalty program focused on independent and boutique hotels, offering travelers the ability to earn points redeemable for free nights at unique properties across North America and the Caribbean. The company positions itself as a top-rated loyalty program for discerning travelers who prefer authentic, non-chain hotel experiences. The website is professionally designed with clear navigation, mobile optimization, and integrated social media and marketing tools, reflecting a mature digital presence. Technically, the site leverages modern web technologies including React, Google Analytics, Facebook Pixel, and Sentry for error tracking. The use of HTTPS and cookie consent mechanisms indicates attention to security and privacy compliance, although explicit security headers and incident response policies are not evident. The absence of WHOIS data for the domain is a notable anomaly that impacts trustworthiness, though the website content and business information appear legitimate and professional. Security posture is generally good with encrypted communications and monitoring tools, but could be improved by publishing security policies, implementing security headers, and establishing a vulnerability disclosure program. Overall, the site presents a trustworthy and user-friendly platform for its target audience, but domain registration transparency should be addressed to enhance credibility.