Security Directory

W

Weiße Flotte

weisse-flotte.de

0

Weiße Flotte operates as a regional transportation and tourism company specializing in passenger ferry and sightseeing boat services around the German islands of Rügen, Hiddensee, and the city of Stralsund. The company offers a variety of ferry routes, special excursions, and online ticketing services, targeting tourists and local travelers seeking convenient and scenic water transport options. The website is built on TYPO3 CMS and utilizes Cloudflare DNS services, indicating a modern and stable technical infrastructure. Google Tag Manager is employed for analytics and marketing purposes, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and formal privacy and cookie policies, which are areas for improvement. Overall, the website is professional, well-branded, and trustworthy, but could enhance compliance and security transparency to better align with GDPR and industry best practices.

R

Rheinfähre Maul GmbH

rheinfaehre.de

0

Rheinfähre Maul GmbH operates a regional car ferry service connecting Ingelheim and Oestrich-Winkel across the Rhine river in Germany. Established in 1968, the company has a longstanding presence in the transportation sector and was recently acquired by the Flensburger Reederei FRS, a reputable shipping group. The website provides detailed operational information including schedules and tariffs, targeting local commuters and tourists. Technically, the site is built on WordPress with modern plugins for SEO, maps, and galleries, and implements GDPR-compliant cookie consent mechanisms. Security posture is adequate with HTTPS and cookie controls, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the WHOIS data supports the legitimacy of the domain and business. Overall, the site reflects a professional and trustworthy transportation service with good digital maturity.

F

FRS Elbfähre Glückstadt Wischhafen GmbH

frs-elbfaehre.de

0

FRS Elbfähre Glückstadt Wischhafen GmbH operates a regional ferry service crossing the Elbe river in northern Germany, providing frequent and reliable transport for passengers and vehicles. The company emphasizes customer convenience with amenities such as free Wi-Fi and onboard refreshments, and is actively pursuing sustainable mobility initiatives to reduce emissions and increase capacity. The website is professionally designed using TYPO3 CMS, with good accessibility and SEO practices, and integrates Google Analytics and Tag Manager for performance monitoring. Security posture is solid with HTTPS and Cloudflare protection, though explicit security headers and incident response policies are not published. Privacy compliance is strong with comprehensive cookie and privacy policies aligned with GDPR. Overall, the site reflects a trustworthy and credible transportation business with a medium-sized operational scale.

F

FRS Syltfähre GmbH & Co. KG

frs-syltfaehre.de

0

FRS Syltfähre GmbH & Co. KG is a well-established regional ferry operator providing car and passenger ferry services between Havneby on Rømø and List on Sylt. The company operates up to 32 daily departures, catering primarily to tourists and travelers seeking reliable and comfortable transportation across the North Sea. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service information including booking, schedules, fares, and travel tips. The company is part of the larger FRS group, indicating a stable market position and operational backing. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating analytics tools such as Microsoft Clarity, Google Tag Manager, and Hotjar for user behavior insights. Hosting and DNS are managed via Cloudflare, enhancing performance and security. Accessibility features and SEO best practices are well implemented, contributing to a positive user experience across devices. From a security perspective, the site enforces HTTPS and uses reputable third-party services, with no evident vulnerabilities or exposed sensitive data. Privacy and cookie policies are clearly presented with consent mechanisms, aligning with GDPR requirements. However, explicit security headers and incident response policies are not prominently disclosed, representing an area for improvement. Overall, the website demonstrates a strong security posture, good privacy compliance, and solid business credibility. The risk level is low, with recommendations focusing on enhancing security header implementation, publishing incident response information, and maintaining vigilance on third-party scripts.

F

FRS Helgoline

frs-helgoline.de

0

FRS Helgoline operates a specialized high-speed ferry service connecting Hamburg, Brunsbüttel, and Cuxhaven to the offshore island of Heligoland in Germany. The company positions itself as a premium transportation provider offering comfort, speed, and convenience through its modern catamaran 'Halunder Jet'. The website supports this business model with integrated booking and check-in systems, detailed schedules, ticket pricing, and customer information. The target audience includes tourists and travelers seeking efficient and comfortable ferry transport to Heligoland. Technically, the website is built on TYPO3 CMS and leverages Cloudflare for DNS and CDN services, ensuring reliable hosting and performance. Analytics tools such as Microsoft Clarity and Google Tag Manager are employed for user behavior tracking and marketing insights. The site demonstrates good mobile optimization, accessibility features, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses Cloudflare's infrastructure, which enhances security and performance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present, and no public security policy or incident response contacts are found. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the website is professional, trustworthy, and well-aligned with the business's transportation services. There are no indications of suspicious activity or content safety concerns. Strategic improvements could focus on enhancing security headers and publishing formal security policies to further strengthen trust and compliance.

F

FRS Clipper

clippervacations.com

0

FRS Clipper operates the Clipper Vacations website, providing passenger-only ferry services between Seattle, WA and Victoria, BC, along with hotel packages, day trips, and tours such as whale watching. The company holds a strong regional market position in the Pacific Northwest travel and transportation sector, targeting leisure travelers and groups. Their business model integrates transportation with hospitality services, offering bundled packages and affiliate programs to expand reach. Technically, the website is built on WordPress with Bootstrap framework, leveraging modern analytics and marketing tools including Google Tag Manager, Facebook Pixel, PostHog, and Bing Ads. The site is mobile-optimized with good SEO practices and structured data enhancing search visibility. Performance is moderate with room for optimization. Security posture is solid with HTTPS enforced and secure form handling, though there is room to improve HTTP security headers such as Content-Security-Policy and X-Frame-Options. No critical vulnerabilities were detected in the visible code. Privacy compliance is basic with a clear privacy policy and terms of service, but lacks a visible cookie consent mechanism. Overall, the website presents a professional, trustworthy, and user-friendly platform for travel bookings. The absence of WHOIS data is a minor concern but likely due to privacy protection. Strategic recommendations include enhancing security headers, implementing cookie consent, and continuous monitoring of third-party scripts to maintain security and compliance.

F

FRS Portugal, Unipessoal LDA

frs-portugal.pt

0

FRS Portugal is a small transportation company specializing in river cruises and boat tours on the Rio Tejo in Lisbon, Portugal. It offers a variety of services including daytime sightseeing cruises, sunset cruises, group reservations, and corporate events aboard modern vessels. The company is part of the larger FRS World family, positioning itself as a reputable local operator with a strong focus on tourism and customer experience. The website is professionally designed, multilingual, and provides clear booking options and detailed information about routes and points of interest. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and integrates Google Tag Manager for analytics. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

The website www.belgiantrain.be represents NMBS, the Belgian national railway company providing train transportation services. The site is positioned as a national public transportation portal targeting general train travelers in Belgium. However, the current accessible content is blocked by a Cloudflare Turnstile CAPTCHA challenge, preventing direct content access and limiting detailed analysis. The website uses modern security mechanisms like CAPTCHA to prevent automated access, indicating a focus on security, but lacks visible privacy and cookie policies on the landing page. The WHOIS data is not publicly available due to domain registration policies, which is typical for .be domains and large organizations. Overall, the business is a large enterprise in the transportation sector with consistent branding but limited accessible content for deeper evaluation.

K

Komwag, podnik čistoty a údržby města, a.s.

komwag.cz

0

Komwag, podnik čistoty a údržby města, a.s., is a large Czech company providing comprehensive municipal services across the Czech Republic, including waste management, green maintenance, and cleaning services primarily targeting municipalities, government bodies, and private sector clients. The company positions itself as a reliable and professional service provider with a broad portfolio and a strong local presence. The website reflects a mature digital presence with clear branding, extensive service descriptions, and accessible contact information. Technically, the site uses modern web technologies including the cPilot CMS, UIkit framework, and integrates Google Tag Manager for analytics. It is well optimized for mobile devices and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data, but lacks explicit security policies or incident response contacts. The absence of WHOIS data limits domain trust assessment, but the professional website and contact details support legitimacy. Overall, the site is secure, compliant with privacy regulations, and professionally maintained, though improvements in security transparency and WHOIS data availability are recommended.

F

FRS GmbH & Co. KG

frs.world

0

FRS GmbH & Co. KG is a well-established international ferry operator with a history dating back to 1866. The company operates approximately 70 vessels worldwide, providing passenger and freight ferry services across Europe, North Africa, North America, and the Middle East. Their business model includes diversified maritime services such as offshore logistics, port management, crewing, and maritime consultancy, positioning them as a leading specialist in the ferry shipping industry. The website reflects a professional and consistent brand presence with comprehensive information about their subsidiaries and services. Technically, the website is built on TYPO3 CMS, employs modern web technologies including responsive design and WebP images, and integrates Google Tag Manager for analytics. The site is mobile-optimized and accessible, with clear navigation and SEO-friendly metadata. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers and explicit security policies are not evident. The WHOIS data is privacy protected, limiting transparency on domain registration details; however, the website's professional presentation, linked subsidiaries, and social media presence support its legitimacy. No WAF or blocking mechanisms were detected, and the site content is safe for general audiences. Overall, FRS demonstrates a mature digital presence aligned with its business stature, though improvements in security policy transparency and security headers could enhance trust and compliance further.

R

Rideer Nordic Oy

synergybus.se

0

SynergyBus, operated by Rideer Nordic Oy, is an online platform specializing in connecting taxi and bus companies with customers seeking transportation services in the Nordic region. The website positions itself as a leading marketplace for order traffic, offering a large volume of daily offer requests and facilitating business growth for transport providers. The platform's business model revolves around generating and managing transportation service quotes, targeting primarily taxi and bus operators. The company is relatively young, founded in 2022, and maintains a consistent brand presence with trust certifications and EU co-funding indicators. Technically, the website employs a modern tech stack including Bootstrap for responsive design, jQuery, FontAwesome icons, and integrates multiple analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Ahrefs Analytics. The site is mobile-optimized with good SEO practices but lacks some accessibility features and advanced security headers. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks DNSSEC, security headers, and formal privacy or cookie policies, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security governance. The WHOIS data is consistent with the business claims, showing a legitimate domain registration without privacy protection, appropriate domain age, and active status. Overall, SynergyBus presents a professional and functional online presence with solid business credibility but requires enhancements in privacy compliance and security best practices to strengthen its risk posture and regulatory adherence.

R

Ridee Nordic Oy

bokabuss.nu

0

Bokabuss.nu is a Swedish transportation service platform that enables users to request and compare quotes for bus and minibus transportation across Sweden. The company, operated by Ridee Nordic Oy, has been active since 2011 and maintains a medium-sized presence in the Nordic transportation market. The website is professionally designed with a clear user journey for submitting transport requests and accessing operator offers. Technically, the site uses modern frameworks such as Bootstrap and jQuery, integrates Google Analytics and marketing tools, and employs Cloudflare for hosting and security. The cookie consent mechanism is comprehensive and GDPR compliant, reflecting a mature approach to privacy. Security posture is good with HTTPS enforced, though some security headers could be improved and DNSSEC is not enabled. No critical vulnerabilities or suspicious patterns were detected. Overall, the site is trustworthy, professional, and well-positioned in its market niche.

C

CFL multimodal

cfl-mm.lu

0

CFL multimodal is a Luxembourg-based logistics and transportation company specializing in rail freight, multimodal hubs, and comprehensive logistics services. It operates as part of the CFL Group, providing sustainable and efficient freight solutions across Europe. The website reflects a professional and well-structured digital presence with clear service offerings and a focus on environmental responsibility. Technically, the site uses modern web technologies including jQuery, Bootstrap, FontAwesome, and integrates analytics tools such as Google Tag Manager and Matomo. The security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security headers and policies are not evident. The absence of WHOIS data limits domain trust assessment, but the overall business credibility is supported by consistent branding and social media presence. Privacy compliance is well addressed with GDPR-aligned policies and cookie management.

S

SNCB-NMBS International

b-europe.com

0

SNCB-NMBS International operates a professional online platform for booking international train travel across Europe, including services for Eurostar, TGV INOUI, ICE, and other major train operators. The website targets European travelers seeking convenient ticket purchasing and travel planning, offering additional services such as Interrail passes and special tickets for bikes and dogs. The platform is built on a modern technology stack including C#, JavaScript, and Sitecore CMS, with integration of Google and Facebook APIs and a robust consent management system for GDPR compliance. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are lacking. The absence of WHOIS domain registration data is a notable concern, potentially indicating a subdomain usage or incomplete WHOIS information. Overall, the website presents a trustworthy and user-friendly experience for its target audience, but would benefit from enhanced transparency in domain registration and security disclosures.

A

Associazione nazionale Pionieri dell'Aeronautica

pionieriaeronautica.org

0

The Associazione nazionale Pionieri dell'Aeronautica is Italy's oldest aeronautical association dedicated to promoting and preserving the history and culture of Italian aeronautics. The website serves as an informational and cultural platform targeting enthusiasts, members, and the general public interested in aeronautical heritage. Technically, the site is built on WordPress using the Divi theme and Slider Revolution plugin, with Google Analytics integrated for visitor tracking. The site is accessible, mobile-optimized, and presents a professional design with clear navigation. Security posture is moderate, with HTTPS enabled but lacking explicit security headers and detailed privacy policies. The absence of WHOIS data limits full trust verification of the domain registration, which slightly impacts overall credibility. Strategic improvements in security headers, privacy compliance, and domain transparency would enhance trust and compliance.

A

Associazione Trasvolatori Atlantici

trasvolatoriatlantici.it

0

The Associazione Trasvolatori Atlantici website serves as the official online presence for a small non-profit association focused on the history and commemoration of transatlantic aviators. The site provides historical content, galleries, and information about cruises and events related to aviation history. The business model is cultural and educational, targeting enthusiasts and members of the association. The website is built on Joomla! CMS with the JA T3 Framework, indicating a moderate level of technical maturity but with basic design and content quality. Security posture is adequate with HTTPS and DNSSEC enabled, but lacks security headers and privacy compliance documentation. No contact information or forms are present, limiting user engagement and trust signals. Overall, the site is functional but could benefit from enhanced privacy, security, and user experience improvements.

A

Aittakoodi Oy

synergybus.fi

0

SynergyBus, operated by Aittakoodi Oy, is a Finnish web platform specializing in connecting taxi and bus companies with customers seeking chartered transportation services. The platform aggregates over 15,000 annual booking requests, positioning itself as a leading service in the Finnish transportation sector. The website offers features such as daily email notifications of new requests, the ability to advertise available fleet capacity, and tools to foster long-term customer relationships. The business targets transportation operators and customers within Finland, emphasizing efficiency and market reach.

R

Rideer Nordic Oy

tilausajot.net

0

Tilausajot.net, operated by Rideer Nordic Oy, is a well-established Finnish online platform specializing in competitive bidding for charter taxi and bus transportation services. Founded in 2011, it serves a broad audience including private individuals, companies, and associations across Finland. The platform facilitates efficient request and offer management, supported by a growing network of transportation providers. Technically, the website employs modern web technologies including Bootstrap, jQuery, Google Maps API, and Cloudflare for security and performance. It integrates comprehensive analytics and marketing tools such as Google Analytics, Facebook Pixel, and Hotjar, balanced with a detailed cookie consent mechanism ensuring GDPR compliance. Security posture is strong with HTTPS enforced and Cloudflare protection, though some security headers could be improved. The domain registration is consistent and transparent, reinforcing business legitimacy. Overall, the site presents a professional, trustworthy, and user-friendly service with good privacy and security practices.

A

Aittakoodi Oy

tilaataksi.fi

0

Tilaataksi.fi is a Finnish online taxi booking platform operated by Aittakoodi Oy, providing customers with a convenient way to pre-book taxis and receive competitive offers from taxi operators across Finland. The service targets both private individuals and organizations, offering a streamlined multi-step form for detailed ride requests. The platform is supported by Rideer Nordic Oy and integrates with various third-party services for analytics, customer support, and hosting. Technically, the website uses modern frameworks like Bootstrap and jQuery, with performance and mobile optimization rated as good. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms in place. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business information presented on the site.

F

Finnair

finnair.fi

0

Finnair is a well-established Finnish airline providing passenger flights and travel services to over 80 destinations worldwide. The company holds a strong market position in Northern Europe and operates with a large-scale business model supported by subsidiaries such as Norra and Finnair Cargo. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation tailored to a general audience of travelers. The technical infrastructure leverages modern web technologies including Angular, Google Tag Manager, and Akamai CDN, ensuring fast performance and mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, although public incident response and vulnerability disclosure information are limited. Privacy compliance is well addressed with detailed policies and consent mechanisms aligned with GDPR requirements. Overall, the website and business demonstrate high professionalism and trustworthiness, despite the absence of WHOIS domain registration details which may be due to registry restrictions.

Savonlinja Oy is a well-established Finnish transportation company operating since 1924, providing scheduled bus routes, charter services, and travel packages primarily within Finland. The company targets general travelers and regional commuters, maintaining a strong market position with multiple subsidiaries and a recognized brand. The website reflects this with clear service offerings, travel booking forms, and active social media presence. Technically, the website uses a mix of legacy and modern technologies including AngularJS, jQuery, Bootstrap, and Google Fonts, with some outdated elements such as the legacy Google Analytics script. Security posture is moderate; HTTPS is used but no advanced security headers are detected, and privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security best practices.

P

PoriExpress

poriexpress.fi

0

PoriExpress is a Finnish regional transportation company specializing in affordable bus travel primarily between Pori and Helsinki, as well as seasonal travel packages to Lapland (Ylläs). The company targets general consumers seeking economical and convenient bus travel options and related accommodation services through partnerships. The website is professionally designed using WordPress with modern SEO and content management plugins, providing a good user experience and clear navigation. Technical infrastructure is solid with HTTPS and standard WordPress technologies, though some security headers are missing. Contact information is clearly provided, but privacy compliance could be improved with cookie consent mechanisms and more detailed security policies. Overall, the site is trustworthy and well-positioned in its niche.

OnniBus operates as a leading Finnish bus ticket sales platform, offering affordable and reliable bus travel across Finland and to international destinations such as the Baltics and Poland. The company positions itself as a well-known and cheerful brand in the Finnish transportation market, providing various ticketing options including season passes and reward programs. The website is professionally designed with good mobile optimization and clear navigation, supporting a positive user experience. Technically, the site employs modern analytics and consent management tools such as Google Analytics, Microsoft Clarity, and Cookiebot, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response contacts. The absence of WHOIS data is a notable anomaly, potentially due to privacy protection or recent domain registration, but the website content and business presence support legitimacy. Overall, the site demonstrates a strong business and technical foundation with moderate risk due to incomplete WHOIS transparency.

L

lux-airport

lux-airport.lu

0

Luxembourg Airport operates as a key regional transportation hub offering passenger and cargo air services with over 100 destinations and 14 airlines. The airport provides comprehensive services including parking, transport options, shopping, dining, and special assistance, targeting travelers and business passengers. The website demonstrates a mature digital presence with multilingual support, modern technologies, and strong branding consistency. Technical infrastructure is based on WordPress with integrations for analytics, accessibility, and cookie compliance. Security posture is solid with HTTPS and privacy mechanisms, though explicit security headers and incident response policies are absent. WHOIS data is unavailable, limiting domain trust verification, but the professional website and official social media presence support legitimacy. Overall, the airport's digital platform is well-structured, user-friendly, and compliant with GDPR, serving its audience effectively.

F

FRS Finland

frs-finland.fi

0

FRS Finland is a regional ferry and charter cruise operator serving the Helsinki Metropolitan Area and surrounding archipelago destinations. The company offers a range of services including scheduled ferry routes, VIP and group cruises, seasonal passes, and gift cards. It holds sustainability certifications and is part of the FRS Group, indicating a solid market position in transportation services. The website is built on TYPO3 CMS, employs modern web technologies, and integrates Google Tag Manager and Analytics for marketing and performance tracking. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, accessible, and trustworthy, supporting a positive user experience.

J

JT-Line Oy

jt-line.fi

0

JT-Line Oy is a Finnish small-sized transportation company specializing in ferry and charter cruise services in the Helsinki archipelago. The company operates authentic paddle steamer ferries and water buses, emphasizing sustainable travel by using renewable biofuels and promoting inclusivity. Their market position is niche but well-defined, targeting tourists, families, and groups seeking maritime experiences in the Helsinki region. The website reflects a professional and consistent brand image with clear service offerings and certifications such as Sustainable Travel Finland and Ekokompassi. Technically, the site is built on WordPress with modern SEO and analytics tools integrated, including Google Tag Manager and Facebook Pixel, supported by a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS enforced, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and privacy compliance is well addressed. Contact information is comprehensive, supporting business credibility.

T

Turun seudun joukkoliikenne

foli.fi

0

Turun seudun joukkoliikenne (Föli) operates as the primary public transportation provider in the Turku region, Finland. The website serves as a comprehensive portal for bus schedules, route planning, ticketing, and real-time transit updates, targeting residents and visitors of the region. Föli maintains a strong market position as a regional transit authority, supported by partnerships with seven municipalities. The business model is public service oriented, focusing on accessibility and user convenience.

O

Oulun seudun liikenne

oulunjoukkoliikenne.fi

0

Oulun seudun liikenne operates as a regional public transportation authority in Finland, providing bus schedules, ticketing, and travel information primarily for the Oulu region. The website serves residents and travelers with relevant transit data and customer service resources. The business model focuses on public transport facilitation with digital tools such as the OSL app and integration with partner services like Waltti for ticket purchases. Technically, the website is built on WordPress, leveraging modern web technologies including jQuery, Google Tag Manager, and Cookiebot for consent management. The site demonstrates good SEO and accessibility practices with responsive design and clear navigation. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Privacy compliance is partially met with a detailed cookie consent mechanism but lacks a clearly accessible privacy policy or terms of service. Overall, the website is professional, trustworthy, and well-aligned with its public service mission, though improvements in transparency and security documentation are recommended.

Lahden seudun liikenne operates as the official public transportation authority for the Lahti region in Finland, providing comprehensive bus route information, timetables, ticketing options, and customer service. The website serves as a key digital touchpoint for residents and visitors seeking transit information. The company holds a solid market position as a regional transport provider with a clear focus on accessibility and user convenience. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Tag Manager, and Cookiebot for consent management. The site demonstrates good performance, mobile optimization, and accessibility features, ensuring a positive user experience across devices. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed through a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website reflects a mature digital infrastructure supporting a trusted public service entity.

N

Nysse, Tampereen seudun joukkoliikenne

nysse.fi

0

Nysse is the public transportation service provider for the Tampere region in Finland, offering responsible and evolving transit solutions to residents and visitors. The website reflects a regional public service entity with a clear focus on accessibility, user convenience, and compliance with privacy regulations. The technical infrastructure leverages modern web technologies including jQuery, Bootstrap, and Cookiebot for cookie consent management, alongside Matomo for analytics, indicating a mature digital presence. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though the absence of a published security policy and incident response contact suggests room for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting the organization's public service mission effectively.

V

VR-Yhtymä Oyj

vrgroup.fi

0

VR Group is a Finnish state-owned enterprise specializing in transportation, logistics, and maintenance services, with a strong focus on sustainable and carbon-neutral rail and urban mobility solutions. The company operates multiple business units including long-distance rail, urban transport, logistics, and fleet care, serving both consumer and corporate clients. Their market position is significant within Finland and parts of Sweden, supported by a 160-year history and a clear commitment to environmental responsibility. The website reflects a mature digital presence with multilingual support and comprehensive corporate information. Technically, the site employs modern web technologies, including JavaScript frameworks, Google Tag Manager, and Cookiebot for consent management, ensuring good performance, accessibility, and SEO optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers and vulnerability disclosure policies are absent. Overall, the domain registration and WHOIS data align well with the company's profile, confirming legitimacy and trustworthiness. The site is safe for general audiences with no adult or questionable content detected.

OnniBus operates as a leading Finnish bus ticket sales platform, providing affordable and reliable bus transportation services across Finland and to neighboring countries. The website offers a user-friendly online booking system, promotional offers, and partnerships with other transportation providers such as Eckerö Line. The company targets travelers seeking cost-effective and convenient bus travel options. Technically, the website employs modern analytics and tracking technologies including Google Analytics, Microsoft Clarity, and Cookiebot for consent management, ensuring compliance with privacy regulations. Security posture is solid with HTTPS enforced and session management in place, though explicit security headers and incident response information are lacking. The absence of WHOIS data for the domain is a notable anomaly that slightly diminishes trust but does not detract from the professional presentation and functionality of the site. Overall, OnniBus presents a mature digital presence with good privacy compliance and a strong market position in the Finnish transportation sector.

L

Littlepay

littlepay.com

0

Littlepay is a specialized payments infrastructure provider focused on transit and mobility sectors, offering modular systems for contactless open loop fare collection. The company positions itself as a key player in improving payment experiences for transit operators and mobility services. The website reflects a mature business with a professional digital presence, leveraging modern marketing and analytics tools such as HubSpot, Google Tag Manager, and Visual Website Optimizer. The technical infrastructure is built on WordPress, hosted with Amazon-related services, and employs HTTPS with a valid SSL certificate, ensuring secure communications. However, the site lacks explicit privacy and terms of service policies, which are critical for compliance and user trust. Security posture is generally good with domain protections in place, but could be improved by enabling DNSSEC and adding security headers. Overall, the website is professional and trustworthy but would benefit from enhanced transparency on privacy and security policies.

The website hsl.fi represents HSL Helsingin seudun liikenne, the Helsinki Regional Transport Authority responsible for public transportation services in the Helsinki metropolitan area. The domain is registered consistently with the organization's identity and has been active since 2009, aligning with the business history. However, the website content is currently inaccessible due to a Cloudflare Turnstile human verification challenge, preventing direct content analysis. This limits visibility into the site's privacy policies, contact information, and user experience. The technical infrastructure includes Cloudflare as a security and performance provider, indicating a modern approach to web delivery and protection. Security posture is difficult to fully assess due to the blocking, but the use of Cloudflare suggests baseline protections are in place. Overall, the site is legitimate and trustworthy based on WHOIS data and domain age, but the current access restrictions significantly reduce the ability to evaluate content quality, privacy compliance, and security details.

T

Trapeze Finland Oy

junalahdot.fi

0

The website junalahdot.fi is an official Finnish transportation information service operated by Trapeze Finland Oy under the Fintraffic brand. It provides real-time train departure and arrival schedules for all passenger train stations in Finland, leveraging live train movement data. The site targets the general public and train passengers, offering a user-friendly interface with search and favorites functionality. The domain registration and WHOIS data are consistent with the business identity and location, indicating legitimacy and stability. Technically, the website uses a modern tech stack including Bootstrap, FontAwesome, OpenLayers, and jQuery, with Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and designed with good usability and navigation clarity. However, some security best practices such as security headers are not visibly implemented, representing an area for improvement. The site enforces HTTPS and does not expose sensitive data, contributing to a solid security posture. From a security and compliance perspective, the site includes a comprehensive privacy policy consistent with GDPR requirements and a cookie consent mechanism. No explicit incident response or vulnerability disclosure policies are found on the site, which could be enhanced to improve transparency and security readiness. No critical vulnerabilities or suspicious patterns were detected. Overall, junalahdot.fi is a trustworthy, well-maintained public service website with good technical and business credibility. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and maintaining transparency in data protection practices to further strengthen trust and compliance.

A

Aittakoodi Oy

pikavuorot.fi

0

Pikavuorot.fi is a Finnish transportation price comparison website operated by Aittakoodi Oy, founded in 2015. The platform aggregates and compares prices and schedules for bus and train travel across multiple Finnish transportation providers, including major companies such as VR, Matkahuolto, Onnibus, and airlines like Finnair and Norwegian. It serves a general audience seeking convenient travel planning and ticket purchasing options within Finland. The website enjoys a moderate market position as a leading price comparison tool in its niche. Technically, the site employs a modern but somewhat dated technology stack including Bootstrap 3, jQuery, DataTables, and Socket.io for real-time data updates. It integrates multiple third-party services for fonts, advertising, and analytics, including Google Adsense and Facebook SDK. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. From a security perspective, HTTPS is used, but explicit security headers are not detected in the provided data. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is basic, with a cookie consent banner and a privacy policy page present, but no detailed security or incident response policies are published. Contact information is limited to an email address, with no phone or physical address provided. Overall, Pikavuorot.fi presents a trustworthy and functional service with room for improvement in security hardening, privacy transparency, and expanded contact options. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing comprehensive policies, and improving user trust signals.

P

Perille Mobility Services Oy

perille.fi

0

Perille Mobility Services Oy operates Perille.fi, a Finnish travel ticket service that aggregates and facilitates the purchase of train, bus, and flight tickets across Finland. The platform integrates multiple major transport providers, offering door-to-door trip planning and a user-friendly interface without requiring app downloads or registration. The service targets travelers within Finland seeking convenient and comprehensive travel options. Technically, the website is built on modern frameworks such as Next.js and React, with integrations for analytics and payment processing. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a reliable platform for travel planning and ticket purchasing.

P

Perille Mobility Services Oy

matkakeisari.fi

0

Matkakeisari.fi is a Finnish travel ticket price comparison and booking platform operated by Perille Mobility Services Oy, founded in 2015. The service aggregates bus and train schedules and prices from major Finnish transport providers, enabling travelers to find the cheapest and fastest routes and purchase tickets conveniently. The website is well-designed, mobile-optimized, and uses modern web technologies including React and Next.js. It integrates Google Analytics and Tag Manager for analytics and marketing purposes. Security posture is solid with HTTPS and security headers implemented, though no explicit security or incident response policies are published. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, the website provides a trustworthy and user-friendly service for Finnish public transport travelers.

V

VR-Yhtymä Oyj

vr.fi

0

VR.fi is the official digital platform for VR-Yhtymä Oyj, Finland's primary railway operator. The website offers comprehensive services for domestic train travel including ticket sales, travel information, and customer support. It targets Finnish residents and visitors seeking sustainable and comfortable rail travel options. The company holds a strong market position as the national rail service provider with a large operational scale and a focus on environmental responsibility. Technically, the website is built on modern web technologies including React and Next.js, integrated with Contentful CMS for content management. It demonstrates excellent performance, mobile optimization, and accessibility. The site employs Google Tag Manager and Convertexperiments for analytics and A/B testing, with appropriate cookie consent mechanisms in place. From a security perspective, the site enforces HTTPS and includes standard security headers, ensuring a secure browsing experience. However, it lacks a dedicated security policy or incident response page and does not publish a vulnerability disclosure or security.txt file, which could enhance transparency and trust. Overall, VR.fi presents a professional, trustworthy, and user-friendly platform aligned with its business goals. Strategic improvements in security transparency and incident response communication are recommended to further strengthen its security posture and compliance.

M

Matkahuolto

matkahuolto.fi

0

Matkahuolto is a well-established Finnish transportation and parcel service provider offering bus schedules and parcel services for both businesses and private individuals across Finland. The website reflects a professional and consistent brand presence with clear service offerings targeted at a general audience. The technical infrastructure is modern, leveraging Gatsby and React frameworks, and integrates Google Tag Manager for analytics and marketing purposes. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced, but lacks some advanced security headers and explicit security policies. Privacy and cookie policies are not detected, indicating room for compliance improvements. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy of the website.

W

Waltti Solutions

waltti.fi

0

Waltti Solutions Oy is a Finnish company specializing in digital ticketing and payment solutions for public transportation. Their offerings include a mobile ticketing app, travel card management, and contactless payment integration, serving multiple Finnish cities. The company holds a strong market position as a leading provider in this niche, with a business model targeting both end-users and municipal transport authorities. The website reflects a mature digital presence with good content quality and user experience, supporting their business objectives effectively. Technically, the site is built on WordPress with modern libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent compliance, though some security headers could be improved. Overall, the domain registration data aligns well with the business, indicating high legitimacy and trust. The site is free from blocking or WAF challenges, allowing full content access and analysis.

S

Saaristolautat.fi

saaristolautat.fi

0

Saaristolautat.fi is a specialized informational website providing ferry routes and schedules for the Finnish archipelago, including the Turku archipelago and Åland Islands. The site targets travelers and residents needing up-to-date ferry information for over 40,000 islands serviced by approximately 50 ferries and 200 docks. The business model is primarily informational, serving as a public utility platform rather than a commercial enterprise. The website is relatively small in scale, founded in 2017, and operates with a niche focus on regional transportation. Technically, the website employs a modern web stack including HTML5, CSS3, JavaScript with jQuery, Bootstrap for responsive design, FontAwesome for icons, and integrates Google Maps API for route visualization. Hosting appears to be provided by Domainhotelli, a Finnish hosting provider. The site is mobile optimized and has good SEO practices, though accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance given its European audience. No contact information or incident response details are provided, limiting transparency and trust. The WHOIS data shows the domain is registered to a private person rather than an organization, which is somewhat inconsistent with the public service nature of the site but not necessarily suspicious. No WAF or blocking mechanisms are detected, and the site content is fully accessible. Overall, the website is functional and provides valuable regional transportation information but would benefit from improved security practices, privacy compliance, and clearer business contact details to enhance trust and regulatory adherence.

Å

Ålandstrafiken

alandstrafiken.ax

0

Ålandstrafiken is a regional transportation company operating ferry and bus services in the Åland Islands, Finland. The website serves as an informational portal for residents and visitors seeking public transport options. The company appears to be a medium-sized essential entity within the transportation sector, with a clear focus on regional mobility services. The website is built on Drupal 10 and integrates modern technologies such as Matomo for analytics and CookieYes for cookie consent management, reflecting a moderate level of digital maturity. Accessibility is enhanced through the BrowseAloud tool, indicating attention to inclusive design. Security posture is solid with HTTPS enforced and standard security headers present, although explicit privacy and security policies are missing. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

I

Istra Bike

istria-bike.com

0

Istra Bike is an official regional cycling tourism portal for the Istria region in Croatia, providing comprehensive information on bike trails, accommodation, events, and related services. The website targets cycling tourists and outdoor enthusiasts, positioning itself as a key resource for promoting cycling tourism in the area. The platform offers detailed trail information, event calendars, multimedia content, and service listings such as bike rentals and transport. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, Slick Carousel, and Lightbox2, ensuring a responsive and user-friendly experience. The site is served over HTTPS and includes cookie consent mechanisms, indicating awareness of privacy regulations. However, some security best practices such as explicit security headers and detailed security policies are missing. From a security perspective, the site maintains a good baseline with HTTPS and cookie consent but lacks advanced security headers and incident response information. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and partner affiliations suggest legitimacy. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professionally designed and functional, with good content quality and user experience. The main risk lies in the missing WHOIS registration data, which slightly reduces trustworthiness. Strategic improvements in security headers, transparency policies, and domain registration clarity are recommended to enhance trust and compliance.

F

FIVA (Fédération Internationale des Véhicules Anciens)

fiva.org

0

FIVA (Fédération Internationale des Véhicules Anciens) is a globally recognized non-profit organization dedicated to the protection, preservation, and promotion of historic vehicles. Established in 1966 and active in over 80 countries, FIVA serves millions of historic vehicle enthusiasts worldwide and holds a consultative partnership with UNESCO. The organization offers membership services, event support, advocacy on legislation, and maintains a comprehensive document library to support the historic vehicle community. Their website reflects a professional and well-structured digital presence, emphasizing community engagement and education. Technically, the website employs modern JavaScript libraries such as Livewire (Laravel), GSAP, and Swiper.js, alongside Google reCAPTCHA v3 for form security. The site is mobile-optimized, fast-loading, and includes SEO best practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not published. Analytics and marketing tools like Google Analytics and Facebook Pixel are used with user consent. The WHOIS data for the domain is unavailable or malformed, which limits the ability to fully verify domain registration legitimacy. Despite this, the website's professional design, clear contact information, and active social media presence support its credibility. No adult or questionable content is present, making the site safe for general audiences. Overall, FIVA's website demonstrates a mature digital infrastructure suitable for its global non-profit mission, with room for improvement in transparency around security policies and domain registration details.

L

Liikenne- ja viestintävirasto Traficom

matka.fi

0

Liikenne- ja viestintävirasto Traficom operates the Matka.fi service, an official Finnish government platform providing comprehensive door-to-door route planning that integrates multiple transportation modes. The website serves the general public and travelers within Finland, offering detailed route and schedule information to facilitate efficient travel planning. As a government entity, Traficom holds a strong market position as the authoritative source for transportation information in Finland. Technically, the website employs modern web technologies including React and Apollo GraphQL, ensuring a responsive and accessible user experience across devices. The site demonstrates good SEO practices and integrates privacy-conscious analytics via Matomo. Mobile optimization and accessibility features are well implemented, supporting broad user inclusivity. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or suspicious content were detected, indicating a solid security posture appropriate for a government service. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie consent requirements. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and adding vulnerability disclosure mechanisms to further strengthen trust and security maturity.

F

Fintraffic

digitraffic.fi

0

Digitraffic is a Finnish public service platform operated by Fintraffic that provides real-time open data and APIs for road, railway, and marine traffic in Finland. It serves developers, transport operators, and public sector entities by offering comprehensive traffic data sourced from Fintraffic's own data collection systems. The website is professionally designed with consistent branding and clear navigation, supporting both Finnish and English languages. Technically, the site uses modern JavaScript frameworks and includes privacy-compliant cookie consent mechanisms. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, Digitraffic presents a trustworthy and reliable service for open traffic data in Finland.

The website www.palautevayla.fi serves as a customer service and feedback platform for transportation services in Finland. It targets Finnish-speaking users seeking to provide feedback or obtain information related to public transportation. The site is positioned as an essential public sector service portal, offering key services such as customer feedback submission and information search. The business model is focused on public service facilitation rather than commercial activities. Technically, the website employs AngularJS and Bootstrap frameworks, indicating a moderately modern frontend infrastructure. The site is hosted securely with HTTPS and demonstrates good SSL configuration. Performance and mobile optimization are adequate, though accessibility features could be improved. SEO is basic but functional. From a security perspective, the site enforces HTTPS and includes some security headers, but lacks advanced headers like CSP and HSTS. No vulnerabilities or exposed sensitive data were detected. However, the absence of a security.txt file and explicit privacy or cookie policies indicates room for compliance improvement. Overall, the website is trustworthy and professionally maintained, but would benefit from enhanced privacy compliance and clearer contact information to improve user trust and regulatory adherence.

L

Liikenne- ja viestintävirasto Traficom

finap.fi

0

The website finap.fi serves as the National Access Point (NAP) for mobility service data in Finland, operated by Fintraffic Oy under the mandate of the Finnish Transport and Communications Agency (Traficom). It provides a centralized platform for mobility service providers to submit essential digital data and for developers to access this data to build integrated mobility solutions. The site is well-positioned as an official government service with a clear focus on transportation data and digital service facilitation. Technically, the website employs modern web technologies including React, Bootstrap, and Leaflet for mapping, alongside analytics tools like Piwik Pro (Matomo) and a comprehensive cookie consent management system by Cookie Information. Hosting appears to be on Amazon AWS infrastructure, ensuring reliable performance and scalability. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers are not detected in the provided data, suggesting room for improvement in hardening the security posture. No vulnerabilities or exposed sensitive data were found. The WHOIS data confirms the domain's legitimacy, registered to a Finnish government agency with consistent information and a long registration period. Overall, finap.fi is a trustworthy, government-backed platform with solid technical implementation and privacy compliance. Strategic recommendations include enhancing security headers, improving accessibility features, and maintaining regular audits of third-party scripts to sustain a strong security posture.