Security Directory

R

Regentalbahn GmbH

vogtlandbahn.de

0

The website www.laenderbahn.com/vogtlandbahn/ represents the Vogtlandbahn, a regional passenger rail service operating in the Vogtland region of Germany. It is part of Regentalbahn GmbH and affiliated with the parent company Netinera. The site offers comprehensive information on train schedules, ticketing options, real-time departure data, and customer services, targeting regional travelers and commuters. The business model focuses on providing reliable and comfortable regional rail transport connecting multiple cities and towns. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. From a technical perspective, the site employs modern web technologies including JavaScript libraries, Matomo analytics, Google Tag Manager, and Facebook Pixel for tracking and marketing. It is built on Craft CMS and demonstrates good mobile optimization and accessibility features. Security is well addressed with HTTPS enforcement, security headers, and CSRF protection, though there is room for improvement in publishing explicit security policies and incident response information. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanisms aligned with GDPR requirements. Contact information is clearly provided, including phone numbers and physical addresses, enhancing business credibility. Overall, the website is a trustworthy and professional digital presence for a regional transportation provider. However, the absence of WHOIS registration details introduces some uncertainty about domain legitimacy, warranting further verification. Strategic recommendations include publishing a dedicated security policy, establishing a vulnerability disclosure program, and enhancing incident response transparency to further strengthen trust and compliance.

V

vlexx GmbH

vlexx.de

0

vlexx GmbH is a regional rail transport company operating in the German states of Rheinland-Pfalz, Hessen, and Saarland. The company provides passenger rail services with a focus on comfort, modern amenities, and sustainability. Their website offers comprehensive information on schedules, tickets, service, career opportunities, and leisure travel, targeting regional commuters and travelers. The company is positioned as a reliable regional transport provider with a medium-sized workforce and a solid market presence since its founding in 2014. The parent company is Netinera Deutschland GmbH, indicating a strong backing in the rail transport sector. Technically, the website is built on Craft CMS, uses modern JavaScript libraries, and is hosted behind Cloudflare, ensuring good performance and security. Privacy and cookie policies are present and GDPR compliant, though explicit terms of service and incident response policies are not found. Security posture is good with HTTPS and CSRF protections, but could be improved with additional security headers and vulnerability disclosure mechanisms. Overall, the website is professional, trustworthy, and well-structured for its audience.

O

Osthannoversche Eisenbahnen Aktiengesellschaft

ohe-ag.de

0

Osthannoversche Eisenbahnen Aktiengesellschaft (OHE) is a well-established transportation company based in Germany, specializing in regional rail and bus services primarily in Niedersachsen. Founded in 1944, OHE operates workshops and infrastructure services, positioning itself as a key regional player with a strong focus on reliability and customer satisfaction. The website reflects a professional digital presence with clear business information and a user-friendly interface. Technically, the site uses modern web technologies including Craft CMS, jQuery, and FontAwesome, hosted behind Cloudflare DNS services, and integrates Matomo for privacy-conscious analytics. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy, compliant with GDPR, and well-optimized for users.

O

ODEG – Ostdeutsche Eisenbahn GmbH

odeg.de

0

ODEG – Ostdeutsche Eisenbahn GmbH is the largest private railway operator in eastern Germany, providing regional passenger rail services. The company offers comprehensive information on schedules, fares, tickets, and customer service through its website. The business targets a broad audience including daily commuters and travelers in the region. The website demonstrates a moderate level of digital maturity, leveraging TYPO3 CMS and modern JavaScript libraries to deliver a responsive and user-friendly experience. Privacy compliance is well addressed with a comprehensive privacy policy and a cookie consent mechanism that includes retargeting disclosures. Security posture is adequate with HTTPS enforcement and no visible vulnerabilities, though the absence of a published security policy and incident response contacts suggests room for improvement. Overall, the website is professional, trustworthy, and aligned with the company's business objectives.

M

metronom Eisenbahngesellschaft mbH

der-metronom.de

0

metronom Eisenbahngesellschaft mbH operates regional passenger rail services connecting key northern German states including Niedersachsen, Hamburg, and Bremen. The company positions itself as a reliable regional transport provider with a focus on customer service, real-time travel information, and sustainable mobility. Their business model centers on providing scheduled train services, ticketing solutions, and substitute bus services during infrastructure works. The website reflects a medium-sized enterprise with consistent branding and a strong regional presence supported by partnerships with local transport authorities and the parent company Netinera. Technically, the website employs modern web technologies including Progressive Web App features, service workers, and integrates third-party widgets for travel planning. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with comprehensive metadata and structured content. From a security perspective, the site enforces HTTPS, uses standard security headers, and avoids exposing sensitive data. However, it lacks a dedicated security policy, incident response information, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and trust. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms aligned with GDPR. Overall, the website is professional, trustworthy, and well-suited for its audience. Strategic improvements in security transparency and incident response readiness would further strengthen its posture.

D

Die Länderbahn GmbH DLB

laenderbahn.com

0

Die Länderbahn GmbH DLB is a well-established private railway company operating regional passenger transport services in Germany and the Czech Republic. With a history spanning over 130 years and multiple regional brands such as alex, trilex, and vogtlandbahn, the company holds a strong market position in the transportation sector. It is a subsidiary of NETINERA Deutschland GmbH, indicating a solid corporate backing. The website provides comprehensive information about the company’s services, history, and career opportunities, targeting both customers and potential employees. Technically, the website is built on a modern CMS platform (Craft CMS) and employs various analytics and marketing tools including Matomo, Google Tag Manager, Facebook Pixel, and Hotjar. The site is mobile-optimized with good SEO practices and a clear navigation structure. Security measures such as HTTPS and CSRF tokens are implemented, though some security headers and explicit incident response policies are absent. From a security and compliance perspective, the website includes a detailed privacy policy and cookie consent mechanism compliant with GDPR. However, the absence of WHOIS data for the domain raises questions about domain registration transparency, although the website content and branding strongly support legitimacy. No critical vulnerabilities or adult content were detected, and the site maintains a professional and trustworthy online presence. Overall, the website reflects a mature digital presence for a transportation company with good technical and privacy practices. Strategic improvements in security headers and public incident response information could further enhance trust and compliance.

L

Landesverkehrsgesellschaft Niedersachsen mbH (LNVG)

mobilotsin-niedersachsen.de

0

MOBILOTSIN is a regional initiative under the Landesverkehrsgesellschaft Niedersachsen mbH (LNVG) focused on supporting municipalities and counties in Lower Saxony, Germany, with innovative mobility concepts and the traffic transition. The website presents a professional and consistent brand image, offering services such as consulting, qualification courses, and events. The target audience primarily includes local government entities and stakeholders involved in mobility management. The digital infrastructure is built on the ProcessWire CMS with modern JavaScript libraries enhancing user experience. The site is mobile-optimized and well-structured, providing clear navigation and relevant content including event listings and newsletter subscription. From a security perspective, the website uses HTTPS and does not expose sensitive data in the HTML content. However, there is no evidence of advanced security headers or published security policies, and no cookie consent mechanism is present, which could be improved for better compliance. No analytics or tracking scripts were detected, indicating minimal user tracking. Contact information is clearly provided, enhancing business credibility. WHOIS data shows consistent domain registration with no privacy protection, aligning with the website's governmental affiliation. Overall, the website demonstrates a solid technical foundation and business credibility with room for improvement in privacy compliance and security best practices. The content is safe and appropriate for a general audience, with no adult or questionable material detected.

D

DPD

dpd.fr

0

DPD France operates as a major parcel delivery service provider, offering comprehensive shipping, tracking, and delivery management solutions for both professional and individual customers. The website reflects a mature digital presence with multilingual support and integration into the broader DPDgroup network. Technically, the site is built on WordPress with modern libraries such as jQuery and Bootstrap, ensuring responsive design and good user experience. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and fraud alert information, although explicit security policies and incident response details are not publicly disclosed. Overall, the site is trustworthy and professionally maintained, supporting DPD's market position in France and internationally.

D

DRiV

drivparts.com

0

DRiV is a company specializing in the manufacturing and distribution of quality automotive parts, targeting automotive professionals and parts buyers. The website presents a professional and consistent brand image with a focus on quality and safety in auto parts. Technically, the site is built on Adobe Experience Manager CMS and employs modern web technologies including jQuery, Vue.js components, and integrates tracking tools such as Google Tag Manager and Facebook Pixel. The site is accessible, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is moderate with HTTPS enabled but lacks visible security headers and formal privacy or cookie policies. The absence of WHOIS registration data is a significant concern, indicating potential issues with domain legitimacy or privacy protection. Overall, the site is functional and professional but requires improvements in privacy compliance and transparency to enhance trust and security.

L

Lease a Bike

lease-a-bike.de

0

Lease a Bike is a large German bike leasing service provider targeting companies, public employers, and employees. It offers a digital platform for bike leasing, enabling companies to provide bikes as employee benefits with minimal administrative effort. The company is affiliated with Volkswagen Financial Services AG and Pon.Bike, indicating strong market positioning and trust. The website is modern, well-designed, and optimized for mobile, featuring extensive customer testimonials and a comprehensive service offering. Technically, the site uses modern frameworks like Tailwind CSS, HubSpot forms, and Google Tag Manager, hosted behind Cloudflare DNS. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and policies are not fully documented. Privacy compliance is basic, with no explicit privacy or terms of service pages found in the provided content. Overall, the site is professional, trustworthy, and business-focused with a strong digital presence.

S

S-Bahn Berlin GmbH

sbahn-ebe.de

0

S-Bahn Berlin GmbH operates a dedicated online portal for managing the increased fare enforcement payments (Erhöhtes Beförderungsentgelt - EBE). The portal facilitates secure and quick payment of fines, submission of personalized tickets for review, and customer support for related inquiries. The website is professionally designed, mobile-optimized, and provides comprehensive FAQs and contact options, reflecting a mature digital presence for a public transportation entity. Technically, the site uses Drupal CMS, integrates UserCentrics for consent management, and employs Matomo for analytics, indicating a focus on privacy and compliance. Security measures include HTTPS, Content Security Policy with nonce, and CAPTCHA protections, contributing to a strong security posture. The domain WHOIS data is privacy protected but consistent with legitimate business use. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with GDPR and other regulations.

S

S-Bahn Berlin GmbH

abo-antrag.de

0

The website www.abo-antrag.de is an official online subscription management portal operated by S-Bahn Berlin GmbH, a medium-sized transportation company under Deutsche Bahn. It provides services for purchasing, managing, and canceling public transport subscriptions for Berlin and Brandenburg residents. The site is well-branded with official logos and integrates with partner domains such as sbahn.berlin and bahn.de. Technically, it is built on ASP.NET WebForms with modern JavaScript libraries and uses Adobe Analytics and Usercentrics for tracking and consent management, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and consent mechanisms but lacks explicit security policies and vulnerability disclosure information. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a general audience without any adult or questionable content.

B

BVG Jelbi

jelbi.de

0

Jelbi is a large-scale mobility platform operated by BVG Jelbi, integrating Berlin's public transport with various sharing services such as e-scooters, bikes, cars, and taxis. The website serves as an informational and promotional portal for the Jelbi app, targeting residents and visitors in Berlin. The business model focuses on providing a unified mobility experience through a single app, positioning Jelbi as a key player in Berlin's transportation ecosystem. Technically, the site is built on WordPress with the Divi theme, leveraging modern plugins and consent management tools like Didomi. The infrastructure is hosted on Cronon servers with proper HTTPS encryption and basic SEO optimizations. Security posture is solid with HTTPS and consent mechanisms, though explicit security headers and policies are absent. Privacy compliance is partial due to missing visible privacy and terms pages. Overall, the site is professional, trustworthy, and well-branded, with room for improvement in transparency and security documentation.

L

Landesnahverkehrsgesellschaft Niedersachsen mbH

lnvg.de

0

The Landesnahverkehrsgesellschaft Niedersachsen mbH (LNVG) is a government-affiliated organization responsible for planning, financing, and managing public transportation services in the German state of Niedersachsen. The website serves as an information hub for passengers, transport operators, and stakeholders, providing comprehensive details on regional rail and bus services, funding programs, infrastructure projects, and regulatory frameworks. The company holds a significant market position as a key public transport authority in the region. Technically, the website is built on TYPO3 CMS, a robust and widely used content management system, ensuring maintainability and scalability. The site employs Matomo analytics with an opt-out mechanism, reflecting a moderate level of privacy awareness. The site is mobile-optimized, accessible, and SEO-friendly, with a clear navigation structure and professional design. From a security perspective, the site uses HTTPS with a Content-Security-Policy header, indicating good baseline security practices. However, it lacks explicit cookie consent mechanisms and published security or incident response policies, which are areas for improvement. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy, professional, and well-aligned with its public service mission. Strategic enhancements in privacy compliance and security transparency would further strengthen its posture.

N

NETINERA Deutschland GmbH

netinera.de

0

NETINERA Deutschland GmbH is a major transportation company in Germany, operating since 2004 in regional rail and bus services. It is a subsidiary of Trenitalia, part of one of Europe's largest transport groups. The company offers a broad portfolio of rail and bus transport services along with maintenance and infrastructure support. The website reflects a mature business with a clear market position and extensive subsidiary network. Technically, the site uses SITEFORUM CMS and Bootstrap 3, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent, but lacks visible security headers and explicit security policies. Overall, the site is professional, trustworthy, and compliant with GDPR, though improvements in security transparency and incident response readiness are recommended.

V

Verkehrsverbund Bremen/Niedersachsen GmbH (VBN)

vbn.de

0

Verkehrsverbund Bremen/Niedersachsen GmbH (VBN) operates as a regional public transportation authority providing integrated ticketing, timetable information, and mobility services across Bremen and Lower Saxony. The website serves a broad audience including commuters, families, students, and groups, offering comprehensive transport options and customer support. The business model focuses on facilitating seamless public transport usage through digital platforms and partnerships with transport operators. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery, Bootstrap, and Leaflet for interactive maps and widgets. The integration of HAFAS public transport widgets enhances user experience for timetable and ticketing queries. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and follows good security practices, though explicit security headers like Content-Security-Policy could be improved. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear GDPR-aligned policies and cookie management. Overall, the website presents a trustworthy, professional, and user-friendly platform supporting VBN's mission. Strategic improvements in security policy transparency and header implementation would further enhance its posture.

D

Dopravní koridor Poodří, z.s.

dopravnikoridorpoodri.cz

0

Dopravní koridor Poodří, z.s. is a Czech non-profit organization focused on advocating for transportation corridor development, particularly high-speed rail projects, in the Poodří region. The organization collaborates with multiple municipalities and regional authorities to influence infrastructure planning and environmental considerations. Their website serves as an information hub and communication platform for stakeholders and the public. Technically, the website is built on WordPress using the Avada theme and Fusion Builder framework, incorporating modern JavaScript libraries like Splide.js for interactive elements. The site is hosted under the REG-GRANSY registrar with consistent DNS settings. Performance and mobile optimization are good, though accessibility is basic. SEO practices are adequately implemented. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks explicit security headers and a vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, enhancing user trust. Overall, the website presents a professional and trustworthy front for the organization, with clear contact information and relevant content. Strategic improvements in security headers and incident response documentation could further strengthen their posture.

T

Tschudi Shipping Company AS

eml.ee

0

Tschudi Shipping Company AS is a well-established, family-owned Norwegian shipping and logistics group with a history dating back to 1883. The company offers a broad range of integrated services including shipping, ship management, transshipment, energy advisory, ocean industries support, offshore wind support, logistics, and financial services. With offices in 12 countries and a strong presence in the Nordics, Baltic, and Continental Europe, Tschudi Group positions itself as a reliable partner for maritime and logistics solutions worldwide. Technically, the website is built on the Webflow platform, utilizing modern web technologies such as jQuery, Google Analytics, and Google Tag Manager. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Privacy and cookie policies are clearly presented with consent mechanisms, reflecting good privacy compliance practices. From a security perspective, the site uses HTTPS with good SSL configuration and anonymizes IPs in analytics. However, it lacks explicit security headers and does not provide a dedicated security policy or incident response contact information. The WHOIS data for the domain is incomplete or missing, which raises some concerns about domain registration transparency but does not directly contradict the legitimacy of the business given the strong branding and consistent subsidiary domains. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity. The main risks relate to domain registration transparency and the absence of detailed security policies. Strategic recommendations include enhancing security headers, publishing incident response contacts, and verifying domain registration details to improve trust and compliance.

P

PagFerry.com

pagferry.com

0

PagFerry.com is a small Croatian website providing up-to-date ferry schedules, real-time ferry status, weather forecasts, and webcam feeds for the Prizna - Žigljen ferry route. It serves a niche audience of travelers and locals seeking reliable maritime transport information. The website is well-branded and consistent, with a clear focus on transportation services in the Croatian region. Technically, the site leverages modern web technologies including AMP for mobile optimization, jQuery, Bootstrap, and integrates third-party services such as Google Analytics and Facebook SDK for analytics and social media engagement. The site is mobile-friendly and offers a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and registers a service worker, but lacks visible security headers and explicit privacy or terms of service pages, which are areas for improvement. The WHOIS data for the domain is missing or indicates the domain may not be registered, which raises concerns about domain legitimacy despite the professional appearance of the site. Overall, the site is functional and useful but would benefit from enhanced security practices and verified domain registration to improve trustworthiness.

H

Hrvatske ceste d.o.o.

hrvatske-ceste.hr

0

Hrvatske ceste d.o.o. is a Croatian state-owned company responsible for the management, construction, reconstruction, and maintenance of the national road network. The website reflects its official status with consistent branding and clear presentation of its services and public information. The target audience includes government entities, contractors, drivers, and the general public interested in road infrastructure and related services. The company operates under the ownership of the Republic of Croatia, positioning itself as the authoritative body for state roads.

S

SHOEI CO., LTD.

shoei.com

0

SHOEI CO., LTD. is a globally recognized premium motorcycle helmet manufacturer with a strong market presence and a network of regional distributors worldwide. The website serves as a hub for worldwide distributor contacts and product information tailored to regional markets. The company targets motorcycle riders and distributors, emphasizing safety, design, and performance in its product offerings. Technically, the website employs modern JavaScript libraries and tracking tools, including Google Analytics, Facebook SDK, and Line Tag, indicating a mature digital infrastructure. The site is mobile-optimized with good navigation and professional design, though it lacks some privacy and security policy disclosures. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and incident response information suggests room for improvement. The WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not detract from the professional presentation and legitimacy of the business. Overall, the website is safe, professional, and functional, with recommendations to enhance privacy compliance and security transparency.

H

Hrvatski autoklub

hak.hr

0

Hrvatski autoklub (HAK) is a well-established national automobile club in Croatia, founded in 1997, providing a broad range of services including roadside assistance, travel and traffic information, driver education, and vehicle technical inspections. The website reflects a mature digital presence with comprehensive content tailored to drivers and vehicle owners in Croatia. The technical infrastructure leverages modern web technologies such as jQuery and Google Fonts, hosted with Cloudflare DNS, and includes a cookie consent mechanism aligned with GDPR requirements. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Overall, the website is professional, trustworthy, and serves its audience effectively.

Ž

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE

zuc-ls.hr

0

ŽUPANIJSKA UPRAVA ZA CESTE LIČKO-SENJSKE ŽUPANIJE is a Croatian regional government agency responsible for the management and maintenance of roads within Ličko-Senjska County. The website serves as an official communication channel providing public notices, procurement information, road maps, and contact details to residents, contractors, and stakeholders. The agency positions itself as a trusted authority in transportation infrastructure within the region. Technically, the website is built on WordPress with Elementor and several plugins, offering a modern, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS and security headers, though it lacks published security policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and serves its public function effectively.

L

Lika ceste d.o.o.

likaceste.hr

0

Lika ceste d.o.o. is a Croatian company specializing in the maintenance, protection, reconstruction, and construction of roads and related infrastructure, primarily serving the Gospić region. The company positions itself as a regional service provider focused on public roadways, offering key services such as road maintenance and winter services. The website reflects a medium-sized enterprise with a clear focus on transportation infrastructure, targeting local government entities and public road users. Technically, the website is built on WordPress using Bootstrap for responsive design, enhanced with several JavaScript libraries including jQuery, Owl Carousel, and Google Maps API. SEO is supported by the Yoast SEO plugin, and user interaction is facilitated through Contact Form 7 with Google reCAPTCHA v3 for spam protection. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response information. No vulnerability disclosure or security.txt files are present, indicating room for improvement in transparency and security maturity. Overall, the website is professional and trustworthy with moderate tracking and analytics usage. It is safe for general audiences and does not contain adult or questionable content. The domain registration data aligns well with the business identity, supporting legitimacy. Strategic improvements in security headers, incident response policies, and accessibility would enhance the site's security posture and compliance.

Lučka uprava Novalja is the official Port Authority for Novalja, Croatia, managing port infrastructure and providing public services related to maritime transport and port operations. The website serves as an information hub for public procurement, tariffs, projects, and user inquiries, targeting residents, businesses, and maritime users in the region. The business operates as a small government entity with a domain age consistent with its establishment in 2011. Technically, the website is built on WordPress with common plugins such as Smart Slider 3 and uses modern web fonts and responsive design, providing a good user experience and accessibility. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap for GDPR compliance. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy practices.

E

Ekstreemmoto OÜ

renditsikkel.ee

0

Renditsikkel is a small Estonian business specializing in the rental of KTM motorcycles and related riding equipment. The company operates a professional WordPress-based e-commerce website that showcases a variety of motorcycle categories and rental options. The business targets motorcycle enthusiasts and renters in Estonia, offering convenience and access to premium motorcycle models without ownership burdens. Technically, the website leverages modern WordPress plugins such as WooCommerce and Elementor, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

V

Valvoline

valvoline.ee

0

Valvoline.ee is the Estonian localized website for Valvoline, a globally recognized lubricant and automotive chemical brand with a history dating back to 1866. The website presents product offerings primarily focused on lubricants, coolants, and maintenance chemicals targeting automotive, industrial, and motorsports sectors. The site demonstrates a moderate level of digital maturity with use of common JavaScript libraries and Google Analytics for tracking. However, it lacks visible privacy and cookie policies, contact information, and security headers, which are important for compliance and trust. The website is accessible without WAF or blocking mechanisms, indicating no access restrictions. Overall, the site is professionally designed with good content relevance but could improve in privacy compliance and security posture.

S

Shoei Europe

shoei-europe.com

0

Shoei Europe operates as a premium motorcycle helmet manufacturer and distributor targeting European motorcycle riders and enthusiasts. The website showcases a professional and well-structured digital presence with a focus on product offerings, racing sponsorships, and customer services such as warranty and registration. The business model centers on manufacturing and retail distribution with a strong brand identity in the transportation sector. Technically, the website is built on WordPress with modern plugins for SEO and cookie management, delivering a good user experience with mobile optimization and structured data for enhanced search visibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of security headers and explicit security policies suggests room for improvement. The WHOIS data is unavailable, which raises minor trust concerns, but the overall website professionalism and content quality support legitimacy. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving transparency around data protection roles.

A

ATR International AG

dev-atr.de

0

ATR International AG operates as a global trade cooperation platform for leading distributors in the independent automotive aftermarket. Founded in 1967 and headquartered in Denkendorf, Germany, ATR facilitates collaboration among automotive spare parts distributors, manufacturers, suppliers, and independent multi-brand garages. The company focuses on purchasing coordination, digitisation, sustainable aftermarket development, and strategic steering committees, positioning itself as a key player in the automotive aftermarket sector with a strong shareholder base and international presence. The website reflects a professional and consistent brand image with clear communication of business purpose and services.

Integrirani promet zagrebačkog područja d.o.o. is a public sector company owned primarily by the City of Zagreb and two surrounding counties. It focuses on integrated passenger transport planning and management in the Zagreb metropolitan area. The website serves as an informational portal presenting the company's mission, master plans, and news related to transportation projects. Technically, the site is built on an older WordPress version with common plugins such as Contact Form 7 and Google Maps integration. While the site is functional and provides relevant content, it uses outdated software versions that pose security risks. The security posture is basic with HTTPS enabled but lacks modern security headers and updated libraries. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is trustworthy and professional but requires technical and compliance improvements to enhance security and user trust.

O

OÜ Sahkar TT

sahkar.ee

0

OÜ Sahkar TT is a small Estonian company specializing in external network construction and large-scale earthworks, offering services such as material sales and transport, machine rental with operator, and trailer transport. The company targets businesses and clients requiring construction and logistics services within the region. The website is professionally designed using the Greativ CMS platform and incorporates modern JavaScript libraries for enhanced user experience. It is hosted by Zone Media OÜ and uses HTTPS to secure communications. However, the site lacks privacy and cookie policies, which are critical for GDPR compliance. Security headers are also missing, representing an area for improvement. Overall, the website is functional, safe, and trustworthy but could benefit from enhanced privacy and security measures.

T

Tirespot OÜ

tirespot.ee

0

Tirespot OÜ is a small Estonian company specializing in the retail and servicing of automotive tires and related products and services. The company operates primarily in Pärnu, Estonia, offering a wide range of tires including summer and winter tires, tire changes, rim sales and restoration, oil changes, and air conditioning services. The website reflects a well-established regional business with a clear focus on automotive maintenance and tire sales. The company holds a Gasellfirma certification, indicating strong business performance and growth. Technically, the website is built on the Greativ CMS platform and leverages modern web technologies including Google Tag Manager, Google Analytics, Facebook SDK, and lazy loading libraries. The site is mobile-optimized with good SEO practices and clear navigation. Hosting is provided by Zone Media OÜ, consistent with the Estonian business location. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, explicit security policies, incident response contacts, and advanced security headers are not evident. No security blocking or WAF challenges were detected, and no vulnerabilities were apparent from the content analysis. Overall, the website presents a professional and trustworthy online presence for a small automotive retail and service business in Estonia. Strategic improvements could include publishing a security policy, incident response information, and enhancing security headers to strengthen the security posture further.

E

Ekstreemmoto OÜ

ktm.ee

0

Ekstreemmoto OÜ operates the ktm.ee website, serving as a regional retailer specializing in KTM motorcycles and related riding gear in Estonia, with physical stores in Tallinn and Tartu. The website provides comprehensive product categories including onroad and offroad motorcycles, used bikes, powerwear, and rental services. The company targets motorcycle enthusiasts and buyers within Estonia, positioning itself as a trusted local dealer with a decade-long presence since 2010. Technically, the website is built on the Greativ CMS platform and integrates modern web technologies such as Google Analytics, Facebook SDK, and various JavaScript libraries to enhance user experience and marketing capabilities. The site is mobile-optimized and provides clear navigation and professional design.

I

IN LEASE

rentcarnow.cz

0

RentCarNOW is a Czech Republic-based car rental company offering a wide range of vehicles including compact cars, SUVs, microbuses, and luxury vehicles. The company provides flexible rental options for both short-term and long-term needs, including operational leasing services through a partner site. Their business model focuses on customer convenience with multiple pick-up locations and a professional service approach. The website is well-designed, mobile-optimized, and provides comprehensive information about their offerings and policies. Technically, the website is built using modern frameworks such as Next.js and React, ensuring good performance and accessibility. Security best practices are observed with HTTPS enforcement and appropriate security headers. However, the absence of a cookie consent mechanism and detailed incident response policies indicates room for improvement in privacy compliance and security transparency. The security posture is strong with no visible vulnerabilities or exposed sensitive data. The company maintains active social media profiles and provides clear contact information, enhancing trustworthiness. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy. Overall, RentCarNOW presents a professional and reliable service with a solid technical foundation and good security practices, though enhancements in privacy compliance and transparency are recommended.

T

TopBagre.sk

topbagre.sk

0

TopBagre.sk is a Slovakian small business specializing in the rental of excavators and mini-excavators along with related equipment. The website presents a professional and consistent brand image with a clear focus on its niche market within the transportation sector. The business targets individuals and companies requiring construction equipment rental services locally. Technically, the website is built on WordPress using Elementor and SEO plugins, with Google Analytics and Tag Manager integrated for visitor tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

F TRUCKS a.s.

fordtrucks.cz

0

F TRUCKS a.s. operates the official Czech website for Ford Trucks, providing comprehensive information and services related to new and used commercial trucks, servicing, financing, and after-sales support. The company targets commercial truck buyers and fleet operators within the Czech Republic, positioning itself as a key regional distributor and service provider for Ford Trucks. The website is professionally designed, localized in Czech, and integrates multiple social media channels to engage its audience. Technically, the website employs a modern technology stack including jQuery, Foundation framework, and various JavaScript libraries for UI and analytics. It uses multiple analytics and tracking services such as Piwik PRO, Microsoft Clarity, Google Tag Manager, and Facebook Pixel, indicating a mature digital marketing infrastructure. The site is hosted likely by REG-TELE3, consistent with the domain's Czech registration and nameservers. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security policies, incident response contacts, and security headers. No critical vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the business claims, showing consistency and legitimacy. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements in security policy transparency and security header implementation would enhance its security posture and compliance maturity.

I

IN LEASE

inlease.cz

0

IN LEASE is a Czech Republic based company specializing in operativní leasing, vehicle leasing, and fleet management services. The website presents a professional and well-structured digital presence targeting businesses and individual customers seeking leasing solutions. The company has been operating since 2015, with domain registration data consistent with its business claims. The technical infrastructure is built on WordPress CMS with modern tracking and analytics tools such as Google Tag Manager, Piwik PRO, and Microsoft Clarity, indicating a mature digital marketing approach. Security measures include HTTPS enforcement and use of Google reCAPTCHA, but lack explicit security policies or vulnerability disclosure mechanisms. Privacy compliance is basic with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the website is functional, secure, and credible but could improve transparency and compliance documentation.

K

KOSTAL Automobil Elektrik GmbH & Co. KG

kostal-automobil-elektrik.com

0

KOSTAL Automobil Elektrik GmbH & Co. KG is a globally recognized automotive supplier specializing in mechatronic and electronic components for electromobility and future vehicle user interfaces. The company positions itself as a worldwide leader with a strong focus on innovation, energy efficiency, and embedding people-centric solutions. Their product portfolio includes Comfort Electronics, Comfort Controls, and Drive Controls, targeting automotive manufacturers and partners. The website reflects a mature digital presence built on TYPO3 CMS, integrating modern technologies such as Google Tag Manager and Usercentrics for privacy compliance. The content is professionally curated, with clear navigation and multilingual support, indicating a well-established corporate identity. However, the WHOIS data for the domain is missing or indicates the domain is unregistered, which raises concerns about domain registration legitimacy despite the professional website content.

C

Carmigo Shop

carmigo.de

0

Carmigo Shop is a German e-commerce retailer specializing in high-quality automotive lubricants and accessories manufactured in Germany. The company positions itself as a reliable partner for both automotive and industrial lubricant needs, targeting vehicle owners and industrial clients primarily within Germany. The website reflects a niche market focus with a strong emphasis on product quality and customer service, supported by customer reviews and partnerships such as with the RGS Racing Team. Technically, the site is built on the Shopify platform using the Impulse theme, leveraging modern JavaScript modules and Shopify's payment infrastructure, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS enforced, cookie consent implemented, and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit privacy policies, terms of service, and contact information limits full compliance and trust. Overall, the site is professional and functional but could improve transparency and compliance documentation.

A

Autogamintojų ir importuotojų asociacija

agia.lt

0

AGIA (Autogamintojų ir importuotojų asociacija) is a Lithuanian automotive manufacturers and importers association established in 2024. The website serves as an informational and advocacy platform for its members, focusing on industry representation within Lithuania. The site is built on WordPress and employs common plugins such as Yoast SEO and Contact Form 7, indicating a moderate level of digital maturity. The technical infrastructure is standard for a small association, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and published security policies. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the website is professional and trustworthy but could improve transparency and security documentation.

I

Icelandair ehf.

icelandair.is

0

Icelandair ehf. operates a professional and comprehensive airline website targeting travelers primarily in Iceland, Europe, and North America. The company offers direct flights to over 25 European destinations and more than 20 in the United States and Canada, along with hotel and car rental bookings and package holidays. The website is well-branded, consistent, and provides a rich user experience with clear navigation and booking functionalities. The business is well-established, founded in 1937, and holds a significant market position in the transportation sector in Iceland. Technically, the website leverages modern web technologies including React and Next.js frameworks, and integrates major analytics and marketing tools such as Google Analytics, Google Tag Manager, and Bing Ads. The site is mobile-optimized, accessible, and SEO-friendly, ensuring good performance and user engagement. Security best practices are observed with HTTPS enforcement and appropriate security headers, although no explicit public security policy or incident response page was found. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms in place, indicating adherence to GDPR requirements. However, the absence of direct contact emails or phone numbers in the HTML and lack of a vulnerability disclosure program are areas for improvement. Overall, the website represents a trustworthy and professional airline business with a mature digital presence. The lack of WHOIS data is likely due to privacy protection, which is justified for a company of this size. Strategic recommendations include publishing a security policy, establishing a vulnerability disclosure channel, and enhancing transparency around data protection officer contacts to further strengthen trust and compliance.

W

W.A.G. payment solutions, a.s.

eurowag.com

0

Eurowag is a leading European provider of integrated mobility and payment solutions tailored for the transport industry. Their offerings include fuel cards, toll services, fleet management, tax refund services, alternative fuels, and eMobility solutions. The company targets transport companies and fleet operators across Europe, positioning itself as a comprehensive service provider with a large acceptance network and digital platforms to optimize transport business operations. The website reflects a mature digital presence with multi-language support and extensive service information. Technically, the website leverages modern web technologies including React, jQuery, and Webflow CMS, supported by Google Tag Manager for analytics and marketing. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a high level of digital maturity. Security best practices are observed with HTTPS enforcement and cookie consent mechanisms, although explicit security headers and incident response policies could be more transparent. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance indicators. Business credibility is reinforced by regulatory disclosures, investor relations presence, and professional content. The absence of WHOIS data is a limitation but does not detract significantly from the overall trustworthiness given the strong business signals. Overall, Eurowag presents a professional, secure, and user-friendly digital platform supporting its position as a key player in European transport payment and mobility solutions.

C

CCS

carnet.cz

0

CCS operates a professional website focused on advanced vehicle monitoring and fleet management solutions under the Carnet brand. The company targets businesses managing vehicle fleets, offering services such as location tracking, fuel consumption monitoring, and driving style analysis. The website content is well-structured, professionally designed, and optimized for mobile devices, reflecting a medium-sized enterprise operating primarily in the Czech Republic's transportation sector. Technically, the site uses MerlinCMS, modern web fonts, and integrates Cookiebot for cookie consent management, alongside analytics tools like Google Analytics and Hotjar. Security posture is moderate with room for improvement in security headers and explicit security policies. WHOIS data is unavailable, limiting domain trust analysis, but the website's professional presentation and partner domain references support legitimacy. Overall, the site is safe, compliant with cookie regulations, and suitable for its business audience.

C

Cyklostezka Bečva, z.s.

cyklostezkabecva.cz

0

Cyklostezka Bečva, z.s. operates a regional cycling and recreational trail along the Bečva river in the Czech Republic, targeting cyclists, tourists, inline skaters, and cross-country skiers. The organization focuses on providing safe, scenic routes with minimal motor traffic, supported by regional municipalities and tourism partners. The website reflects a small non-profit entity with a clear mission to promote outdoor activities and regional tourism. Technically, the website uses modern JavaScript libraries such as jQuery and Font Awesome, integrates Google Analytics and Tag Manager for visitor tracking, and is hosted on Wedos servers. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and formal privacy or terms of service pages. The WHOIS data confirms domain legitimacy with consistent registration details dating back to 2006, supporting the organization's credibility. Overall, the website is professional, trustworthy, and compliant with basic GDPR requirements, though improvements in security policies and accessibility could enhance its posture.

D

DRiV Incorporated

driv.com

0

DRiV Incorporated is a large, established global supplier specializing in innovative commercial vehicle products and aftermarket automotive parts. The company operates with a strong brand portfolio and a global footprint of over 80 locations, targeting automotive aftermarket customers and commercial vehicle industry professionals. Their website reflects a professional and modern digital presence, leveraging contemporary technologies such as React and Tailwind CSS, and integrates marketing and analytics tools like Google Analytics and Facebook Pixel. The site is well-structured, mobile-optimized, and provides comprehensive business information including privacy and terms policies. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are lacking. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trust but does not outweigh the professional presentation and content quality. Overall, the website demonstrates a mature digital infrastructure suitable for a large enterprise in the transportation sector.

E

Eberspächer Gruppe GmbH & Co. KG

eberspaecher-karriere.de

0

Eberspächer Gruppe GmbH & Co. KG is a well-established international family-owned company in the automotive industry, founded in 1865 and headquartered in Germany. The company operates as a leading system developer and supplier, focusing on innovation and sustainable mobility solutions. Their career website targets a broad audience including students, experienced professionals, and leadership candidates, offering diverse career paths in engineering, IT, sales, production, logistics, and management. The site emphasizes corporate values such as diversity, inclusion, and social engagement, reinforcing their market position and employer brand. Technically, the website is built on TYPO3 CMS with modern web technologies including jQuery, Bootstrap, and Flexslider. It is hosted on Microsoft Azure DNS infrastructure, ensuring reliable performance and scalability. The site is mobile-optimized, accessible, and SEO-friendly, with proper meta tags and structured navigation. Consent management is implemented via Usercentrics, supporting GDPR compliance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, security headers are not explicitly observed, and no public security policy or incident response contacts are provided. The WHOIS data aligns with the business claims, showing a consistent and transparent domain registration without privacy protection, appropriate for an enterprise entity. Overall, the website demonstrates a strong digital maturity with excellent content quality, good technical implementation, and solid privacy compliance. Strategic improvements could focus on enhancing security headers, publishing security policies, and establishing vulnerability disclosure channels to further strengthen trust and security posture.

E

Eberspächer Gruppe GmbH & Co. KG

eberspaecher.com

0

Eberspächer Gruppe GmbH & Co. KG is a well-established German automotive supplier specializing in exhaust technology, climate control systems, and automotive electronics. With a history spanning over 160 years, the company positions itself as a key player in clean and smart mobility solutions for the automotive industry. Their website reflects a professional and comprehensive corporate presence targeting automotive industry professionals and partners worldwide. The business model focuses on manufacturing and supplying components and systems to automotive OEMs and related sectors. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as jQuery and Bootstrap for responsive design and user experience. The site incorporates consent management via Usercentrics and Google Tag Manager for analytics and marketing. Performance and accessibility are good, with mobile optimization and SEO best practices implemented. However, some security headers are missing, and no explicit security policy or incident response information is publicly available. From a security perspective, the site enforces HTTPS and uses consent management, indicating a good baseline for privacy compliance. The absence of WHOIS data transparency is a notable concern, although the website content and branding strongly support legitimacy. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the security posture is solid but could be improved with additional headers and published policies. The overall risk assessment is moderate-low, with recommendations to enhance domain registration transparency, publish security policies, and implement a vulnerability disclosure program. These steps would strengthen trust and compliance, aligning with the company's professional image and industry standards.

M

Mubea E-Mobility Center GmbH

mubea-emobility-store.com

0

Mubea E-Mobility Center GmbH is a small local business based in Attendorn, Germany, specializing in the retail and consultation of e-mobility products, particularly e-bikes. The company targets consumers interested in sustainable transportation solutions and offers professional advice alongside a wide product selection. The website is built on the Wix platform, indicating a moderate level of digital maturity with a professional design and mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is basic, with no advanced security headers or policies detected, and privacy compliance is lacking due to missing privacy and cookie policies. Overall, the business presents a professional front but should address domain registration transparency and compliance documentation to enhance trust.

M

Mubea

mubea-shop.com

0

Mubea operates an e-commerce platform specializing in automotive spare parts, industrial products, and branded merchandise. The website targets automotive and industrial customers primarily in the United States and Germany, offering products such as coil springs, stabilizer bars, spring band clamps, and performance wheels. The platform supports user login and registration, indicating a B2B and B2C hybrid business model. Technically, the site is built on JavaServer Faces with jQuery and OmniFaces, providing a moderately optimized and mobile-friendly experience. Security posture is adequate with HTTPS usage and cookie consent mechanisms, but lacks visible advanced security headers and explicit incident response contacts. WHOIS data is unavailable, which slightly reduces trust but does not negate the legitimacy of the business presence. Overall, the website is professional, functional, and compliant with basic privacy regulations.