Security Directory

Fly4Free.cz is a Czech travel portal specializing in providing travel guides, tips, and discounted flight deals primarily through affiliate marketing partnerships. The website targets budget-conscious travelers seeking affordable flights, hotels, car rentals, and travel insurance. Established in 2014, it has a moderate market presence in the Czech Republic's travel media sector. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Fonts, and integrates third-party services such as Google Analytics, Adsense, OneSignal push notifications, and affiliate widgets from Pelikan.cz and Rentalcars.com. The site is hosted with WEDOS, a reputable Czech hosting provider, and uses HTTPS for secure communications. Security posture is adequate but could be improved by implementing security headers and publishing formal privacy and cookie policies. No direct company contact information or incident response details are provided, which limits transparency and compliance. Overall, the website is functional, content-rich, and moderately professional but has room for improvement in privacy compliance and security best practices.

P

Paletonoš

posilame.cz

0

Paletonoš.cz is an online platform specializing in comparing pallet transport services, offering users quick access to the most suitable shipping options including consolidated lines, additional deliveries, sea and air freight, as well as transshipment, storage, and fulfillment services. The website targets businesses or individuals involved in logistics and transportation within the Czech Republic. The platform operates in a niche market segment focused on pallet logistics and freight comparison. Technically, the site is built using Framer, with assets hosted on framerusercontent.com, and demonstrates basic mobile optimization and SEO practices. However, the absence of WHOIS registration data, privacy policies, contact information, and security headers indicates gaps in compliance and security posture. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the site presents a basic but functional business presence with room for improvement in security, privacy, and trust indicators.

ČD Nostalgie is a service operated under České dráhy, a.s., offering nostalgic railway experiences including historic train rides and museum visits across the Czech Republic. The website serves as a portal for event information, bookings, and visitor engagement, targeting railway enthusiasts and families. The company holds a strong market position as the national railway operator's nostalgic branch, providing unique cultural and leisure services. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Analytics, ensuring a responsive and user-friendly experience. The presence of cookie consent mechanisms and clear contact information reflects a basic level of privacy compliance. Security posture is moderate with HTTPS usage and cookie consent but lacks visible advanced security headers or published security policies. Overall, the site is professional, trustworthy, and well-aligned with its business purpose.

Igate is a well-established Latvian company specializing in road and infrastructure construction, founded in 1991. The company operates multiple asphalt plants, mineral material quarries, and a paving stone production facility, serving both public and private infrastructure projects. Their website reflects a professional presence with good content quality and consistent branding, targeting government and commercial clients in Latvia. Technically, the site is built on WordPress using legacy JavaScript libraries and includes Google Analytics and Tag Manager for tracking. Security posture is moderate with no HTTPS status visible in the provided data and missing security headers, which could be improved. Privacy policies exist but lack explicit consent mechanisms. Overall, the site is safe with no adult content and shows legitimacy consistent with the company's history and WHOIS data.

H

Hifour s.r.o.

balikonos.cz

0

Balíkonoš.cz, operated by Hifour s.r.o., is a Czech-based shipment management platform established in 2013. It offers a comprehensive suite of services including parcel and pallet shipping, packaging materials, lettershop and printing services, targeting businesses and individuals who require efficient shipment solutions domestically and internationally. The company positions itself as a reliable partner with a significant client base and shipment volume, leveraging partnerships with logistics providers to deliver competitive pricing and service variety. Technically, the website employs a modern tech stack with multiple analytics and marketing tools, hosted on WEDOS infrastructure, and built likely on the Nette framework. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and professional design. Security-wise, HTTPS is enforced and forms include validation and anti-spam measures; however, explicit security headers and published security policies are absent, which could be improved. Privacy compliance is partial, lacking cookie consent mechanisms and explicit GDPR statements. Overall, the website is legitimate, professionally maintained, and serves its business purpose effectively, though enhancements in security transparency and privacy compliance are recommended.

YAUTO.cz is a well-established Czech online automotive marketplace operated by Kurzy.cz, spol. s r.o., founded in 2005. The platform offers a large inventory of vehicles from both professional dealers and private sellers, targeting vehicle buyers and sellers primarily in the Czech Republic and Slovakia. The website features comprehensive vehicle listings, VIN checking services, and a mobile app, positioning itself as a leading autobazar in the region. Technically, the site employs modern web technologies including Google Fonts, Google Tag Manager, Gemius analytics, and DoubleClick advertising, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforcement, consent management for cookies, and no visible vulnerabilities, although no dedicated security or incident response pages were found. Overall, the site demonstrates a mature digital presence with good privacy compliance and trustworthy business indicators.

G

GOLD SERVICE s.r.o.

goldservice.cz

0

GOLD SERVICE s.r.o. is a well-established Czech logistics and freight forwarding company with over 30 years of experience. The company offers a comprehensive range of services including road, sea, and air transport, customs declarations, warehousing, and specialized logistics solutions. Their market position is that of a reliable local partner with a family business approach and a medium-sized operational scale. The website is professionally designed, multilingual, and provides clear contact information and customer testimonials, enhancing trustworthiness. Technically, the website uses a custom CMS developed by eBRÁNA s.r.o., employs modern web technologies such as responsive design, Google Fonts, and JavaScript libraries for enhanced user experience. Hosting is provided by WEDOS, consistent with the domain registrar. The site performs moderately well with good mobile optimization and basic accessibility features. From a security perspective, the website uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, security headers are minimal and could be improved to enhance protection. No explicit security policies or incident response contacts are published, and no vulnerability disclosure mechanisms are evident. No suspicious or vulnerable scripts were detected. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements in security headers and incident response transparency would further strengthen their security posture.

O

Odtahové vozy s.r.o

odtahovevozy.eu

0

Odtahové vozy s.r.o is a Czech-based company specializing in professional towing equipment and vehicles. Founded in 2021, it serves towing companies in the Czech Republic and Slovakia as an official representative of several reputable brands. The company offers a broad range of towing vehicles, accessories, and custom products through its website and e-shop, positioning itself as a trusted supplier in the transportation sector. The website is well-structured, professionally designed, and provides clear contact channels, enhancing customer engagement and trust. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Facebook Pixel for analytics and marketing. It features responsive design and basic accessibility, with a moderate performance profile. The site enforces HTTPS and includes a comprehensive cookie consent mechanism aligned with GDPR requirements, reflecting a mature digital presence. From a security perspective, the site demonstrates good practices such as secure forms and user consent management but lacks explicit security headers and detailed security policies. No vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable due to EURid privacy policies, but no suspicious indicators were found, and the domain appears consistent with the business claims. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance its security and user trust.

M

MOTO OLOMOUC R&V s.r.o.

bartonmotors.cz

0

MOTO OLOMOUC R&V s.r.o. is a Czech small business founded in 2020 specializing in the sale and servicing of motorcycles, scooters, electric scooters, and quads, primarily under the Barton Motors brand. The company targets both children and adult riders, offering a range of vehicles and branded rider equipment. Their market position is that of a reliable and professional partner with a strong focus on customer service and quality products. Technically, the website is built on a modern stack including Bootstrap, jQuery, and Google services, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers and policies are missing. The absence of WHOIS data reduces domain trust, but the website content and contact information appear legitimate and professional. Overall, the site is well-designed and user-friendly, supporting the company’s business goals effectively.

E

Element Fleet Management

elementfleet.com

0

Element Fleet Management is a leading global fleet management company specializing in intelligent mobility solutions and comprehensive fleet services. The company serves a broad range of industries with a focus on optimizing fleet costs, safety, and productivity. With over 1.5 million vehicles under management and thousands of clients, Element holds a strong market position in North America and Australia/New Zealand. Their business model centers on providing end-to-end fleet lifecycle services including acquisition, management, optimization, and remarketing. Technically, the website demonstrates a mature digital infrastructure utilizing modern JavaScript libraries, analytics tools, and video platforms. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. The use of multiple tracking and marketing tools indicates extensive user engagement monitoring, balanced with privacy compliance through clear policies and consent mechanisms. From a security perspective, the site enforces HTTPS and employs reCAPTCHA for form security. However, it lacks visible security headers and a public incident response or vulnerability disclosure policy, which are recommended for enhanced security posture. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain registration trust verification but does not detract from the overall legitimacy indicated by the website content and branding. Overall, Element Fleet Management presents a professional, trustworthy, and well-structured online presence suitable for its enterprise clientele. Strategic improvements in security transparency and WHOIS data availability would further strengthen trust and compliance.

E

Element Arval

elementarval.com

0

Element Arval is a global alliance specializing in fleet management solutions, managing over 4.5 million vehicles across 55 countries. The alliance leverages nearly three decades of partnership to deliver harmonized and customized fleet services, positioning itself as a worldwide leader in the transportation sector. Their business model focuses on strategic partnerships and tailored global fleet strategies to meet diverse client needs. Technically, the website is built on WordPress with Bootstrap and integrates modern tools such as Google Analytics and 6Sense for marketing and analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers and policies could enhance protection. Overall, the site is professional and trustworthy, with clear business focus and compliance with privacy regulations.

E

European Cyclists’ Federation

ecf.com

0

The European Cyclists’ Federation (ECF) is a well-established Brussels-based non-profit organization founded in 1983, dedicated to promoting cycling as a sustainable and healthy mode of transport across Europe. The website serves as a comprehensive platform for advocacy, event promotion, member networking, and resource dissemination, positioning ECF as the leading cycling federation in Europe with a broad membership base. The digital infrastructure leverages modern web technologies including Bootstrap, jQuery, GSAP, and integrates analytics and user tracking tools such as Google Analytics and Hotjar, all managed with a robust cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforcement, clientTransferProhibited domain status, and Cloudflare protection, although DNSSEC is not enabled and no explicit security.txt or vulnerability disclosure is present. Overall, the website reflects a professional, trustworthy, and user-friendly digital presence aligned with the organization's mission and audience.

The website suwer.pl represents a modern urban bike rental system operating in Suwałki, Poland, managed by ROOVEE S.A. The service offers 160 bikes across 17 stations, including standard, electric, and tandem bikes. The platform supports multiple languages and integrates with a dedicated mobile app for seamless rental and payment experiences. The business is positioned as a local transportation solution with EU co-financing, indicating public sector support and legitimacy. Technically, the site uses standard web technologies including jQuery, Google Maps API, and FontAwesome, with good mobile optimization and accessibility features. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements are recommended in DNSSEC and security headers. No critical vulnerabilities or suspicious elements were detected. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, providing clear contact information and user support channels.

Płocki Rower Miejski is a municipal bike rental service operated by ROOVEE S.A., offering a fleet of approximately 310 bikes across 31 stations in Płock, Poland. The service targets local residents and visitors, providing flexible bike rental options via a dedicated mobile application and SMS. The platform integrates with local city cards (PłocKArta) to offer benefits such as free initial ride time. The website is professionally designed with clear navigation, accessibility features, and multilingual support, reflecting a mature digital presence for a recently founded business (2023). Technically, the site uses modern web technologies including Google Maps API and FontAwesome, but relies on an outdated jQuery version and lacks some advanced security headers and DNSSEC, indicating room for technical improvement. Security posture is moderate with HTTPS enforced and cookie consent implemented, but no explicit security or incident response policies are published. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy, safe, and well-aligned with its business purpose.

N

Nextbike Polska S.A.

zielonogorskirowermiejski.pl

0

Zielonogórski Rower Miejski is a bike-sharing service operated under Nextbike Polska S.A., providing urban mobility solutions in Zielona Góra, Poland. The service offers bike rentals via a mobile app, supporting multiple languages and providing clear user guidance. The website is professionally designed with good content quality and clear navigation, targeting residents and visitors seeking alternative transportation. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics and Tag Manager for user tracking. Security posture is adequate with HTTPS enforced but lacks advanced security headers and published security policies. Privacy compliance is basic with visible privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy and functional with room for security and compliance enhancements.

Czeladzki Rower Miejski operates a local urban bike rental system in Czeladź, Poland, offering 50 modern bikes distributed across 4 stations. The service is integrated with the Roovee mobile application, enabling users to rent, pay, and manage rides conveniently. The business targets local commuters and visitors seeking flexible urban mobility solutions. The website demonstrates a solid digital presence with clear service descriptions, pricing, and user support contacts. Technically, the site uses modern web technologies including Google Maps API and FontAwesome, with responsive design and accessibility features. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies could be improved. Overall, the domain registration and WHOIS data align with the business claims, indicating legitimacy and trustworthiness.

KROTOWER is a localized urban bike rental service operating in Krotoszyn, Poland, offering flexible bike rentals without fixed stations. The service is supported by a mobile application available on iOS and Android platforms, enabling users to rent, pay, and manage their rides conveniently. The business partners with Roovee for system management, Autopay for payment processing, and Orange as a technology partner, positioning itself as a modern and user-friendly transportation solution in its market niche. Technically, the website employs a moderate technology stack including Bootstrap, jQuery, FontAwesome, and Google Maps API to deliver a responsive and functional user experience. While the site is mobile-optimized and well-structured, it lacks some advanced SEO and accessibility features. Performance is moderate, with room for improvement in loading speed and modern framework adoption. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but it lacks important security headers and published security policies. There is no visible cookie consent mechanism, which may impact GDPR compliance. Incident response and vulnerability disclosure information are absent, indicating areas for maturity improvement. Overall, the website and business present a trustworthy and professional image with clear contact information and regulatory documentation. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in security practices and privacy compliance would enhance the risk posture and user trust.

Żarskie Rowery is a localized urban bike rental service operating in Żary, Poland, managed by ROOVEE S.A. The service offers modern city bikes accessible via a dedicated mobile application and web panel, enabling users to rent and park bikes flexibly within designated zones. The business targets urban commuters and visitors seeking convenient, technology-enabled transportation solutions. The website reflects a consistent brand identity and provides clear user guidance, contact information, and partner affiliations, positioning it as a trustworthy local mobility provider. Technically, the website employs a modern tech stack including Bootstrap, jQuery, FontAwesome, and Google Maps API for interactive mapping. Hosting is managed via home.pl with standard performance and mobile optimization. However, the site lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in privacy compliance and security hardening. The WHOIS data confirms domain legitimacy and alignment with the business entity, supporting trustworthiness. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but the absence of security headers and incident response information reduces the overall security maturity. Privacy compliance is partial, with a privacy policy available but no cookie consent or explicit GDPR compliance indicators. Overall, the site is functional and professional but would benefit from enhanced security and privacy practices. Strategically, the business should prioritize implementing security headers, cookie consent, and publishing security policies to improve compliance and user trust. Enhancing analytics and marketing transparency could also support growth. The current risk level is moderate with no critical issues detected.

Śremski Rower Miejski (ŚRM) is a localized urban bike rental service operating in Śrem, Poland, managed by ROOVEE S.A. The service offers modern city bikes accessible via a dedicated mobile application or SMS, providing flexible rental and parking options within a defined service zone. The business targets urban commuters and visitors seeking convenient, eco-friendly transportation. The website is professionally designed with clear navigation and multilingual support, reflecting a focused and user-friendly digital presence. Technically, the site uses standard web technologies including Bootstrap, jQuery, FontAwesome, and Google Maps API, delivering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website and domain registration data align well, indicating a legitimate and operational business.

Toruński Rower Miejski, operated by ROOVEE S.A., is a medium-sized transportation service providing a bike-sharing system in Toruń, Poland. The service offers 360 standard bikes across 70 stations with options for short and long-term rentals, supported by a dedicated mobile application. The website is professionally designed, accessible, and provides comprehensive user information including pricing, FAQs, and legal documents. The business is well-positioned locally with partnerships including Orange and Autopay, enhancing its credibility and operational capabilities. Technically, the site employs modern web technologies such as Google Maps API and FontAwesome, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS and domain transfer protections, though improvements like DNSSEC and security headers are recommended. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the site reflects a trustworthy and professional business with a solid digital presence.

Polkowicki Rower Miejski (PRM) is a localized urban bike sharing service operating in Polkowice, Poland, managed by ROOVEE S.A. The service offers modern city bikes equipped with GPS and electronic locks, enabling users to rent bikes via a dedicated mobile app or SMS. The business model focuses on flexible, stationless bike rentals with clear pricing and deposit structures. The website is professionally designed, providing clear user guidance, contact information, and partner acknowledgments, positioning PRM as a trusted local transportation option. Technically, the website employs a modern but basic tech stack including Bootstrap, FontAwesome, jQuery, and Google Maps API. The site is mobile optimized and accessible with a cookie consent mechanism and privacy policy in place. However, some security best practices are missing such as DNSSEC and HTTP security headers, and the use of an outdated jQuery version poses potential risks. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and has domain transfer protections, but lacks published security policies or incident response contacts. The WHOIS data is consistent and transparent, reinforcing legitimacy. Overall, the site scores well on business credibility and privacy compliance but has room for improvement in security hardening. Strategically, PRM should focus on enhancing security posture by enabling DNSSEC, adding security headers, updating libraries, and publishing security policies. These steps will improve trust and resilience while maintaining a user-friendly and privacy-respecting service.

A

Artel

artel-solutions.biz

0

Artel is a French company founded in 2017 specializing in telematics solutions, likely targeting businesses in transportation and fleet management sectors. The website analyzed is primarily a login portal for their telematics platform, indicating a B2B service model focused on vehicle tracking and fleet management. The company's market position appears niche, serving specialized telematics needs. Technically, the website uses AngularJS and Angular Material frameworks and is hosted on AWS infrastructure, suggesting a modern but somewhat dated frontend technology stack. The site lacks public-facing content such as privacy policies, cookie consent mechanisms, or terms of service, which limits transparency and compliance visibility. Security posture is basic with no detected security headers or advanced protections, and no incident response or vulnerability disclosure information is available. Overall, the website is functional but lacks comprehensive security and privacy features, which could impact trust and compliance.

A

Arval

myarval.com

0

My Arval is a corporate login portal associated with Arval, a major player in vehicle leasing and fleet management services, part of the BNP Paribas group. The website serves existing customers across multiple countries, providing access to contract management and related services. The branding and content align with a professional transportation services business model targeting B2B and B2C clients. The platform is built using the OutSystems low-code framework, integrating common web technologies such as jQuery and Google Analytics for tracking and performance monitoring. Technically, the site demonstrates moderate digital maturity with HTTPS enforced and basic mobile optimization. However, it lacks visible security headers and comprehensive privacy or terms of service documentation, which are important for compliance and user trust. The absence of WHOIS registration data is a notable anomaly, potentially indicating privacy protection or technical issues with domain registration visibility. From a security perspective, the site uses secure forms with validation and cookie consent mechanisms, but it does not expose detailed security policies or incident response contacts. No vulnerabilities or malicious content were detected in the provided data. Overall, the security posture is moderate but could be improved by adding security headers, publishing privacy and terms policies, and providing clear contact information for security incidents. The overall risk is moderate due to the lack of WHOIS transparency and incomplete privacy documentation. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, adding vulnerability disclosure information, and improving accessibility and contact transparency to strengthen trust and compliance.

A

Arval BNP Paribas

arval.com

0

Arval BNP Paribas is a leading global provider of full-service vehicle leasing and innovative mobility solutions, operating as part of the BNP Paribas Group. The company targets businesses and fleet managers seeking sustainable and efficient vehicle leasing options, emphasizing corporate social responsibility and sustainable mobility. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with its corporate identity. Technically, the site is built on Drupal 10, integrates Google Tag Manager for analytics, and uses OneTrust for cookie consent management, indicating a modern and privacy-aware infrastructure. Security posture is strong with HTTPS enforcement, Content Security Policy with nonce, and cookie consent mechanisms, although explicit security policies and incident response contacts are not prominently published. The absence of WHOIS data is a notable anomaly but does not detract significantly from the site's legitimacy given the strong corporate signals and external references. Overall, the site is professional, secure, and compliant with privacy regulations, serving its business audience effectively.

A

ARVAL CZ s.r.o.

arvalauto.cz

0

ARVAL CZ s.r.o. operates a professional vehicle leasing and sales platform in the Czech Republic, specializing in operational leasing of new and used vehicles. The company targets both individual and business customers, offering a wide range of vehicle brands and flexible leasing options. The website is well-structured, with clear navigation and comprehensive content supporting the business model. Technically, the site employs modern JavaScript libraries and tracking tools, including Google Tag Manager and Adform, alongside a robust cookie consent mechanism ensuring GDPR compliance. Security posture is generally strong with HTTPS enforced and no exposed sensitive data, though the absence of explicit security headers suggests room for improvement. The lack of publicly available WHOIS data for the domain slightly reduces trust but is likely due to registry policies rather than malicious intent. Overall, the site presents a credible and professional digital presence for a medium-sized transportation leasing business.

Roovee S.A. operates a modern city bike rental system primarily in Poland, leveraging IoT technology, solar panels, and a mobile app to provide eco-friendly transportation solutions. The company positions itself as the only fully Polish bike sharing provider with a growing presence in multiple cities, supported by partnerships with technology leaders like Orange. The website reflects a mature digital infrastructure built on WordPress with SEO and analytics integrations, offering a good user experience and clear business information. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the business demonstrates credibility and compliance with GDPR, including a named Data Protection Officer. The domain registration data aligns well with the company's claims, supporting legitimacy.

I

International Brotherhood of Teamsters

teamster.org

0

The International Brotherhood of Teamsters website serves as the official online presence of one of North America's largest and most diverse labor unions. The site provides information on union campaigns, benefits, divisions, and news updates, targeting union members and the general public interested in labor issues. The organization's market position is strong, supported by a long-established domain and consistent branding. Technically, the site is built on WordPress with modern analytics and marketing tools integrated, including Google Tag Manager, Hotjar, and Facebook Pixel. The site is mobile optimized and SEO friendly, though performance is moderate. Security posture is adequate with HTTPS and Cloudflare DNS, but lacks DNSSEC and security headers, which are recommended for enhancement. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the website is professional and trustworthy but could improve in privacy transparency and security hardening.

C

CitizenPlane

citizenplane.com

0

CitizenPlane is a technology company providing an operating system and flight distribution platform tailored for airlines and tour operators. Their flagship products, Zenith and Air, enable airlines to optimize revenue, manage offers, and distribute flights through major online travel agencies and metasearch engines. The company positions itself as a global player with offices in France, Singapore, Brazil, and Panama, serving hundreds of airline customers worldwide. The website reflects a professional and modern digital presence built on Webflow, with strong branding and clear messaging focused on the airline industry. Technically, the website employs modern web technologies including Webflow CMS, Google reCAPTCHA for form security, and Amazon S3 for asset hosting. The site is mobile-optimized, fast-loading, and well-structured for SEO. However, some security best practices such as explicit security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site uses HTTPS and includes CAPTCHA protections on forms, indicating a baseline security posture. The absence of WHOIS data for the domain is a concern, suggesting either recent registration or privacy protection, which slightly reduces trustworthiness. No critical vulnerabilities or exposed sensitive data were detected. Privacy and terms of service documents are provided, indicating attention to compliance, though cookie consent is lacking. Overall, CitizenPlane's website presents a credible and professional business with a solid technical foundation. Strategic improvements in security headers, cookie consent, and transparency around domain registration would further strengthen trust and compliance.

T

Travel Technology Interactive

ttinteractive.com

0

Travel Technology Interactive is a medium-sized SaaS provider specializing in cloud-based airline passenger service systems and logistics management solutions. Their flagship product, Zenith, is a fully cloud-based passenger experience platform integrated into the CitizenPlane Operating System. The company targets mid-tier and fast-growing airlines globally, offering modular solutions to optimize airline operations, revenue, and distribution. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, the site runs on WordPress with common plugins and is hosted on AWS infrastructure, ensuring reliability and scalability. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some improvements are recommended such as updating outdated libraries and configuring analytics properly. The domain is long-established since 2002, consistent with the business history, and WHOIS data supports legitimacy. Overall, the website presents a trustworthy and professional image suitable for its B2B audience.

E

Eckerö Line

eckeroline.ee

0

Eckerö Line operates as a regional transportation company specializing in ferry line trips and day cruises between Tallinn and Helsinki, offering additional services such as car and hotel packages. The website reflects a mature digital presence built on the Magento eCommerce platform, integrating modern technologies and third-party services for analytics and marketing. The site is well-structured with good design quality and mobile optimization, providing a professional user experience. Security posture is solid with HTTPS enforcement and appropriate security headers, although explicit privacy and terms of service policies are not found in the provided content. Cookie consent is managed effectively through Cookiebot, indicating awareness of privacy compliance requirements. Overall, the domain registration data aligns with the business claims, supporting legitimacy and trustworthiness.

V

Veho Group Oy Ab

veho.fi

0

Veho Group Oy Ab is a well-established Finnish automotive company specializing in the sales, leasing, and servicing of Mercedes-Benz, smart, and BYD vehicles, including passenger cars and commercial vehicles. The company holds a strong market position as an authorized dealer and service provider in Finland, targeting both private consumers and professional clients. Their website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding. Technically, the site leverages modern frameworks such as Next.js and React, integrates Google Tag Manager and Cookiebot for analytics and consent management, and is hosted on reliable infrastructure with Elisa Oyj as the domain reseller and nameserver provider. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers could be verified further. Privacy compliance is robust, featuring detailed privacy and cookie policies with GDPR adherence. Overall, the website and domain registration data align well, indicating a trustworthy and legitimate business with a high level of professionalism and digital maturity.

E

Eckerö Line Ab Oy

eckeroline.com

0

Eckerö Line Ab Oy operates a professional and well-established ferry service between Helsinki, Finland, and Tallinn, Estonia. The company offers a range of services including passenger ferry trips, hotel packages, daycruises, onboard shopping, and cargo transport. Their market position is solid within the Baltic Sea transportation sector, targeting tourists, business travelers, families, and car travelers. The website reflects a mature digital presence with e-commerce capabilities and multilingual support. Technically, the website is built on Magento, leveraging modern JavaScript frameworks and libraries such as RequireJS and jQuery. It integrates Google Analytics 4 and Google Tag Manager for analytics and marketing, and uses Cookiebot for cookie consent management. The site is mobile optimized and performs moderately well, with good SEO and accessibility features, though some accessibility improvements are recommended. From a security perspective, the site enforces HTTPS and implements key security headers, demonstrating a good security posture. However, there is no explicit security policy or incident response information publicly available, and no vulnerability disclosure program is evident. The absence of WHOIS data for the domain is a concern, as it reduces trust and raises questions about domain registration transparency. Overall, the website is professional, trustworthy, and compliant with privacy regulations, but could improve transparency around security policies and domain registration details. Strategic recommendations include publishing a security policy, enhancing accessibility, and clarifying domain registration information to strengthen trust and compliance.

P

Palau International Airport

palau-airport.com

0

Palau International Airport's website serves as the official digital presence for the airport, providing essential information about flights and airport services. The site is built on the Wix platform, leveraging standard Wix technologies and Google Analytics for visitor tracking. While the website offers relevant content for travelers and stakeholders, it lacks comprehensive privacy, cookie, and terms of service policies, which are critical for compliance and user trust. The absence of visible contact information and WHOIS data transparency further limits the site's credibility from a security and compliance perspective. Technically, the site is moderately optimized for mobile devices but shows basic SEO and accessibility features. Security posture is weak due to missing security headers and lack of HTTPS verification data. Overall, the site functions adequately for informational purposes but requires significant improvements in security, privacy, and trust indicators to meet professional standards.

N

Nauru Airlines

nauruair.com

0

Nauru Airlines is a regional airline operating in the Central and South Pacific, providing scheduled passenger flights, freight services, charters, and ACMI leasing. The airline connects Nauru with key regional hubs including Brisbane, Nadi, Majuro, and others, serving both leisure and business travelers. The website reflects a well-established business with over 50 years of operation, emphasizing safety, service excellence, and regional connectivity. Technically, the website employs modern tracking and marketing technologies such as Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. WHOIS data is missing, which reduces transparency and trustworthiness, though the website content and branding appear legitimate. Overall, the site is professional and trustworthy but could improve in security transparency and contact information availability.

R

Rederiaktiebolaget Eckerö

eckeroline.fi

0

Rederiaktiebolaget Eckerö operates the Eckerö Line ferry service, providing daily passenger and cargo transport between Helsinki, Finland, and Tallinn, Estonia. The company offers a range of travel-related services including hotel packages, pre-order shopping for ferry passengers, and group travel options. The website is well-structured, professionally designed, and targets Finnish and Baltic travelers as well as cargo customers. It maintains a strong market position as a reputable ferry operator in the Baltic Sea region. Technically, the site is built on Magento 2 with modern JavaScript libraries and integrates Google Analytics and Tag Manager for tracking. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, although dedicated security policies and incident response contacts are not published. Overall, the site is mature, trustworthy, and compliant with GDPR requirements.

APCOA PARKING is a leading parking services provider in the Netherlands offering affordable parking garages, subscription plans, and parking cards. The website targets drivers and businesses seeking convenient parking solutions in major Dutch cities such as Amsterdam, Rotterdam, and Scheveningen. The company leverages a modern digital infrastructure including TYPO3 CMS, Google Maps API, and advanced marketing and analytics tools with user consent management. Security posture is strong with HTTPS enforcement and ISO 27001 certification, though some security headers and incident response contacts could be improved. Overall, the website is professional, well-structured, and compliant with GDPR and cookie regulations, supporting a trustworthy online presence.

V

Van der Lans & Busscher

staatsie.nl

0

Van der Lans & Busscher is a specialized transportation service provider in the Netherlands, offering dignified state and funeral transport services since 1896. Their website reflects a well-established niche business with a clear focus on providing memorable and respectful transport options including traditional and alternative funeral vehicles. The company maintains a professional online presence with consistent branding and active social media channels. Technically, the website uses a modern JavaScript stack centered around jQuery and Font Awesome, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms, though some security headers and policies could be improved. Overall, the site is trustworthy and professionally maintained, supporting the company’s market position as a reputable funeral transport provider.

M

Mt. Washington Auto Road Bicycle Hillclimb

mwarbh.org

0

The Mt. Washington Auto Road Bicycle Hillclimb website represents a well-established annual cycling event focused on a challenging hillclimb race to the summit of Mt. Washington. The event is hosted by and benefits the Tin Mountain Conservation Center, a non-profit organization dedicated to environmental education and conservation. The website effectively targets cyclists, drivers, spectators, and environmental supporters, providing comprehensive race information, fundraising opportunities, and community engagement. The business model centers on event hosting and fundraising to support conservation efforts, positioning the organization as a niche leader in outdoor sporting events with a strong environmental mission. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Fonts, jQuery, GSAP animations, and integrates analytics tools like Google Tag Manager and Hotjar for user behavior insights. The site demonstrates excellent mobile optimization, fast performance, and good SEO practices, contributing to a positive user experience. However, some security best practices such as implementing security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and protection. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and explicit privacy compliance statements, including GDPR. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the professional presentation and association with a known non-profit lend credibility. No critical vulnerabilities or malicious indicators were detected. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in privacy compliance, security headers, and WHOIS transparency would further strengthen trust and regulatory adherence.

Stichting v/h Rotterdamsche Tramweg Maatschappij is a Dutch non-profit foundation operating a museum dedicated to historical transportation vehicles such as trams, buses, ships, and freight wagons. Established in 2004, it serves a niche audience interested in cultural heritage and transportation history. The website supports visitor engagement through ticket sales, a merchandise shop, volunteer recruitment, and donation options. The foundation maintains an active social media presence and provides clear contact information including phone, email, and a physical address in Ouddorp, Netherlands. Technically, the website is built on a modern WordPress platform with WooCommerce and Elementor, integrating booking and event management plugins. It uses Google Analytics and Facebook Pixel for tracking, with a cookie consent banner indicating basic privacy compliance. Security posture is moderate with HTTPS and DNSSEC enabled, but lacks visible security headers and formal security policies. Overall, the site is professional, trustworthy, and well-structured but could improve compliance and security transparency.

S

Spido

spido.nl

0

Spido is a well-established Dutch company specializing in harbor boat tours, day trips, and themed cruises in Rotterdam. With over 100 years of history, it holds a strong market position as a leading provider of maritime tourism experiences in the region. The website reflects a professional and user-friendly platform offering ticket sales, event hosting, and combined tickets with other local attractions. The target audience primarily includes tourists and visitors seeking unique experiences in Rotterdam. Technically, the site is built on WordPress with modern integrations such as Google Tag Manager, Matomo Analytics, and FareHarbor booking widgets, indicating a mature digital infrastructure. The site is multilingual and optimized for mobile devices, enhancing accessibility and user experience. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and error monitoring via Sentry, though some security headers could be improved. Privacy compliance is strong, with clear GDPR-aligned policies and cookie management. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with relevant regulations.

Amsterdam Airport Schiphol operates as the main international airport of the Netherlands, serving as a major transportation hub in Europe. The website represents this entity but is currently inaccessible beyond a Cloudflare security challenge page, limiting content visibility. The airport provides passenger and cargo air transport services, targeting travelers, airlines, and cargo operators. The business model focuses on airport operations and related services, positioning Schiphol as a key player in the transportation sector.

Koninklijke PostNL operates as the leading postal and parcel delivery service provider in the Netherlands, catering to both consumer and business markets. The company offers a broad range of services including parcel sending and receiving, track and trace, online postage purchasing, and business logistics solutions. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service information tailored to its target audience. Technically, the site leverages modern web technologies such as Next.js, web components, and JSON-LD structured data to enhance performance, SEO, and user experience. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates high trustworthiness and compliance with privacy regulations, making it a reliable digital platform for its users.

P

ProRail

prorail.nl

0

ProRail is the Dutch government agency responsible for managing and maintaining the national railway infrastructure. The website clearly communicates its mission to ensure safe, timely, and sustainable rail transport for passengers and freight. The site targets a broad audience including travelers, freight operators, and government stakeholders. Technically, the site uses modern web technologies including JavaScript modules, consent management via Cookiebot, push notifications with OneSignal, and analytics tools such as Google Analytics and Hotjar. The site is hosted securely with HTTPS and employs multiple security headers, reflecting a mature security posture. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the website is professional, trustworthy, and compliant with GDPR regulations, with a strong alignment between domain registration data and business identity.

W

WEX Asia

wexasia.com

0

WEX Asia operates as a global leader in corporate payment solutions, providing services such as fuel cards, virtual payments, and travel payment solutions. The company targets corporate clients across multiple sectors including transportation, finance, and energy. The website reflects a mature business with a large employee base and a history dating back to 1983, although domain WHOIS data is missing which raises some questions about domain registration transparency. Technically, the website is built on WordPress with modern web technologies including jQuery, Font Awesome, and Google Tag Manager. SEO and mobile optimization are well implemented, though accessibility could be improved. Security posture is generally good with HTTPS enforced and no visible sensitive data exposure, but lacks explicit security headers and public security policies. The site includes privacy and cookie policies with consent mechanisms, indicating GDPR compliance. However, no incident response or vulnerability disclosure information is publicly available. The absence of WHOIS data reduces domain trustworthiness, suggesting a need for further verification of domain legitimacy. Overall, the website is professional and trustworthy in content and design, but domain registration opacity and limited security policy disclosures present moderate risk factors. Strategic improvements in security transparency and domain verification are recommended.

B

Bath Iron Works

gdbiw.com

0

Bath Iron Works is a full-service shipyard specializing in the design, construction, and support of complex surface combatants for the U.S. Navy. As a subsidiary of General Dynamics Marine Systems, it holds a significant position in the defense and transportation sectors, serving government and military clients. The website reflects a professional corporate presence with consistent branding and a focus on its core shipbuilding services. Technically, the site is built on WordPress with modern JavaScript frameworks and includes SEO and cookie consent tools, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. The absence of WHOIS registration data is a notable concern, though the website content and social media presence strongly support legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

R

Rapsody Yachts

rapsody.nl

0

Rapsody Yachts is a Dutch luxury yacht manufacturer established in 1999, specializing in high-end yachts characterized by Dutch craftsmanship and signature service. The company targets affluent yacht buyers and enthusiasts, positioning itself in a premium niche within the transportation sector. Their website reflects a professional and consistent brand image, supported by active social media channels and a clear presentation of contact information. Technically, the site is built on WordPress with modern tracking and marketing tools such as Google Analytics, Facebook Pixel, and Klaviyo, indicating a moderate level of digital maturity. Security posture is solid with HTTPS and DNSSEC enabled, and use of reCAPTCHA for forms, though it lacks some security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

P

P1

p1.nl

0

P1 is a leading Dutch parking service provider specializing in both offstreet and onstreet parking management. The company offers a comprehensive range of services including parking control, management, centralized monitoring, and digital customer services. Their website reflects a mature digital presence with clear navigation, customer testimonials, and detailed service descriptions targeting Dutch parking customers and municipalities. Technically, the site employs modern JavaScript libraries and frameworks, integrates Google Tag Manager and Usercentrics for privacy-compliant analytics and consent management, and is served over HTTPS ensuring secure communications. However, there is room for improvement in security headers and explicit security policy disclosures. Overall, the website is professional, trustworthy, and well-optimized for user experience and privacy compliance.

9

9292

9292.nl

0

9292.nl is a well-established Dutch public transport journey planning website founded in 2006. It offers comprehensive services including journey planning across multiple transport modes such as trains, buses, trams, metro, ferries, and shared transport options. The website targets a broad audience including daily commuters, students, travelers with disabilities, and international visitors. The platform is a leading service in the Netherlands for public transport information and ticketing. Technically, the website leverages modern web technologies including the Astro framework, Usercentrics for consent management, and Google Tag Manager for analytics. The site is mobile-optimized, fast-loading, and accessible, with a professional and consistent design. However, some security best practices such as enabling DNSSEC and publishing security headers could be improved. From a security perspective, the site uses HTTPS and consent management effectively but lacks explicit security headers and a published vulnerability disclosure policy. No contact information for incident response or data protection officers is found, which could be enhanced to improve trust and compliance. The domain registration data is consistent with the business, indicating legitimacy. Overall, 9292.nl presents a strong digital presence with good technical maturity and business credibility but could improve privacy compliance and security transparency to further strengthen its posture.

Y

Youcruit

youcruit.com

0

Youcruit is a specialized recruitment platform focused on simplifying the hiring process for drivers, primarily targeting companies in the transportation sector. The website presents a professional and modern interface built with Nuxt.js, indicating a contemporary technical infrastructure. The platform emphasizes reducing the complexity of traditional paper applications and email attachments, positioning itself as an innovative solution in its niche. Despite the professional presentation, the absence of WHOIS data raises questions about the domain's registration legitimacy, which warrants further investigation. The site employs HTTPS and cookie consent mechanisms, reflecting a baseline commitment to security and privacy, though it lacks visible privacy policies and terms of service pages. Overall, Youcruit appears to be a small but focused business with a clear market niche and a growing digital presence.

B

BlackBook Motorsport

blackbookmotorsport.com

0

BlackBook Motorsport operates as a specialized business community platform serving the motor racing industry. It provides curated content, business intelligence, and networking opportunities tailored to professionals and enthusiasts in motorsport sectors such as Formula One, NASCAR, MotoGP, and others. The website demonstrates a solid market position within this niche, offering memberships, events, and data services to enhance industry success. Technically, the site is built on WordPress with Elementor, integrating modern marketing and analytics tools such as HubSpot and Google Tag Manager. The site is mobile optimized and presents a professional design with good navigation and SEO practices. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities, though explicit security headers could be improved. Privacy compliance is basic, with a cookie consent mechanism present but lacking visible privacy and terms pages. The WHOIS data is missing, which raises concerns about domain registration transparency, though the website content and branding appear legitimate and professional. Overall, the site scores well but should address privacy and domain registration transparency to enhance trust and compliance.