Transportation security reports

I

International Distribution Services plc

internationaldistributionservices.com

58

International Distribution Services plc is a large UK-based holding company specializing in parcel and mail distribution services, owning major subsidiaries such as Royal Mail and GLS. The company operates in the transportation sector with a focus on logistics and multi-channel parcel delivery solutions. The website reflects a professional corporate presence targeting investors, customers, and regulatory bodies. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, and Cookiebot for cookie consent, built on the Umbraco CMS platform. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy, well-branded, and provides comprehensive business information aligned with WHOIS data.

Parcelforce Worldwide operates as a leading parcel delivery service in the UK, integrated closely with Royal Mail to provide comprehensive parcel shipping, tracking, and management services for both business and consumer customers. The website reflects a mature digital presence with a focus on user experience, mobile optimization, and clear service offerings. Technically, the site is built on Drupal 9 with modern performance and analytics tools, hosted behind Akamai CDN, ensuring reliable delivery and moderate performance. Security posture is solid with HTTPS and consent management, though explicit security headers and a public security policy are absent. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not detract significantly from the site's legitimacy given the strong branding and partner links. Overall, the site is professional, trustworthy, and well-positioned in the transportation and logistics sector.

C

Combine Cargo Malawi Limited

combinecargo.mw

45

Combine Cargo Malawi Limited is a small-sized, premier logistics company based in Malawi, specializing in freight forwarding, customs clearing, removals, warehousing, and transport logistics. The company holds a licensed customs agent status, positioning it as a trusted service provider in the local transportation sector. Their website reflects a professional and consistent brand image targeting businesses and individuals requiring reliable logistics solutions. Technically, the website is built on WordPress using Elementor and related addons, providing a modern and mobile-optimized user experience with moderate performance. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks important security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the website claims, supporting legitimacy and trustworthiness.

Trans-Delta Logistics Ltd is a Nigerian-based logistics and transport service provider operating primarily from Lagos, Apapa. The company offers a comprehensive range of services including airfreight, sea freight, land and rail transportation, customs clearance, contract logistics, warehousing, and 3PL solutions. The website positions the company as a knowledgeable local partner with expertise in efficient and cost-effective transport solutions tailored to the Nigerian market and surrounding regions. Technically, the website is built on WordPress using the Divi theme and includes standard plugins such as Contact Form 7 for customer inquiries. The site is accessible, mobile-optimized, and employs HTTPS with good SSL configuration, but lacks advanced security headers and privacy compliance documentation. Security posture is moderate with room for improvement in headers and policy transparency. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain legitimacy and registration consistency. Additionally, the presence of unrelated gambling content in the news section detracts from business credibility. Overall, the website is functional and professional but requires enhancements in security, privacy compliance, and domain legitimacy to improve trust and reduce risk.

K

KAYHIL FREIGHT

kayhil.co.za

46

Kayhil Freight is a specialized logistics and freight delivery company operating primarily between South Africa and Lesotho. Established in 2008, the company has built a trusted market position with over two decades of experience, offering services such as import/export logistics, express delivery, and inhouse clearing. Their national footprint in South Africa and multiple branch locations support a broad customer base including businesses and individuals requiring reliable freight services. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the website is built on WordPress using modern frameworks like Bootstrap and WPBakery Page Builder, ensuring good mobile optimization and SEO readiness. Integration of Google Analytics and social media links indicates a moderate level of digital maturity. Performance is moderate with room for improvement in accessibility and security hardening. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks DNSSEC and security headers, which are recommended for enhanced protection. There is no visible security policy or incident response information, and cookie consent mechanisms are absent, indicating compliance gaps especially regarding GDPR. The WHOIS data aligns well with the business claims, showing a consistent and legitimate domain registration. Overall, Kayhil Freight's website is a good representation of their business with solid credibility and technical implementation. Strategic improvements in security policies, privacy compliance, and DNS security would strengthen their posture and trustworthiness further.

I

IFS Group

ifsgroup.com

56

IFS Group is a well-established global logistics provider based in Northern Ireland, offering a comprehensive suite of freight forwarding, warehousing, customs brokerage, and transport services. With over 55 years of experience, the company serves diverse industries including energy, manufacturing, and retail, positioning itself as a reliable and expert partner in global supply chain management. The website reflects a mature business with a strong market presence and a focus on precision and customer care. Technically, the website is built on WordPress with modern front-end technologies such as Blaze Slider and integrates Google Analytics for performance insights. The site is mobile-optimized, accessible, and SEO-friendly, demonstrating a good level of digital maturity. Hosting details are not explicit but DNS records suggest a stable infrastructure. Security-wise, the site uses HTTPS and implements CAPTCHA on contact forms to mitigate spam. However, DNSSEC is not enabled, and security headers are not explicitly detected, indicating room for improvement. No public security or incident response policies are found, which could be enhanced to build further trust. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives. The domain registration data supports the legitimacy and long-standing nature of the business. Minor technical and security enhancements could further strengthen the company's digital and security posture.

OBT Shipping Group DMCC is a recognized maritime and logistics service provider primarily operating in Africa and headquartered in Dubai, UAE. The company offers a broad range of services including vessel agency, stevedoring, logistics, offshore oil & gas support, and mining & energy sector services. Their market position is strong within the African maritime logistics industry, supported by certifications such as TRACE and memberships in BIMCO and INTERTANKO. The website reflects a professional business presence targeting corporate clients and partners in the maritime and energy sectors. Technically, the website employs a mix of legacy and modern web technologies including jQuery 2.1.4, Google Fonts, and the Revolution Slider plugin. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Cookie consent is implemented with user choice options, indicating some level of privacy awareness, although a dedicated privacy policy page is missing. From a security perspective, the site uses HTTPS (implied by external scripts loaded over HTTPS) but lacks visible security headers and explicit incident response contacts. The absence of WHOIS data limits domain trust verification, but the presence of physical contact details, certifications, and social media profiles supports legitimacy. No critical vulnerabilities or adult content were detected, and the site is fully accessible without WAF or blocking mechanisms. Overall, the website presents a credible and professional business front with room for improvement in privacy compliance, security hardening, and transparency of domain registration details.

Flash Freight Logistics Pvt. Ltd. is a well-established freight forwarding and logistics company based in Nepal, recognized as a market leader in international freight forwarding operations. The company offers a comprehensive range of logistics services including air freight, sea freight, rail and road cargo, project logistics, custom clearance, and warehousing. It holds an exclusive partnership with the global logistics giant DB Schenker, enhancing its credibility and service reach. The website reflects a professional business model targeting industries requiring reliable and efficient logistics solutions in Nepal and globally. Technically, the website is built on the SageFrame CMS platform and utilizes legacy versions of jQuery and jQuery UI, which may pose security risks. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices evident through meta tags and structured data. Hosting appears to be managed through Nepal-based DNS providers, consistent with the company's geographic focus. From a security perspective, the website lacks visible security headers and does not implement DNSSEC, which are areas for improvement. No privacy or cookie policies are present, indicating potential compliance gaps with GDPR or similar regulations. The absence of email contact information and limited analytics or tracking scripts suggest a minimal data collection approach but also limit user engagement channels. Overall, the website presents a trustworthy and professional image with strong business credibility supported by client testimonials and partnership claims. However, technical and security enhancements are recommended to improve the security posture and privacy compliance, thereby strengthening user trust and regulatory adherence.

M

Mongolian Express Co., Ltd.

monex.mn

44

Mongolian Express Co., Ltd. is a well-established transportation and logistics company based in Mongolia, founded in 1999. The company offers a comprehensive range of freight forwarding and logistics services including rail, air, road, transit, container transport, terminal and warehouse services, international postal cargo, customs clearance, project cargo, and export transportation. It holds the distinction of being the first Mongolian freight forwarding company to implement the ISO 9001:2015 quality management standard, reflecting its commitment to service quality and operational excellence. The website is professionally designed, mobile-optimized, and provides clear contact information and social media presence, supporting its market position as a leading logistics provider in Mongolia.

P

Puma Logistics

puma.do

47

Puma Logistics is a Dominican Republic-based integrated logistics service provider specializing in air, maritime, customs management, terrestrial transport, warehousing, value-added services, local distribution, and project cargo. The company positions itself as a local leader with international partnerships, notably representing DB Schenker in the Dominican Republic. Their website demonstrates a professional digital presence built on WordPress with Oxygen Builder, incorporating modern technologies such as Google Analytics, Google Tag Manager, and reCAPTCHA for security. The site is well-structured, mobile-optimized, and provides clear contact channels, though it lacks explicit privacy and cookie policies, which are important for compliance. Security posture is strong with HTTPS, security headers, and secure form handling. However, the absence of WHOIS data transparency slightly reduces trustworthiness. Overall, Puma Logistics presents a credible and professional business front with room for improvement in privacy compliance and domain transparency.

B

Bak Logistics

baklogistics.com

55

Bak Logistics is a specialized logistics service provider focusing on supply chain solutions, handling equipment and engineering, and international freight services. The company appears to target businesses requiring specialized handling and freight solutions. The website is built on WordPress with WooCommerce and Elementor, indicating a modern CMS infrastructure with e-commerce capabilities. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and explicit security policies on the website. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website presents a professional image but would benefit from enhanced security and privacy practices.

DSV is a global leader in transport and logistics services, offering comprehensive freight solutions across road, air, sea, and rail, along with warehousing and contract logistics. The company has recently merged with Schenker, enhancing its market position as a world-leading logistics provider. The website reflects a mature digital infrastructure with integrated customer portals such as myDSV and Schenker Connect, providing streamlined booking and shipment management. The site is professionally designed, mobile-optimized, and supports multiple languages, targeting businesses worldwide requiring logistics services. Technically, the site uses modern web technologies, is hosted on Microsoft Azure, and employs Google Tag Manager for analytics. Security posture is strong with HTTPS and Content Security Policy headers, though additional headers could improve defense in depth. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user consent mechanisms. WHOIS data is unavailable, which is a transparency concern but the website's professional presentation and external references support legitimacy. Overall, the site is secure, reliable, and well-positioned to serve its enterprise clientele.

D

DB SCHENKER

dbschenker.com

67

DB SCHENKER is a global logistics and supply chain solutions provider, recently merged with DSV to form a world-leading transport and logistics entity. The website offers comprehensive information on their services including digital services, transport modes, contract logistics, advanced logistics, industry solutions, and customs services. The site targets businesses requiring international shipping and supply chain optimization. Technically, the website is modern, mobile-optimized, and uses advanced tracking and analytics tools such as Adobe Analytics and Elastic Path. Security posture is strong with HTTPS and Content-Security-Policy headers, though explicit security policies and incident response information are not found. WHOIS data is missing, which reduces transparency but does not detract from the professional presentation and trustworthiness of the site. Overall, the site is well-designed, secure, and business credible.

X

Xmarton

xmarton.sk

10

Xmarton is a Slovakian technology company specializing in automotive security and mobile control solutions. Their website presents a professional and consistent brand focused on helping car owners manage and secure their vehicles remotely. The business appears to be a small-sized niche player founded around 2017, with a clear target audience of car owners seeking convenience and security enhancements. Technically, the website is built on WordPress using popular plugins and frameworks, integrating modern analytics and marketing tools such as Google Analytics, Facebook Pixel, and Cookiebot for consent management. The site enforces HTTPS and uses Google reCAPTCHA to secure forms, reflecting a moderate security posture. However, it lacks explicit privacy policies, terms of service, and direct contact information, which are areas for improvement. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

G

GO parking s.r.o.

goparking.cz

10

GO parking s.r.o. operates a parking service near Prague Airport, offering customers convenient parking options with online reservation capabilities, transfer services to the airport, and additional services such as car washing and electric vehicle charging. The company targets travelers, corporate clients, and travel agencies, positioning itself as a competitive local parking provider with attractive pricing and comprehensive service offerings. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in Czech with English support. Technically, the site employs modern analytics and tracking tools, including Google Analytics, Microsoft Clarity, and Google Tag Manager, alongside reCAPTCHA v3 for bot protection and a chatbot for customer interaction. Security posture is generally good with HTTPS enforced and secure forms, though the absence of visible security headers and incident response information suggests room for improvement. The lack of WHOIS data reduces domain trustworthiness but does not detract significantly from the overall legitimacy of the business. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving transparency around domain registration.

S

StadiumGO

stadiumgo.fr

45

StadiumGO is a French-based digital platform specializing in carpooling services tailored for sports enthusiasts attending events. It connects users who share a passion for sports, enabling them to share rides to stadiums and other event venues. The platform offers features such as event-based ride searches, ride proposals, user profiles, and a reward system incentivizing carpooling. The website is professionally designed, mobile-optimized, and integrates modern technologies including React, Next.js, Algolia for search, and Brevo for messaging. Security measures such as HTTPS and security headers are properly implemented, although some security policy disclosures could be enhanced. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. Overall, the platform presents a trustworthy and user-friendly service for its target audience of French sports fans.

Royal Mail Group Ltd operates a comprehensive postal and parcel delivery service in the United Kingdom, serving both personal and business customers. The website offers detailed information on sending, receiving, tracking, and managing mail and parcels, supported by a large network of over 130,000 service points. The company maintains a strong market position as a historic and trusted postal operator with a focus on sustainability and customer convenience. Technically, the website is built on Drupal 9, leveraging modern web technologies and CDN services for performance and scalability. The site is mobile-optimized and accessible, with good SEO and privacy compliance features including cookie consent mechanisms. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly detailed. WHOIS data is unavailable or privacy protected, which is a minor concern but likely justified given the business nature. Overall, the website reflects a mature, professional, and trustworthy digital presence aligned with Royal Mail's brand and service offerings.

Slovenská pošta, a.s. is the national postal operator of Slovakia, providing reliable and accessible postal, payment, distribution, and state services to citizens, businesses, and e-shops. The company holds a strong market position as a government-affiliated entity with a broad service portfolio including express delivery, parcel services, financial services, and e-commerce logistics solutions. The website reflects a mature digital infrastructure with a modern React-based frontend, optimized for mobile devices and good SEO practices. Security posture is robust with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting a positive user experience and business credibility.

V

Vanderlande

vanderlande.com

62

Vanderlande is a globally recognized leader in logistics process automation, specializing in warehousing, airports, and parcel sectors. The company offers integrated solutions including innovative systems, intelligent software, and life-cycle services, positioning itself as a market-leading partner for future-proof automation technology. The website reflects a mature digital presence with comprehensive content targeting logistics operators and airport authorities. Technically, the site leverages modern web technologies such as WordPress CMS, jQuery, Bootstrap, and Matomo analytics, ensuring good performance, mobile optimization, and SEO. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security policies and incident response details are not publicly disclosed. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional site content and external references. Strategic recommendations include enhancing transparency around security policies, adding vulnerability disclosure mechanisms, and improving security headers to further strengthen trust and compliance.

A

AUTOPOLIS

autopolis.sk

60

AUTOPOLIS.sk is a well-established Slovak automotive dealership specializing in Hyundai and Ford vehicles, offering a comprehensive range of services including new and used car sales, authorized servicing, spare parts, vehicle buyback, fleet offers, insurance, and car rental. The website targets consumers and businesses in Slovakia, positioning itself as a regional leader in automotive sales and services. The business has been operational since 2003, supported by a domain age consistent with its market presence. Technically, the website employs modern web technologies such as Bootstrap, Vue.js, and Google Fonts, hosted on Websupport infrastructure with DNSSEC enabled, ensuring a secure and reliable platform. The site is mobile optimized with good SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in speed and technical modernization. From a security perspective, the site enforces HTTPS and DNSSEC, but lacks some advanced security headers and explicit security policies. There is no visible privacy policy or terms of service, which presents compliance gaps, especially regarding GDPR. No vulnerabilities or suspicious activities were detected in the content or technical setup. Overall, AUTOPOLIS.sk demonstrates a solid business and technical foundation with good security posture but requires enhancements in privacy compliance and security policy transparency to improve trust and regulatory adherence.

E

Eimskip

eimskip.is

73

Eimskip is a leading Icelandic shipping and logistics company specializing in transportation services across the North Atlantic region. The company offers a broad range of services including import/export shipping, container and breakbulk transport, domestic trucking, warehousing, and customs documentation. Their website reflects a mature digital presence with professional design, clear navigation, and comprehensive service information targeting both businesses and individual customers. Technically, the site employs modern web technologies such as Google Tag Manager, CookieHub for consent management, and Microsoft Omnichannel for live chat support, indicating a commitment to user engagement and data privacy. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, Eimskip's website demonstrates a solid balance of business credibility, technical implementation, and privacy compliance.

H

Husqvarna Motorcycles

husqvarna-motorcycles.com

70

Husqvarna Motorcycles is a premium motorcycle manufacturer specializing in motocross, enduro, street, travel, naked, supermoto, and electric bikes. The website targets motorcycle enthusiasts and riders, offering detailed product information and brand experiences. The company operates globally with a strong presence in Finland, supported by a professional and consistent brand image. Technically, the website leverages Adobe Experience Manager CMS, integrates modern JavaScript libraries, and uses Adobe Scene7 for rich media content. It employs Google Tag Manager and OneTrust for analytics and cookie consent management, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses standard security headers, and provides a cookie consent mechanism compliant with GDPR. However, explicit security policies and incident response contacts are not prominently published. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations, with room for improvement in transparency of security policies and contact information.

H

Husqvarna Bicycles

husqvarna-bicycles.com

69

Husqvarna Bicycles operates a professional and well-structured website focused on electric and mountain bicycles, targeting consumers interested in high-quality e-bikes and related apparel. The site demonstrates a mature digital presence with comprehensive product navigation and multilingual support. Technically, the website leverages Adobe Experience Manager CMS, integrates modern JavaScript libraries, and employs Google Tag Manager and OneTrust for analytics and cookie consent management, reflecting a solid digital infrastructure. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is evident through cookie consent mechanisms and a comprehensive privacy policy. However, explicit contact information and security policies such as incident response or vulnerability disclosure are not present, representing areas for improvement. Overall, the website is trustworthy, professionally maintained, and suitable for its target audience.

C

Continental Tires

continental-me.com

53

Continental Tires Middle East operates as a regional landing platform for the established global tire manufacturer Continental AG, targeting consumers and businesses in the Middle East and North Africa (MENA) region. The website facilitates language and country selection to direct users to localized content and services, including tire dealer location and vehicle-specific tire information. The business model focuses on B2C and B2B tire sales and distribution, leveraging Continental's strong brand recognition and market presence. The site positions itself as a reliable regional resource for Continental Tires products and services.

C

CITY – CAR a.s.

citycar.cz

65

CITY – CAR a.s. is a well-established automotive dealership and service provider based in the Czech Republic, specializing in the sale and servicing of Citroën, DS Automobiles, Dongfeng, SWM, and Peugeot vehicles. The company has been operating since 1990, serving both individual consumers and business clients in the South Bohemia region. Their offerings include new and used vehicle sales, vehicle servicing, rental services, vehicle purchase and trade-in, and financing solutions. The website reflects a professional and consistent brand presence with clear navigation and comprehensive service information. Technically, the website is built on WordPress using WooCommerce and Elementor, leveraging modern web technologies such as jQuery, Bootstrap, and Google Fonts. The site is mobile-optimized and demonstrates good SEO practices. Security measures include HTTPS enforcement and standard security headers, with a cookie consent mechanism aligned with GDPR requirements. However, there is no explicit incident response or vulnerability disclosure information available. The security posture is solid with no detected vulnerabilities or exposed sensitive data, but the absence of WHOIS data limits domain trust verification. The website content is safe for general audiences, with no adult or questionable material. Overall, the site presents a trustworthy and professional digital presence for the business.

B

Barum

barum.com.br

66

Barum is a well-established tire brand with over 70 years of history, operating as a second line brand under the Continental group. The website targets the Brazilian market, offering a portfolio of affordable and durable tires for passenger cars and commercial vehicles. The digital infrastructure is modern, leveraging Adobe Experience Manager CMS and Google Tag Manager for analytics and marketing. The site is professionally designed, mobile-optimized, and includes comprehensive legal and privacy documentation, reflecting good compliance with GDPR and cookie consent requirements. Security posture is strong with HTTPS and consent management, though explicit security policies and incident response contacts are absent. Overall, the website presents a trustworthy and professional image consistent with a large enterprise in the transportation sector.

T

turistika.cz s.r.o.

livetouring.com

46

Livetouring.com is a niche content platform specializing in video routes for walking, cycling, and other outdoor activities, primarily targeting travelers and outdoor enthusiasts. The website offers a rich catalog of 190 routes with interactive maps and video content, supporting multiple languages to cater to an international audience. The business operates under turistika.cz s.r.o., a Czech company founded in 2014, positioning itself as a specialized provider in the travel and transportation sector. Technically, the website leverages Google Maps API for geospatial content, uses Revive Adserver for advertising, and implements a third-party cookie consent mechanism. The site is custom-built with moderate performance and basic mobile optimization. SEO and content quality are good, but there is room for improvement in accessibility and advanced technical frameworks. From a security perspective, the site uses HTTPS but lacks important security headers and DNSSEC. The Google Maps API key is exposed in the HTML, which could pose a risk if not properly restricted. No formal security or incident response policies are published, indicating a low maturity in security governance. Cookie consent is implemented, but GDPR compliance is only basic. Overall, the website is functional and credible with a moderate security posture. Strategic improvements in security headers, API key management, and formal security policies would enhance trust and compliance. The business model is clear and well-executed, but technical modernization and stronger privacy practices are recommended.

K

Koordinátor veřejné dopravy Zlínského kraje, s.r.o.

idzetka.cz

44

The website idzetka.cz serves as an e-commerce and informational platform for the Zetka public transport card in the Zlín Region of the Czech Republic. It offers services such as card registration, login, anonymous purchase options, and ordering new cards. The site targets residents and travelers using public transportation in the region, positioning itself as a regional transport service provider with a medium-sized operational scope. The business is relatively young, founded around 2020, and operates under the legal entity Koordinátor veřejné dopravy Zlínského kraje, s.r.o. Technically, the website employs a modern but standard technology stack including jQuery, Bootstrap, Font Awesome, and other JavaScript libraries to provide a responsive and user-friendly experience. Hosting is managed by WEDOS, a Czech hosting provider, consistent with the business location. The site demonstrates moderate performance and good mobile optimization but lacks some advanced SEO and accessibility features. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in the HTML. However, it lacks explicit security headers such as Content-Security-Policy and does not provide a cookie consent mechanism, which may affect GDPR compliance. No incident response or security policy information is published, and no vulnerability disclosure or security.txt files are present. The WHOIS data is transparent and consistent with the business, supporting legitimacy. Overall, the website is professionally designed and trustworthy for its intended audience but could improve in privacy compliance and security best practices to enhance user trust and regulatory adherence.

B

Barum

barum.cz

63

Barum is a well-established tire brand with a strong presence in the Czech Republic and other markets, operating under the Continental AG umbrella. The website serves as an official platform offering product information, tire guides, and dealer search functionalities targeting both consumers and commercial clients. The site is built on Adobe Experience Manager, indicating a mature digital infrastructure with modern web technologies and multi-language support. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks explicit privacy and terms of service documentation. WHOIS data is unavailable, which slightly reduces transparency and trustworthiness. Overall, the website is professional and trustworthy but could improve compliance and contact transparency.

K

Domů • IDZK

koved.cz

44

The website www.idzk.cz represents Integrovaná doprava Zlínského kraje (IDZK), a regional integrated public transportation service provider in the Zlín region of the Czech Republic. The platform offers comprehensive services including bus and train schedule searches, fare and tariff information, a transport card system (Zetka), and an e-shop for related products. The site targets local citizens and travelers, aiming to simplify and improve regional mobility. The business model is focused on public transport integration and customer service facilitation, positioning IDZK as a key regional transportation entity. Technically, the website employs modern web technologies such as Google Web Fonts and JavaScript, with responsive design and good accessibility features. The site is served over HTTPS, ensuring secure communication. Cookie consent mechanisms and GDPR-compliant privacy policies are implemented, reflecting a mature approach to privacy and data protection. However, no advanced security headers were detected, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates a solid baseline with HTTPS and privacy compliance but lacks some best practices such as security headers and vulnerability disclosure mechanisms. The absence of WHOIS data reduces domain trustworthiness, though the website content and structure appear professional and legitimate. No critical vulnerabilities or exposed sensitive data were found. Overall, the site is secure for general users but could improve transparency and security posture. The overall risk assessment is moderate with recommendations to enhance security headers, publish incident response contacts, and improve business contact transparency. The site is well-positioned in its market niche but should address WHOIS data gaps and security best practices to strengthen trust and compliance.

Z

Emil Zátopek Ostrava Golden Marathon

zatopekmaraton.cz

57

The Emil Zátopek Ostrava Golden Marathon website represents a professionally organized international marathon event held in Ostrava, Czech Republic, honoring the legendary athlete Emil Zátopek. The event offers multiple race categories including marathon, half-marathon, 10 km, and team races, targeting runners of all levels and athletics enthusiasts. The website is well-designed, mobile-optimized, and uses modern web technologies to provide an engaging user experience. It is supported by official city and regional partners, enhancing its credibility and market position. Technically, the site employs a modern tech stack including Bootstrap, Swiper, and animation libraries, ensuring good performance and responsiveness. However, there is a lack of visible security headers and privacy/cookie policies, which are areas for improvement. The site uses Plausible Analytics, a privacy-focused analytics tool, indicating some attention to user privacy. Contact information is clearly provided, but no forms collecting sensitive data are present on the main page. From a security perspective, the absence of WHOIS data raises some concerns about domain registration transparency, though the professional nature of the site and its partners mitigate this risk. No WAF or blocking mechanisms were detected, and no critical vulnerabilities were found in the visible content. Overall, the site demonstrates a solid security posture but would benefit from enhanced privacy compliance and security header implementation. The overall risk is moderate with recommendations to improve privacy disclosures, implement security headers, and clarify domain registration details to enhance trust and compliance.

H

Hyundai Motor

hyundai-motor.cz

64

Hyundai Motor's Czech manufacturing plant website provides detailed corporate information about its Nošovice production facility. The site targets general visitors, industry stakeholders, and potential employees, offering insights into the factory's operations and news. Technically, the site is built on WordPress, leveraging modern analytics tools such as Google Analytics, Matomo, and Cookiebot for consent management and tracking. The presence of multiple marketing and tracking scripts indicates a mature digital infrastructure. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks some security headers and explicit privacy and terms policies, which are recommended for improvement. The absence of WHOIS data limits domain trust verification, though the website content and branding suggest legitimacy. Overall, the site is professional and trustworthy but could benefit from enhanced security and compliance transparency.

K

Kodis

odiska.cz

58

ODISka.cz is a regional public transportation service platform focused on card management, ticketing, and passenger information for the Moravian-Silesian region in the Czech Republic. The website provides services such as card registration, fare overview, and e-shop functionalities, targeting public transport users including students and children. The platform integrates with regional transport authorities and operators, reflecting a solid market position within the local transportation ecosystem. Technically, the site employs a modern JavaScript stack with libraries like jQuery, Bootstrap, and Slick Carousel, indicating moderate digital maturity and a responsive design optimized for mobile users. Security posture is adequate with HTTPS enforced, but lacks some advanced security headers and explicit privacy compliance mechanisms such as cookie consent banners. The absence of direct contact emails or phone numbers and no visible vulnerability disclosure policy suggests areas for improvement in transparency and incident response readiness. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

C

CHAPS spol. s r.o.

idos.cz

44

IDOS.cz is a well-established Czech transportation platform operated by CHAPS spol. s r.o., founded in 2001. It provides comprehensive search and ticketing services for trains, buses, local public transport (MHD), and airplanes. The platform targets general travelers in the Czech Republic and surrounding regions, offering real-time vehicle location tracking and direct ticket purchases. The website is professionally designed with good content relevance and clear navigation, supporting multiple languages and advanced search parameters.

I

Integrovaná doprava Zlínského kraje

idzk.cz

44

Integrovaná doprava Zlínského kraje (IDZK) operates as a regional integrated public transportation system in the Zlín region of the Czech Republic. The website provides comprehensive information about bus and train schedules, tariffs, and service disruptions, targeting local residents and visitors. The business model is focused on public service transportation, supported by regional government funding and partnerships with multiple transport operators. The site also offers an e-shop and reservation services through affiliated domains, enhancing user convenience. Technically, the website employs modern web technologies including Google WebFont Loader and custom GDPR compliance scripts. The site is mobile-optimized and accessible, with a clear navigation structure and professional design. However, no explicit CMS or hosting provider information is detected. Performance is moderate with good SEO and accessibility practices. From a security perspective, the site demonstrates good privacy compliance with GDPR-aligned cookie consent mechanisms and no visible tracking by default. However, the absence of WHOIS data and lack of visible security headers suggest areas for improvement. No critical vulnerabilities or exposed sensitive data were detected, but security posture could be enhanced by implementing standard HTTP security headers and publishing incident response information. Overall, the website is trustworthy and professional, serving an essential public transportation function. The lack of WHOIS transparency slightly reduces domain trustworthiness, but the content and branding strongly support legitimacy. Strategic recommendations include improving security headers, verifying HTTPS configuration, and publishing clearer security policies to strengthen user trust and compliance.

B

BG Technik cs, a.s.

selvo.cz

48

Selvo (CZ), operated by BG Technik cs, a.s., is a Czech Republic-based company specializing in the sale and servicing of electric mobility products including electric wheelchairs, scooters, and electric vehicles. The company targets seniors and disabled persons, providing quality products with nationwide support and service. The website demonstrates a professional digital presence with clear product information, customer references, and a user-friendly interface optimized for mobile devices. Technically, the site employs modern web technologies such as Bootstrap and integrates multiple analytics and advertising tools including Google Tag Manager and Adform, ensuring effective marketing and user tracking while maintaining GDPR compliance through cookie consent mechanisms. Security posture is solid with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the website and business exhibit a trustworthy and established profile with no indications of malicious activity or content blocking.

BMW Motorrad Czech Republic operates a professional and comprehensive website dedicated to motorcycle sales, financing, accessories, and services. The site targets motorcycle enthusiasts and potential buyers in the Czech market, leveraging the strong BMW brand and offering a wide range of models and related products. The website is built on Adobe Experience Manager, indicating a mature digital infrastructure with integrated analytics and consent management. Security posture is good with HTTPS and consent mechanisms, though explicit security headers and incident response information are absent. The lack of WHOIS data limits domain trust assessment, but the branding and content strongly support legitimacy. Overall, the site is well-positioned to serve its audience with a professional and secure online presence.

BMW Czech Republic operates an official regional website providing comprehensive information about BMW's premium vehicles, electric mobility, financial services, and after-sales support. The site targets consumers in the Czech Republic interested in premium automotive products and services. The business model focuses on vehicle sales, leasing, insurance, and digital services, supported by a strong brand presence and consistent user experience. Technically, the website leverages Adobe Experience Manager CMS, modern JavaScript frameworks, and Akamai CDN for performance and scalability. Security posture is strong with HTTPS enforcement and no visible vulnerabilities, though explicit privacy and cookie policies are not clearly found in the provided content. WHOIS data is unavailable due to registry restrictions, but the site shows strong legitimacy indicators. Overall, the website is professional, well-branded, and trustworthy, serving as a key digital touchpoint for BMW customers in the Czech market.

Č

Černí koně, z.s.

pracovnielektromobily.cz

40

Pracovní Elektromobily is a Czech-based small business specializing in ecological electric work vehicles such as scooters and small trucks, targeting municipalities, technical services, industrial areas, and farmers. The company emphasizes sustainability, low operational costs, and social responsibility by supporting children with disabilities through proceeds from sales. The website is built on a modern WordPress platform using WooCommerce and Elementor, hosted by WEDOS. While the site is well-designed and mobile-optimized, it lacks formal privacy and cookie policies, which impacts compliance. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and incident response information. The domain WHOIS data shows an anomalous future creation date, which raises some trust concerns but does not negate the legitimacy of the business presence online.

Č

Černí koně, z.s.

mobilnisenior.cz

41

Mobilní senior is a Czech non-profit organization named Černí koně, z.s., dedicated to supporting mobility for seniors and disabled individuals by offering quality electric wheelchairs and scooters under the SELVO brand. The organization has a longstanding presence since 2008 and provides sales, warranty, and post-warranty services. Their market position is that of a specialized provider focused on enhancing independent mobility for their target audience. Technically, the website is built on a modern WordPress stack using Elementor and the Kadence theme, hosted likely by WEDOS. The site is mobile-optimized and includes a GDPR-compliant cookie consent mechanism via the Complianz plugin. Security posture is good with HTTPS enabled, but lacks some security headers and published security policies. The WHOIS data shows inconsistencies with a future domain creation date, which raises some trust concerns but does not outweigh the professional and consistent website content. Overall, the website is trustworthy and well-positioned within its niche.

O

OZO Ostrava s.r.o.

ozoostrava.cz

48

OZO Ostrava s.r.o. is a well-established Czech company specializing in waste collection, sorting, recycling, and environmental services primarily serving the city of Ostrava and surrounding areas. The company has a long history dating back to 1949 and offers a comprehensive range of services including municipal and industrial waste management, hazardous waste disposal, biogas collection, ecological education, and operates a reuse center and an e-shop for waste-related products. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting both citizens and businesses. Technically, the site employs a modern JavaScript stack with integrations such as Google Maps and FullCalendar, and uses the Shopnero CMS platform. Security posture is good with HTTPS enabled and secure forms, though explicit security policies and incident response contacts are not published. Privacy compliance is partially addressed with a cookie consent banner but lacks a dedicated privacy policy page. WHOIS data confirms the domain's legitimacy and long-term registration consistent with the company's history. Overall, the website is trustworthy, functional, and serves its audience effectively.

D

Dopravní podnik Ostrava a.s.

dpo.cz

55

Dopravní podnik Ostrava a.s. is a well-established public transportation company operating in Ostrava, Czech Republic, with a domain age dating back to 1998. The company provides comprehensive urban transit services including buses, trams, and trolleybuses, supported by digital tools such as mobile applications and online timetables. The website reflects a mature digital presence with a Joomla CMS platform, modern JavaScript libraries, and responsive design optimized for mobile users. Security practices include HTTPS enforcement and CSRF protection in forms, though some security headers are missing. Privacy compliance is evident with a dedicated GDPR page, but cookie consent mechanisms are not clearly implemented. Overall, the site is professional, trustworthy, and serves its target audience effectively.

X

Xmarton s.r.o.

xmarton.com

48

Xmarton s.r.o. is a Czech-based technology company specializing in smart mobility solutions, including digital vehicle keys, GPS monitoring, and fleet management software. The company targets a diverse audience ranging from corporations and municipalities to individual vehicle owners, offering a range of products tailored to different customer needs. Their platform enables advanced vehicle security and management features accessible via mobile devices, positioning them as an innovative player in the transportation technology sector. Technically, the website is built on WordPress with modern libraries such as jQuery, FontAwesome, and Google Tag Manager, providing a responsive and user-friendly experience. Security measures include HTTPS enforcement and Google reCAPTCHA integration, although explicit security headers and a formal security policy are absent. The domain WHOIS data is missing, which raises concerns about registration transparency, but the website content and business information appear professional and trustworthy. Overall, the site demonstrates strong digital maturity and privacy compliance, with room for improvement in domain registration transparency and security policy publication.

R

Renocar Synot, a.s.

bmw-synotauto.cz

62

Renocar Synot, a.s. is an authorized BMW dealership and service provider located in Zlín, Czech Republic. The company specializes in the sale of new and certified used BMW vehicles, along with offering comprehensive servicing and genuine BMW parts and accessories. The website reflects a professional and consistent brand presence aligned with BMW's corporate identity, targeting customers in the Zlín region and broader Czech market. The business model focuses on direct vehicle sales, after-sales services, and customer support, positioning itself as a trusted regional partner for BMW customers. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, supported by jQuery and integrated with Google Tag Manager and Google Analytics for marketing and analytics purposes. The site is mobile-optimized, well-structured, and provides a good user experience with clear navigation and relevant content. Cookie consent and privacy policies are implemented in compliance with GDPR, enhancing user trust and legal compliance. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms. However, no explicit security headers were detected in the provided data, suggesting room for improvement in security hardening. No vulnerabilities or exposed sensitive data were found. The absence of WHOIS data due to privacy protection slightly reduces trust but is common for business domains. Overall, the site demonstrates a solid security posture appropriate for its business type. The overall risk assessment is low, with recommendations to enhance security headers and maintain regular audits of third-party scripts. The website effectively supports the company's business goals and customer engagement strategies, reflecting a mature digital presence in the automotive retail sector.

E

EIBACH Renocar, a.s.

eibach.cz

42

EIBACH Renocar, a.s. operates a professional website offering high-performance automotive suspension parts and systems, targeting sports car enthusiasts and professional installers primarily in the Czech Republic and worldwide through partners. The company is positioned as a leading manufacturer with a strong reputation and a comprehensive online product catalog and configurator. The website is built on Reflex CMS, uses modern web technologies including HTTPS, Google Analytics, and Facebook SDK, and provides a good user experience with clear navigation and mobile optimization. However, the WHOIS data is unavailable, limiting domain trust verification. Security posture is moderate with HTTPS and secure forms but lacks explicit security headers and a privacy policy page, which are important for compliance and trust. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and updated technical components.

V

VISTA car

vistacar.cz

58

VISTA car is an established automotive dealership and authorized service partner for Škoda and Hyundai vehicles, operating primarily in the Czech Republic since 1999. The company offers new and used car sales, servicing, and rental services, targeting regional customers in Kyjov and Hodonín. The website reflects a professional business presence with clear branding and relevant content for its audience. Technically, the site uses common web technologies including jQuery, Google Tag Manager, Google Analytics, Facebook Pixel, and Cookiebot for cookie consent management. The site is hosted under a Czech registrar consistent with the business location. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though improvements are recommended in security headers and updating legacy libraries. Privacy compliance is well addressed with detailed cookie classifications and opt-in consent. Overall, the website demonstrates a good level of digital maturity and business credibility, supporting its market position as a trusted automotive partner.

V

Vairai

vairai.lt

41

Vairai.lt is a Lithuanian niche job board platform specializing in employment opportunities for drivers across various license categories. The platform connects candidates and employers in the transportation sector, offering job listings, candidate and employer profiles, and user account management. The website is professionally designed with good SEO and mobile optimization, leveraging WordPress CMS and popular plugins such as Yoast SEO and WP Job Board Pro. Hosting is provided by HOSTINGER operations, UAB, a reputable hosting provider. Security measures include HTTPS enforcement and Google reCAPTCHA on critical forms, though some HTTP security headers could be improved. Privacy and cookie policies are present and GDPR compliant, with clear contact information and social media presence enhancing trust. Overall, the site presents a solid digital presence for a small-sized business in the transportation recruitment niche.

DSA a.s. is a well-established Czech aviation company operating since 1992, specializing in pilot and technician training, aircraft maintenance, helicopter emergency medical services, aerotaxi, and aerial work. The company holds a strong market position as the largest flight school in the Czech Republic and provides critical aviation services including medical emergency flights and aircraft upkeep. Their website reflects a professional and consistent brand image, targeting aviation professionals and private/business air travel customers. Technically, the site is built on WordPress with modern frameworks like UIkit and employs Google Fonts and reCAPTCHA for security. The site is mobile-optimized and SEO-friendly, though some accessibility features could be improved. Security posture is good with HTTPS and reCAPTCHA usage, but lacks some security headers and explicit security policies. Privacy compliance is partially met with a GDPR policy present but no cookie consent mechanism. Overall, the domain registration data supports the legitimacy and maturity of the business. Recommendations include enhancing security headers, adding cookie consent, and publishing security and incident response policies.

M

MEDIROL s.r.o.

medirol.cz

50

MEDIROL s.r.o. is a Czech Republic-based company specializing in the manufacturing and sale of medical transport equipment, including powered stretchers, roll-in stretchers, and transport chairs. The company targets healthcare providers and emergency services, offering solutions designed to improve patient transport safety and efficiency. The website presents a professional image with clear product categories and multilingual support, indicating a medium-sized enterprise with a specialized niche market position. Technically, the website is built on WordPress using the Avada theme and incorporates modern web technologies such as jQuery and Slider Revolution. The site is mobile-optimized and includes multilingual capabilities via TranslatePress. Performance is moderate, with good SEO and accessibility features, though some improvements could be made in accessibility and cookie consent mechanisms. From a security perspective, the site uses HTTPS with good SSL configuration but lacks several security headers and explicit incident response contact information. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic, with a privacy policy present but no cookie consent banner. The absence of WHOIS data reduces trust slightly, but the professional website and business focus support legitimacy. Overall, the site is well-structured and professional but would benefit from enhanced security headers, clearer contact information, and improved privacy compliance to strengthen trust and compliance posture.

R

RENOCAR a.s.

renocar.cz

52

RENOCAR a.s. is an established authorized dealer and service provider for BMW, MINI, and BMW Motorrad vehicles operating primarily in the Czech Republic with multiple physical branches. The company offers a comprehensive range of services including new and used vehicle sales, authorized servicing, financial services, insurance, and test drives. Their market position is strong within the automotive retail sector, supported by consistent branding and a professional online presence. The website is well-designed, mobile-optimized, and integrates modern tracking and marketing tools, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit incident response contacts are missing. The absence of WHOIS registration data is a notable gap, reducing domain registration trustworthiness but not detracting from the overall legitimacy indicated by the website content and structured data. Strategic recommendations include enhancing security headers, publishing a security policy, and improving incident response transparency to further strengthen trust and compliance.