Transportation security reports

I

Innsbrucker Verkehrsbetriebe und Stubaitalbahn

ivb-jobs.at

65

The website ivb-jobs.at represents the Innsbrucker Verkehrsbetriebe (IVB), a medium-sized public transportation company based in Austria. The site focuses on recruitment and employer branding, offering detailed information about job opportunities, benefits, and company culture. It targets job seekers in various categories including apprentices, graduates, and experienced professionals. The company positions itself as a reliable and innovative employer committed to sustainable and emission-free mobility. Technically, the website employs modern web technologies including Google Tag Manager, Usercentrics for consent management, Facebook Pixel, jQuery, and Bootstrap. The site is mobile-optimized with good SEO practices and moderate performance. Security best practices such as HTTPS and cookie consent are implemented, though some security policy documentation and incident response information are absent. From a security perspective, the site shows a solid posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a privacy policy and cookie consent mechanism. However, the absence of a published security policy and vulnerability disclosure limits transparency. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, ivb-jobs.at is a professional and trustworthy website serving its purpose effectively. Strategic improvements in security transparency and accessibility could further enhance its maturity and user trust.

N

Nacht-S-Bahn I Salzburger Verkehrsverbund

nachtsbahn.at

53

Nacht-S-Bahn I Salzburger Verkehrsverbund is a regional public transportation service focused on providing night train services in Salzburg, Austria. The website promotes night S-Bahn lines S1, S11, S2, and S3, targeting local commuters and nightlife participants. The business operates under the Salzburger Verkehrsverbund GmbH umbrella, positioning itself as a reliable and safe transit option during late hours. The site offers links to official transit apps and social media channels, enhancing user engagement and service accessibility. Technically, the website is built on WordPress using common plugins and themes, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is basic, with a privacy policy linked on the parent domain but no cookie consent mechanism on the site. Overall, the website is professional, trustworthy, and serves its intended audience effectively, though improvements in security and privacy transparency are recommended.

S

Salzburg Verkehr

busjobs.at

48

The website www.busjobs.at serves as a regional recruitment platform for bus driver positions in the Salzburg region of Austria. It is operated under the brand Salzburg Verkehr and collaborates with multiple partner bus companies to offer job opportunities. The site provides detailed information about the profession, qualifications required, and facilitates contact with partner companies through embedded forms and links. The content is professionally presented with multimedia elements such as videos and image galleries, targeting job seekers interested in transportation careers. Technically, the site is built on WordPress with modern plugins including Yoast SEO and Contact Form 7, ensuring good SEO and user experience. Security posture is solid with HTTPS and captcha protection on forms, though some security headers are missing and cookie consent mechanisms are absent. WHOIS data is unavailable due to privacy protection, but the site’s legitimacy is supported by its professional content and partner affiliations. Overall, the site is a credible and well-structured employment portal for the transportation sector in Austria.

S

Salzburg Verkehr

salzburg-erfahren.at

51

Salzburg-erfahren.at is a regional website dedicated to promoting hiking tours accessible by public transport in the Salzburg region of Austria. The site is operated by Salzburg Verkehr, a transportation entity, and provides detailed tour tips and interactive maps to facilitate sustainable tourism. The website leverages WordPress CMS with Yoast SEO for content optimization and uses map libraries such as Leaflet.js to enhance user experience. The target audience primarily includes tourists and hikers interested in exploring Salzburg via bus and train services. The business model focuses on providing informational and navigational support rather than direct commercial transactions. Technically, the site is moderately optimized with good mobile responsiveness and SEO practices, but lacks some advanced security headers and explicit privacy or cookie policies. Security posture is average with room for improvement in policy transparency and technical safeguards. Overall, the domain registration and hosting details align well with the business focus, indicating a legitimate and trustworthy operation.

U

Unsere ÖBB

railaxed.at

62

Unsere ÖBB operates as Austria's national rail transportation provider, offering extensive travel information and services through its Reiseblog platform. The website targets travelers interested in European destinations and sustainable rail travel, providing travel tips and related content. The business is positioned as an established enterprise with multiple subsidiaries and a strong digital presence. Technically, the website employs modern web technologies including Matomo analytics, custom fonts, and responsive design, delivering a fast and accessible user experience. Security posture is solid with HTTPS enforced and secure forms, though improvements are recommended in security headers and explicit privacy mechanisms. The absence of WHOIS data is noted but does not detract significantly from trust due to the official nature of the site and its ecosystem. Overall, the site is professional, trustworthy, and well-maintained.

Č

ČSAD Autobusy České Budějovice a.s.

busem.cz

43

ČSAD Autobusy České Budějovice a.s. operates as a regional public transportation provider in the South Bohemian Region of the Czech Republic, offering regular and irregular bus services including municipal and suburban transport. The company maintains a professional web presence with clear navigation, multiple service offerings, and a focus on customer engagement through contact forms and social media. Technically, the website employs modern frontend technologies such as Bootstrap and jQuery, integrates Google Analytics for visitor tracking, and provides a GDPR-compliant cookie consent mechanism. Security posture is adequate with HTTPS enforced and consent-based data collection, though the absence of security headers and WHOIS data transparency slightly reduce trust levels. Overall, the site is well-structured, mobile-optimized, and serves its target audience effectively.

M

Mors Smitt

morssmitt.nl

60

Mors Smitt is a medium-sized Dutch company specializing in railway technology and industrial electrical components. The company offers a wide range of products including relays, test and measurement equipment, and maritime instruments, targeting railway operators, industrial clients, and the maritime sector. Their website reflects a well-structured business with comprehensive product catalogs, support services, and training offerings, positioning them as an established player in the transportation and energy sectors. Technically, the website employs modern JavaScript libraries and analytics tools, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and consent management implemented, although explicit security headers and vulnerability disclosure mechanisms are absent. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting a positive business credibility profile.

F

fms Systems GmbH / taxi.eu

taxi.eu

50

taxi.eu is a European taxi ordering platform operated by fms Systems GmbH, headquartered in Vienna, Austria. The company offers a mobile app service that enables users to order taxis in over 160 cities across 8-9 European countries. The platform supports multiple taxi types, live tracking, and various payment methods including Google Pay, Apple Pay, and PayPal. The website is professionally designed, multilingual, and integrates social media channels to engage users. Technically, the site is built on WordPress with modern plugins and demonstrates good SEO and mobile optimization. Security-wise, the site enforces HTTPS and cookie consent but lacks some advanced security headers and explicit incident response contacts. WHOIS data is privacy protected, which is typical for commercial services, and no suspicious patterns were detected. Overall, taxi.eu presents a credible and mature digital presence in the transportation sector.

V-Villach operates a specialized transportation service in the Villach region of Austria, combining taxi rides with a unique beverage credit incentive program. Customers can call the V-Taxi hotline to arrange rides to and from the V-Villach venue, exchanging taxi receipts for beverage credits at the venue's bar. The website is built on WordPress using the Kallyas theme and includes modern JavaScript libraries and plugins such as Slider Revolution and Bootstrap. Social media integration and tracking via Facebook Pixel and Google Tag Manager are implemented. Privacy and cookie policies are present, indicating basic GDPR compliance. However, no explicit security policy or incident response information is provided. The site uses HTTPS but lacks advanced security headers, suggesting room for security improvements. Overall, the website is functional, professionally designed, and serves a niche local market with a clear business model.

F

Free2move

fr2.mv

73

Free2move is a large-scale digital mobility platform offering car sharing, car rental, parking space booking, and business mobility solutions across 170 countries. The website is professionally designed, mobile-optimized, and provides a seamless user experience with interactive forms and clear navigation. Technically, it leverages modern JavaScript frameworks such as Vue.js, Bootstrap, and integrates with Usercentrics for consent management and Google Tag Manager for analytics. Security posture is good with HTTPS enforced and consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data for the domain is a concern for domain legitimacy and business credibility, suggesting the need for further verification. Overall, the platform appears trustworthy and well-positioned in the transportation sector, targeting both consumers and businesses seeking flexible mobility solutions.

P

Pořádková a zásahová služba s.r.o.

pazs.cz

44

Pořádková a zásahová služba s.r.o. is a medium-sized Czech security company specializing in intervention and physical security services, electronic security systems, and public order maintenance. The company operates primarily in Prague and surrounding regions, serving over 40,000 clients. Their website presents a professional image with clear descriptions of services and operational areas, including an interactive SVG map showing vehicle locations. However, the absence of WHOIS data raises questions about domain registration status, which should be verified for full trustworthiness. Technically, the website uses basic HTML and CSS without advanced frameworks or CMS, and lacks modern security headers and privacy compliance features. No analytics or tracking scripts were detected, indicating minimal user tracking. Contact information is limited but includes a company email and physical address, with a Facebook social media presence. Overall, the website is functional and professional but would benefit from enhanced security and privacy features.

G

Getaround

getaround.com

75

Getaround is a well-established peer-to-peer carsharing platform founded in 2003, offering instant car rentals with app-based unlocking technology and trip liability insurance included. The company targets consumers and car owners in the United States, positioning itself as a market leader with a strong digital presence and high user ratings. Their business model leverages proprietary cloud and in-car Connect® technology to enable contactless carsharing experiences. Technically, the website employs a modern tech stack including JavaScript frameworks, Google Tag Manager, Stripe for payments, and Mapbox for mapping, hosted behind Cloudflare for performance and security. The site is mobile-optimized, fast, and accessible with good SEO practices. Security posture is strong with HTTPS enforcement, clientTransferProhibited domain status, and cookie consent mechanisms, though DNSSEC is not enabled and explicit security policies are not published. Overall, the website is professional, trustworthy, and compliant with GDPR and privacy standards, with no signs of malicious activity or content safety concerns.

C

Caruso Carsharing

carusocarsharing.com

56

Caruso Carsharing is a well-established Austrian carsharing service specializing in electric vehicles, primarily serving the regions of Vorarlberg and Salzburg. The company offers flexible, app-based vehicle rental solutions for both private individuals and business clients, emphasizing sustainability and cost-effectiveness. Their business model includes short-term carsharing and longer-term rentals under the 'caruso plus' program. The website reflects a professional and modern digital presence with comprehensive content and clear navigation, targeting environmentally conscious users seeking alternative mobility options. Technically, the website is built on WordPress with a modern tech stack including jQuery, Ion.RangeSlider, and animation libraries, optimized for mobile devices and SEO. The infrastructure is stable with HTTPS enforced and domain security measures in place, although DNSSEC is not enabled. The site integrates cookie consent mechanisms and complies with GDPR requirements, demonstrating a mature approach to privacy and user data protection. From a security perspective, the site shows good practices such as HTTPS, domain locking, and no visible vulnerabilities or exposed sensitive data. However, there is room for improvement by enabling DNSSEC, publishing a formal security policy, and adding a vulnerability disclosure channel. Overall, the risk profile is low, and the site appears trustworthy and professionally managed. Strategically, Caruso Carsharing is positioned as a regional leader in sustainable mobility with a growing footprint and diversified offerings. The company maintains active engagement through social media and news updates, enhancing customer trust and market visibility.

F

Free2move

free2move.com

73

Free2move operates as a comprehensive mobility service provider offering car sharing, car rental, parking space booking, and business mobility solutions across multiple countries. The website demonstrates a strong market presence with a large customer base and extensive service coverage. Technically, the site employs modern frameworks such as Vue.js and Bootstrap, integrates a consent management platform, and uses Google Tag Manager for analytics, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced and privacy compliance mechanisms in place; however, the absence of explicit security headers and published security policies suggests room for improvement. The missing WHOIS data introduces some uncertainty regarding domain registration legitimacy, though the professional website and branding mitigate concerns. Overall, the site is well-designed, user-friendly, and trustworthy, serving a broad general audience with safe content.

D

Die Österreichische Postbus Aktiengesellschaft

postbus.at

65

Die Österreichische Postbus Aktiengesellschaft ist das größte Busunternehmen in Österreich und Teil der ÖBB-Personenverkehrs AG. Mit einem umfangreichen Fuhrpark und fast 4.000 Mitarbeitern befördert Postbus jährlich über 200 Millionen Reisende, vor allem im ländlichen Raum, und bietet vielfältige Dienstleistungen wie Regionalverkehr, Shuttle-Services und Busvermietung an. Die Website präsentiert sich professionell, mit klarer Navigation und gut strukturierten Inhalten, die auf Deutsch und Englisch verfügbar sind. Technisch nutzt die Seite moderne Webstandards und Matomo Analytics für datenschutzfreundliches Tracking. Die Sicherheitslage ist solide mit HTTPS und keiner erkennbaren Schwachstelle, jedoch fehlen einige Sicherheitsheader und eine explizite Cookie-Zustimmung, was die Datenschutzkonformität beeinträchtigen könnte. Insgesamt ist die Website vertrauenswürdig und gut positioniert, mit klaren Partner- und Tochtergesellschaftsbeziehungen. Es wird empfohlen, die Datenschutz- und Sicherheitsmaßnahmen weiter zu verbessern, insbesondere durch die Implementierung eines Cookie-Banners und die Veröffentlichung einer Sicherheitsrichtlinie.

1

1. Villacher Funktaxiverein

taxi28888.at

55

1. Villacher Funktaxiverein is a regional taxi and shuttle service provider based in Villach, Austria, operating the largest taxi central in the city. The company offers a range of transportation services including airport transfers, shuttle services, courier deliveries, and a dedicated taxi app for convenient booking and payment. Their market position is strong locally with a focus on both general public and business clientele. Technically, the website is built on WordPress with modern plugins and frameworks, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, though some security headers and vulnerability disclosures are missing. Overall, the domain registration and business information are consistent and trustworthy, supporting a legitimate business presence.

W

World-Direct Ebusiness Solutions Gmbh

taxi2244.at

56

Taxi2244.at is a regional taxi service website based in Austria, developed and powered by TYPO3 CMS and managed by World-Direct Ebusiness Solutions Gmbh. The website provides transportation services targeting local customers and uses modern web technologies including jQuery, Owl Carousel, and FontAwesome. The site implements a comprehensive cookie consent mechanism via Cookiebot, ensuring GDPR compliance and user privacy preferences management. However, explicit contact information such as emails or phone numbers is not directly visible on the homepage, which may impact user trust and ease of communication. The website is well-structured with good design quality and mobile optimization, providing a professional user experience.

T

Taxi40100

taxi40100.at

56

Taxi40100.at is a local Austrian taxi service offering fixed-price rides available 24/7 with booking options via phone or app. The website is built on TYPO3 CMS and incorporates modern web technologies such as jQuery and Owl Carousel. It features a comprehensive cookie consent mechanism powered by Cookiebot, ensuring GDPR compliance and user privacy. The site provides privacy and legal disclosures, enhancing trustworthiness. Technically, the site is well-implemented with HTTPS and security headers, though it lacks explicit security policy and incident response information. Overall, the site presents a professional and user-friendly experience suitable for its target audience.

N

nextbike business

nextbike.at

59

Nextbike business operates as a leading European bike-sharing service provider, offering tailored mobility solutions including both station-based and stationless bike-sharing systems. The company positions itself as a market leader in Europe, supported by a professional website with multilingual capabilities and strong branding aligned with its parent company, TIER Mobility. The website demonstrates a modern technical infrastructure built on WordPress with SEO optimization and mobile responsiveness. Security posture is adequate with HTTPS enforced, but lacks visible security headers and formal security policies. The absence of WHOIS domain registration data raises concerns about domain legitimacy, although the website content and social media presence support business credibility. Privacy and cookie policies are not clearly presented, indicating compliance gaps. Overall, the site is professional but would benefit from enhanced transparency and security documentation.

C

City Bike Linz Rental Service GmbH

citybikelinz.at

53

City Bike Linz Rental Service GmbH operates a city bike sharing platform in Linz, Austria, offering environmentally friendly and flexible urban mobility solutions. The service is integrated with the nextbike network, allowing users to rent and return bikes at 50 stations within the city and access bikes in over 200 cities across 26 countries. The website provides comprehensive information about registration, usage, pricing, and station locations, targeting residents and visitors seeking convenient transport alternatives. Technically, the website employs modern tracking and analytics tools including Google Tag Manager, Facebook Pixel, Google Analytics, and Plausible Analytics, alongside cookie consent management to ensure GDPR compliance. The site is mobile-optimized with good accessibility and SEO practices, featuring interactive elements such as Lottie animations and embedded nextbike reservation iframes. From a security perspective, the site enforces HTTPS and includes CSRF tokens, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious content were detected. Privacy compliance is strong with clear cookie consent and privacy policy documentation. Overall, the website demonstrates a mature digital presence with strong business credibility and user trust. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen the security posture and user confidence.

B

Blue Jay Transit, Inc.

bird.co

62

Bird (Blue Jay Transit, Inc.) operates a leading micro-mobility platform offering electric scooters and bikes across hundreds of cities worldwide. The company positions itself as an eco-friendly urban transportation provider with a strong market presence and NYSE listing under BRDS. The website reflects a mature digital infrastructure built on WordPress with modern JavaScript libraries and integrated analytics. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though dedicated security and incident response policies are not publicly detailed. Overall, the site demonstrates professionalism, compliance with privacy regulations, and a trustworthy brand image.

D

Dott

ridedott.com

58

Dott is a European micromobility company founded in 2018, providing electric scooter and bike rental services aimed at creating pollution-free cities designed for people rather than cars. The company has established a solid market presence with a professional and well-structured website that supports multiple languages and integrates modern tracking and analytics tools. Technically, the site is built on WordPress with a modern tech stack including Google Tag Manager, Google Maps API, and advanced UI libraries, delivering a good user experience with excellent mobile optimization and SEO. Security-wise, the site uses HTTPS with domain protections in place but lacks some advanced security headers and explicit security policies. Privacy compliance is strong, with comprehensive privacy and cookie policies and a visible Data Protection Officer contact. Overall, the website reflects a mature digital presence with moderate security posture and good compliance, suitable for its business model and audience.

R

Rail & Drive

railanddrive.at

66

Rail & Drive is a mobility service operated under the Austrian Federal Railways (ÖBB) umbrella, offering integrated travel solutions combining rail journeys with car rentals at multiple locations across Austria. The service targets both private customers and companies, providing flexible vehicle options, fair pricing based on usage, and 24/7 support. The website is professionally designed with consistent branding and clear navigation, supporting user registration, booking, and information dissemination. Technically, the site uses modern web components and JavaScript frameworks, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and incident response information are missing. Privacy compliance is generally good with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business claims, indicating a trustworthy and legitimate operation.

City Airport Train operates as a specialized transportation service providing the fastest nonstop train connection between Vienna Airport and the city center. The company targets travelers seeking efficient and comfortable airport transfers, offering ticket sales, additional travel packages, and city transport combinations. The website reflects a strong market position as a leading airport express train service in Vienna, supported by positive customer reviews and partnerships with recognized platforms like GetYourGuide and Saferpay for payment processing. Technically, the website is built on modern frameworks such as Vue.js and Nuxt.js, ensuring a responsive and mobile-optimized user experience. The integration of secure payment gateways and use of security headers demonstrate a mature digital infrastructure. However, the absence of a visible cookie consent mechanism indicates a gap in privacy compliance, which should be addressed to meet GDPR standards fully. From a security perspective, the site enforces HTTPS, employs security headers, and integrates CAPTCHA to protect forms, reflecting good security hygiene. No critical vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data is a notable anomaly, suggesting either privacy protection or recent domain registration, which slightly impacts trust but is mitigated by the professional site content and social media presence. Overall, the website presents a low-risk profile with strong business credibility and technical implementation. Strategic improvements in privacy compliance and transparency around security policies would enhance trust and regulatory adherence.

M

Mobilitätsverbünde Österreich

mobilitaetsverbuende.at

66

Mobilitätsverbünde Österreich is a consortium of seven regional transport associations in Austria focused on ensuring sustainable and comprehensive public mobility across all Austrian regions. The website serves as an informational platform promoting their collaborative efforts and sustainable transport initiatives. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, providing good SEO and mobile responsiveness. Security posture is adequate with HTTPS and cookie consent implemented, but lacks explicit privacy policies, terms of service, and security headers. No direct contact information or incident response channels are visible, which could be improved to enhance trust and compliance. Overall, the site is professional and trustworthy but could benefit from enhanced privacy and security disclosures.

S

Salzburger Verkehrsverbund GmbH

salzburg-verkehr.at

57

Salzburger Verkehrsverbund GmbH operates as the regional public transportation authority for the Salzburg region in Austria, providing ticketing services, schedules, and mobility solutions. The company offers a variety of ticket types including single rides, time-based passes, and special offers for students, seniors, and tourists. Their digital presence includes a comprehensive website with integrated ticket shop, timetable widgets, and mobile applications for Android and iOS, targeting public transport users in Salzburg. The company maintains active social media channels and provides clear contact and service information, positioning itself as a trusted regional transport provider. Technically, the website is built on WordPress with modern plugins such as Yoast SEO Premium and Easy Digital Downloads, ensuring good SEO and e-commerce capabilities. The site uses HTTPS and includes structured data for enhanced search engine understanding. Mobile optimization and accessibility are adequately addressed, though some improvements in accessibility could be made. Performance is moderate, with a well-structured navigation system and clear content presentation. From a security perspective, the site enforces HTTPS and uses secure plugins, but lacks explicit security headers and publicly available incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. The domain registration is consistent with the business identity, enhancing trustworthiness. Overall, Salzburger Verkehrsverbund GmbH's website demonstrates a solid digital maturity with good business credibility and privacy compliance. Strategic improvements in security headers, incident response visibility, and accessibility would further strengthen their security posture and user trust.

O

Oberösterreichischer Verkehrsverbund

ooevv.at

60

Oberösterreichischer Verkehrsverbund (OÖVV) operates as the regional public transportation authority for Upper Austria, providing comprehensive services including timetable information, ticket sales, real-time travel updates, and mobile applications for route planning and ticket purchasing. The website is professionally designed, multilingual, and targets public transport users within the region and visitors. It maintains a strong market position as a key regional transport provider with a large user base. Technically, the site is built on TYPO3 CMS, employs modern JavaScript libraries, and integrates analytics via Matomo, reflecting a mature digital infrastructure with good performance and accessibility. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, though a dedicated security policy and incident response contact are absent. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. Overall, the website is trustworthy, user-friendly, and well-maintained, supporting the organization's mission to facilitate public transportation in Upper Austria.

I

Innsbrucker Verkehrsbetriebe und Stubaitalbahn GmbH

ivb.at

71

Innsbrucker Verkehrsbetriebe und Stubaitalbahn GmbH (IVB) operates as a regional public transportation provider serving Innsbruck and its surrounding areas. The company offers a comprehensive range of mobility services including bus, tram, regional trains, ticketing solutions, and mobility support such as bike sharing and Park & Ride facilities. The website reflects a well-established regional operator with a clear focus on serving public transport users in Austria. Technically, the site is built on TYPO3 CMS, leveraging modern JavaScript libraries and third-party widgets for real-time transport information, indicating a mature digital infrastructure. The presence of GDPR-compliant cookie consent and privacy policies demonstrates attention to regulatory compliance. Security posture is solid with HTTPS enforcement and standard security headers, though the absence of a dedicated security policy or incident response contact suggests room for improvement. Overall, the site is professional, accessible, and trustworthy, supporting the company's market position as a key regional transport operator.

A

ASFINAG

asfinag.net

62

ASFINAG operates as a major Austrian government-owned corporation specializing in the financing and management of highways and expressways. The website serves as an information platform providing technical planning manuals, guidelines, procurement documents, and other resources primarily for registered users and professionals involved in transportation infrastructure. The company holds a strong market position in Austria's transportation sector with a focus on infrastructure development and maintenance. Technically, the website employs modern JavaScript libraries such as jQuery and FontAwesome, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized with good navigation and content structure, although some accessibility features could be improved. The absence of CMS identification suggests a custom or proprietary platform. Security posture is solid with HTTPS enforced and no exposed sensitive data. However, DNSSEC is not enabled and security headers are missing, indicating room for improvement. Privacy compliance is good with a clear privacy policy and disabled cookies in analytics, but lacks a cookie consent mechanism. Contact information is readily available via multiple company emails. Overall, the website is professional, trustworthy, and well-aligned with the business's operational needs. Strategic enhancements in security headers, cookie consent, and incident response disclosures would further strengthen the security and compliance posture.

A

ASFINAG

go-maut.at

68

The website go-maut.at is the official portal for the Austrian GO-Maut toll system operated by ASFINAG, a government entity responsible for toll collection and road infrastructure management. It provides comprehensive information about the toll system, payment options, device management (GO-Box), and user self-service through a dedicated SelfCare portal. The site targets transport companies and vehicle owners subject to tolls in Austria, positioning itself as a key national infrastructure service provider. Technically, the website employs modern web technologies including jQuery, Matomo analytics for user tracking, and mtCaptcha for form security. The CMS appears to be Umbraco, indicating a mature content management environment. The site is mobile-optimized, accessible, and SEO-friendly with proper meta tags and multilingual support. From a security perspective, the site enforces HTTPS, uses CAPTCHA to protect forms, and implements a cookie consent mechanism compliant with GDPR principles. However, explicit privacy, terms of service, security policies, and incident response contacts are not clearly published, which could be improved to enhance transparency and compliance. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. The risk level is low, but strategic improvements in privacy and security disclosures are recommended to strengthen user trust and regulatory compliance.

M

Mors Smitt

morssmitt.com

59

Mors Smitt is a specialized company focused on manufacturing and supplying electrical and electronic components primarily for the railway and industrial sectors. Their product portfolio includes railway rolling stock equipment, signalling infrastructure systems, power utility relays, and test & measurement instruments. The company targets B2B customers in transportation and energy industries, positioning itself as a niche player with compliance to strict industry standards such as EN 50155. The website reflects a professional and consistent brand image with comprehensive product and company information. Technically, the website employs modern JavaScript libraries and tracking tools including jQuery, Slick Slider, Google Analytics, and a consent management platform (Usercentrics). The site is mobile-optimized with good SEO and basic accessibility features. However, no CMS or hosting provider details are explicitly detected. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS registration data for the domain is a notable concern, potentially impacting trustworthiness despite the professional website presence. Overall, the website is well-structured and business-focused, but the missing WHOIS data and lack of explicit security policies suggest areas for improvement in transparency and security posture. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and improving contact information visibility to strengthen trust and compliance.

A

ASFINAG

asfinag.at

73

ASFINAG is a large Austrian company responsible for the planning, construction, operation, and toll collection on Austria's motorways and expressways. It serves as a reliable, innovative, and sustainable mobility partner connecting regions and people in the heart of Europe. The company offers key services including toll and vignette sales, traffic management, infrastructure construction and maintenance, parking and resting facilities, and career opportunities. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization. Technically, it uses modern JavaScript frameworks such as Vue.js and is hosted on Azure CDN, ensuring fast performance and good accessibility. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the domain registration data aligns well with the company's identity, indicating legitimacy and trustworthiness.

Ö

ÖBB (Österreichische Bundesbahnen)

wegfinder.at

67

wegfinder.at is a comprehensive mobility platform operated under the auspices of ÖBB, Austria's national railway company. The website offers an integrated app solution for booking and managing various transportation modes including trains, buses, taxis, carsharing, bikesharing, and e-scooters across Austria. The platform is positioned as a leading mobility aggregator with strong regional partnerships, providing users with seamless route planning, ticketing, and vehicle rental services. Technically, the site employs modern web technologies such as Bulma CSS, Font Awesome, and Matomo analytics, ensuring a responsive and user-friendly experience across desktop and mobile devices. Security posture is strong with HTTPS enforcement and security headers, though some GDPR compliance aspects like explicit cookie consent could be improved. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the site.

Dieselservis Kroměříž is a small local company specializing in servicing diesel fuel injection pumps, injectors, and vehicle diagnostics primarily for the automotive sector in the Czech Republic. Their website presents a clear overview of their services including repair, testing, and maintenance of diesel systems, as well as a 24/7 towing service. The business targets vehicle owners and operators requiring specialized diesel system servicing. Technically, the website is built on an older WordPress platform with Bootstrap and jQuery, providing a functional but somewhat outdated user experience. Security posture is moderate with HTTPS enabled but lacking modern security headers and running outdated software versions, which could expose the site to vulnerabilities. Privacy compliance is low due to absence of privacy and cookie policies. Overall, the site is safe for general audiences and provides sufficient contact information, but improvements in security and privacy practices are recommended.

The website www.odtahova-sluzba-nonstop.cz represents a small Czech towing service company named Pištora, offering vehicle towing and related automotive services primarily in Prague and across the European Union. Their key offerings include 24/7 towing for vehicles and other loads up to 6 tons, insurance coverage for transported items, vehicle storage, and assistance with vehicle registration and repairs. The business targets vehicle owners and automotive service clients in need of reliable towing and transport solutions. Technically, the website uses legacy JavaScript libraries such as Prototype.js and Scriptaculous, along with Lightbox for image galleries, and integrates Google Analytics for visitor tracking. The site lacks modern CMS indications and shows basic design and navigation quality. Mobile optimization and accessibility are minimal, and no HTTPS enforcement or security headers were detected in the provided content, indicating a need for security improvements. From a security perspective, the absence of HTTPS and security headers, lack of privacy and cookie policies, and missing WHOIS registration data raise concerns about the website's security posture and trustworthiness. While the content is legitimate and relevant to the business, the lack of compliance with privacy regulations and security best practices exposes the site to potential risks. Overall, the website is functional and provides relevant business information but requires significant improvements in security, privacy compliance, and technical modernization to enhance trust and user safety.

B

Berghof Process Control & Logistics GmbH

berghof-process-control.com

54

Berghof Process Control & Logistics GmbH is a specialized provider of management systems tailored for logistics terminals, repair workshops, and container yards. Their solutions, such as BLU and IBIS, focus on process control and safety systems, serving a niche market primarily in transportation and logistics sectors. The company is part of the Berghof Group and holds ISO 9001:2015 certification, indicating a commitment to quality management. The website is professionally designed, multilingual, and targets logistics operators and industrial clients. Technically, the website is built on TYPO3 CMS, employs modern web standards, and integrates Google Tag Manager for analytics. It is mobile-optimized and includes GDPR-compliant privacy and cookie consent mechanisms. However, some security headers are missing, which could be improved to enhance security posture. The site uses HTTPS exclusively, ensuring encrypted communications. Security-wise, the site shows good practices such as consent management and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS registration data is a concern for domain legitimacy, but the professional presentation and business consistency mitigate this risk. No incident response or security policy pages were found, suggesting room for improvement in transparency and readiness. Overall, the website presents a credible and professional business presence with moderate technical maturity and good privacy compliance. Strategic improvements in security headers, WHOIS transparency, and incident response information would strengthen trust and security posture.

SeaStorm-Boat.com represents a small Estonian company, CERANOS INVEST OÜ, specializing in manufacturing and selling durable polyethylene boats using innovative rotational molding technology. The company targets boating enthusiasts and dealers worldwide, exporting to over 40 countries. The website is a professionally designed e-commerce platform built on WordPress with WooCommerce, integrating modern tools such as Slider Revolution and Revolut payment gateway. The site is mobile-optimized and SEO-friendly, providing rich content about products, exhibitions, and company information. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is basic with presence of privacy and cookie policies but no advanced GDPR indicators. Overall, the website is trustworthy and credible with clear contact information and social media presence.

T

Techno Marine Sp. z o.o.

technomarine.pl

42

Techno Marine Sp. z o.o. is a well-established Polish boat manufacturing company specializing in a variety of marine vessels including RHIBs, pilot boats, commercial boats, catamarans, tugs, and dredgers. The company emphasizes safety, durability, and quality, holding ISO9001:2015 certification. Their target audience includes government agencies, navy, special forces, commercial operators, and marine professionals. The website reflects a professional business presence with clear navigation, multilingual support, and active social media integration via Facebook. Technically, the site is built on WordPress using the Avada theme and includes modern technologies such as LayerSlider and Smart Slider 3. Security posture is strong with HTTPS and DNSSEC enabled, and no blocking or WAF challenges detected. However, the site lacks explicit privacy and terms of service pages, which impacts privacy compliance scoring.

W

Whaly Boats

whaly.com

69

Whaly Boats operates a website offering sturdy, affordable plastic boats targeting recreational boating enthusiasts. The business model focuses on manufacturing and selling these boats, positioning itself as an affordable and durable option in the boating industry. The website is professionally designed using modern CSS frameworks and web fonts, providing a good user experience and mobile optimization. However, the technical infrastructure lacks advanced security headers and privacy compliance features, and no WHOIS registration data is available, raising concerns about domain legitimacy. The absence of explicit privacy and cookie policies further impacts compliance posture. Overall, the website presents a moderate risk profile with room for improvement in security and compliance to enhance trustworthiness.

M

Mercury Marine

mercurymarine.com

68

Mercury Marine is a globally recognized leader in manufacturing propulsion solutions for recreational boats. The website presents a professional and well-structured digital presence, leveraging Adobe Experience Manager as its CMS platform and integrating modern analytics and marketing tools such as Google Tag Manager, Adobe Launch, and Facebook Pixel. The site is optimized for mobile devices and provides multilingual support for a global audience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers are not detected in the HTML source. The absence of WHOIS registration data is notable and warrants further investigation to confirm domain legitimacy. Overall, the website reflects a mature enterprise with a strong market position in the marine transportation sector.

TOHATSU Corporation operates a global website focused on marine products such as outboard motors and portable fire pumps. The company maintains regional sites for North America, Japan, and international markets, indicating a broad global presence. The website content is professional and well-structured, targeting customers interested in marine and fire safety equipment. The business model centers on manufacturing and global distribution, with a strong brand presence dating back to 1997. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, and a consent management platform (Trust360), ensuring compliance with privacy regulations and enabling analytics tracking. Security posture is adequate with HTTPS enabled and cookie consent implemented, though additional security headers and policies could enhance protection. WHOIS data confirms the domain's legitimacy and long-standing registration, consistent with the company's history. Overall, the website is trustworthy, compliant, and professionally maintained, supporting TOHATSU's market position as a reputable manufacturer in the transportation sector.

S

Sea Ray

searay.eu

76

Sea Ray is a well-established luxury boat manufacturer offering premium cruising and sport boats designed for performance, style, and comfort. The website reflects a mature digital presence built on Adobe Experience Manager, featuring rich content, clear navigation, and comprehensive privacy and cookie policies. The technical infrastructure leverages modern Adobe marketing and content delivery technologies, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS domain registration data is a notable gap, potentially due to privacy protection or querying limitations, but the website's professionalism supports its legitimacy. Overall, Sea Ray's digital presence aligns with its market position as a premium boating brand.

U

Uttern

uttern.com

60

Uttern is a Nordic boat manufacturer specializing in a range of boat models including cruisers, bowriders, center consoles, and weekenders. The company targets boating enthusiasts and buyers primarily in Nordic countries and international markets. Their business model focuses on manufacturing and selling boats through a dealer network, supported by digital tools such as product configurators. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses modern JavaScript libraries and marketing tools, including Google Tag Manager, Marketo, and Piwik PRO, indicating a mature digital marketing infrastructure. Security posture is solid with HTTPS enforcement and security headers, though the absence of a published security policy and incident response information suggests room for improvement. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies and consent mechanisms. However, the lack of WHOIS data raises concerns about domain registration legitimacy, which should be verified externally. Overall, the site is professional and trustworthy but would benefit from enhanced transparency in security and contact information.

TSS Group is a well-established wholesale distributor specializing in vehicle security systems and accessories, operating since 2002 with a strong presence across more than 30 countries in Europe and worldwide. The company offers a broad portfolio of products including car alarms, GPS locators, immobilizers, parking sensors, and car care products under various reputable brands. Their website reflects a professional and consistent brand image, targeting installers, dealers, and distributors in the vehicle security sector. Technically, the website is built on the BUXUS CMS platform, utilizing modern web technologies such as jQuery, RequireJS, and Google Tag Manager for analytics. The site is mobile-optimized with good SEO and accessibility features, although some improvements in security headers and SSL configuration could enhance the security posture. Privacy and cookie policies are present and indicate GDPR compliance, with a clear cookie consent mechanism. From a security perspective, the site uses HTTPS and implements basic privacy controls but lacks explicit security policy documentation and incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data is due to EURid privacy restrictions, which is common for European domains, and does not detract from the site's legitimacy. Overall, the website presents a low-risk profile with a solid business credibility and a good technical foundation. Strategic recommendations include enhancing security headers, publishing detailed security policies, and improving transparency around incident response to further strengthen trust and compliance.

M

Marina Dock

marinadock.cz

60

Marina Dock is a specialized Czech company focused on the sale and servicing of luxury boats, motors, and water scooters. Established in 2014, it operates primarily in the Czech Republic, offering a comprehensive range of products and services including new and used boats, full-year servicing, captain certification courses, boat storage, and financing. The company positions itself as a trusted family-run business with exclusive partnerships with leading marine brands, catering to boating enthusiasts seeking quality and reliability. Technically, the website is built on WordPress with WooCommerce for e-commerce functionality, enhanced by modern JavaScript libraries such as Swiper.js and jQuery. SEO is managed via Rank Math, and the site is hosted likely on a Czech hosting provider (Websupport). The site demonstrates good mobile optimization and moderate performance, with structured data implemented for enhanced search visibility. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks some advanced security headers and explicit incident response or security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, Marina Dock presents a professional and trustworthy online presence with solid business and technical foundations. Strategic improvements in security headers, cookie consent, and incident response disclosures would further strengthen its security posture and compliance.

H

Hauer

hauer-gmbh.de

59

Hauer is a German-based company specializing in the supply and distribution of elevator spare parts across Germany and Europe. Their website offers a catalog of over 15,000 parts from more than 50 manufacturers, targeting businesses and individuals in the elevator maintenance and repair sector. The company positions itself as a reliable supplier with fast delivery across multiple European countries. Technically, the website is built on WordPress using the Avada theme and incorporates SEO best practices via the Yoast SEO plugin. The site is moderately optimized for performance and mobile devices, providing a good user experience. However, there is a lack of visible privacy and cookie policies, and no explicit contact information was found in the provided content. Security posture is minimal with no detected security headers or incident response information, indicating room for improvement in compliance and security maturity. Overall, the website is functional and professional but would benefit from enhanced security and privacy measures to improve trust and compliance.

S

S&G (implied from logo alt text and domain)

sug.de

49

S&G operates as a regional automotive dealership in Germany, specializing in new and used vehicles from brands such as Mercedes, AMG, smart, Hyundai, and FUSO. The company offers a comprehensive range of services including vehicle sales, maintenance, parts, accessories, and rental options. The website reflects a professional and accessible digital presence, leveraging TYPO3 CMS and integrating advanced accessibility tools to support users with disabilities. Marketing and analytics are managed through Google Tag Manager, Facebook Pixel, and Usercentrics consent management, indicating a mature approach to user data and privacy compliance. However, explicit privacy policies and terms of service are not directly found in the provided content, which could be improved for transparency. The WHOIS data aligns with the website's regional focus and hosting provider, supporting the legitimacy of the domain. Overall, the website demonstrates good technical implementation, accessibility, and marketing integration, positioning S&G as a credible player in the automotive retail sector.

ONI system operates a vehicle monitoring and fleet management platform accessible via web and mobile applications. The service targets vehicle owners, fleet managers, partners, and dealers, offering functionalities such as vehicle tracking, controlling access, and demo testing without hardware installation. The website is functional and provides login portals for different user types but lacks visible contact or compliance information. Technically, the site uses standard web technologies including HTML, CSS, JavaScript, and integrates Google Analytics and Lead Forensics for tracking. However, security headers are absent, and no privacy or cookie policies are presented, indicating gaps in compliance and security best practices. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is safe and professional in content but requires improvements in transparency, security, and compliance to enhance trust and user confidence.

O

ONI system

onisystem.sk

55

ONI system is a Slovak-based company specializing in GPS tracking and monitoring solutions for vehicles, assets, and persons. With over 30 years of experience and monitoring more than 50,000 objects, the company serves both business and individual customers primarily in Slovakia and the Czech Republic. Their offerings include GPS units, mobile and web applications, and specialized tracking services tailored to various vehicle types and industries. The website is professionally designed, multilingual, and optimized for SEO and mobile use, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and Smart Emailing. Security posture is good with HTTPS enforced and use of reCAPTCHA, though some security headers could be improved. Privacy compliance is evident with GDPR-aligned policies and cookie consent mechanisms. Overall, the site projects a trustworthy and credible business image with clear contact information and social media engagement.

SkodaTour.eu is a multilingual website dedicated to organizing annual meetings and events for Škoda car owners and enthusiasts, primarily coordinated by the Autoklub Škoda in Mladá Boleslav, Czech Republic. The site serves as a community hub for these events, which rotate locations across Europe and emphasize social, technical, and tourist engagement among Škoda fans. The business model focuses on event organization and community building within a niche automotive enthusiast segment. Technically, the website employs older JavaScript libraries such as MooTools and jQuery, with no modern CMS or frameworks detected. The site is hosted by Web4U s.r.o., a Czech hosting provider. Performance and mobile optimization are basic, with limited accessibility and SEO features. No analytics or tracking tools are present, indicating minimal user tracking. From a security perspective, the site lacks visible HTTPS enforcement and security headers, and no privacy or cookie policies are provided, indicating poor privacy compliance. No contact or incident response information is available, limiting transparency and user trust. The site content is safe for general audiences, with no adult or explicit material detected. Overall, the website is functional but basic, with moderate trustworthiness due to consistent regional hosting and content alignment. However, significant improvements are needed in security, privacy compliance, and contact transparency to enhance user trust and regulatory adherence.