Security Directory

BMW BKK is a health insurance provider affiliated with BMW AG, offering comprehensive health coverage and services primarily targeting BMW employees and their families in Germany. The website presents a professional and consistent brand image with detailed service offerings including preventive health programs, exclusive benefits, and digital services. The technical infrastructure is modern, leveraging Adobe Experience Manager CMS and performance optimization tools, ensuring a good user experience across devices. Security posture is strong with HTTPS and secure script loading, though explicit security headers and visible privacy policies are lacking. Overall, the site is trustworthy and well-positioned in its niche market.

B

BRANDUNG

brandung.de

59

BRANDUNG is a digital agency based in Cologne and Berlin, Germany, specializing in smart e-commerce solutions, innovative online experiences, sustainable online marketing, and AI services. The company targets businesses seeking digital transformation and marketing expertise in the German market. The website is professionally designed using modern web technologies such as Next.js and React, with content management likely powered by Storyblok. The site demonstrates good mobile optimization and SEO practices, with a clear focus on user experience and branding consistency. From a technical perspective, the website employs HTTPS and integrates consent management through Usercentrics, reflecting GDPR compliance efforts. Google Tag Manager is used for analytics and tracking, indicating moderate user tracking. However, the site lacks explicit privacy policy, terms of service, and security policy pages, which are critical for full compliance and user trust. No contact emails or phone numbers were found in the analyzed content, limiting direct communication channels. Security posture is moderate with HTTPS enforced and consent management in place, but the absence of security headers and vulnerability disclosure mechanisms suggests room for improvement. No WAF or blocking mechanisms were detected, allowing full content accessibility. The domain WHOIS data shows agency-related nameservers consistent with the business location, but lacks detailed registrant information, slightly reducing trustworthiness. Overall, BRANDUNG presents as a credible and professional digital agency with a solid technical foundation but would benefit from enhanced transparency in privacy, security policies, and contact information to improve compliance and user trust.

G

Gasp!

gasp.agency

67

Gasp! is a small, award-winning marketing and communications agency based in Reading, Berkshire near London. The company focuses on brand and strategy-first marketing services, targeting businesses seeking creative and media-neutral marketing solutions. The website reflects a professional and consistent brand image with clear service offerings and a focus on creativity and strategy. Technically, the site uses modern web technologies including Cookiebot for cookie consent management, Google Tag Manager, and LinkedIn Insight Tag for analytics and marketing. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is moderate with HTTPS in use and cookie consent implemented, but lacks explicit security headers and published privacy or security policies. WHOIS data is privacy protected, which is typical for this business type, but limits transparency. Overall, the website is safe, professional, and trustworthy with room for improvement in privacy disclosures and security best practices.

T

takealookatyour.site

takealookatyour.site

39

The website takealookatyour.site currently serves as a placeholder page with minimal content indicating that something will be constructed in the future. There is no business description, contact information, or policies provided, which limits the ability to assess the business operations or market positioning. The domain is newly registered in January 2024 via Namecheap and shows no privacy protection, which aligns with the early stage of the website. Technically, the site uses basic HTML5 and CSS3 with Google Fonts and is hosted on Namecheap infrastructure. It supports HTTPS but lacks advanced security headers and DNSSEC, indicating room for improvement in security posture. No analytics, tracking, or advertising technologies are present, and the site does not collect user data or provide forms. Overall, the website is in an initial development phase with low content and business credibility.

E

Evangelisch-lutherische Landeskirche Hannovers

landeskirche-hannovers.de

54

The Evangelisch-lutherische Landeskirche Hannovers website serves as the official digital presence of the regional Evangelical Lutheran Church in Hannover, Germany. It provides comprehensive information about church administration, community services, religious ceremonies, and social support programs. The site targets church members, affiliates, and the general public interested in the church's activities. The organization holds a significant position as a large non-profit religious entity within its region. Technically, the website employs modern web technologies including Font Awesome 7 for icons, Matomo for privacy-conscious analytics, and Turbo (Hotwire) for enhanced user experience. The site is mobile-optimized, accessible, and well-structured, reflecting a mature digital infrastructure. Performance is moderate with good SEO and accessibility practices. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and integrates security headers, contributing to a strong security posture. However, it lacks an explicit cookie consent mechanism and published security or incident response policies, which are areas for improvement to enhance compliance and transparency. Overall, the website is trustworthy, professionally maintained, and aligned with the organization's mission. Strategic recommendations include implementing cookie consent, publishing security policies, and adding vulnerability disclosure information to further strengthen compliance and user trust.

S

STILLE erLEBEN

stilleerleben.de

43

STILLE erLEBEN is a small hospitality business operating evangelical guesthouses in Bavaria, Germany, focused on providing quiet and spiritual retreat experiences. The website is built on Drupal 10 with Bootstrap and jQuery, offering a moderate level of technical maturity with good mobile optimization and basic SEO features. The content is well-structured and relevant to its target audience seeking tranquility and spiritual rest. From a security perspective, the website uses HTTPS and has no visible vulnerabilities or exposed sensitive data. However, it lacks important security headers and does not provide a security policy or incident response contact information. Privacy compliance is partially met with a privacy policy page present, but no cookie consent mechanism is implemented. Business credibility is moderate due to the absence of explicit contact details and trust indicators. Overall, the website is functional and professional but could improve its security posture and privacy compliance to enhance trustworthiness and regulatory adherence.

E

Evangelisch-Lutherische Kirche in Bayern (ELKB)

uebernachtungshaeuser-elkb.de

44

The website www.uebernachtungshaeuser-elkb.de serves as an informational portal for the Evangelisch-Lutherische Kirche in Bayern's network of group accommodations. It targets church groups, youth groups, families, and seminar attendees seeking lodging in scenic Bavarian locations. The site offers detailed descriptions of various types of houses, including self-catering and fully serviced options, and promotes community and spiritual experiences. Technically, the site is built on Drupal 10, uses Bootstrap for responsive design, and integrates Matomo analytics with privacy-conscious settings. The Klaro consent manager ensures GDPR-compliant cookie handling. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though explicit security headers and policies are absent. No contact emails or phone numbers are directly published, relying on a contact form instead. Overall, the site is professional, trustworthy, and well-suited for its non-profit church audience.

E

Evangelisch-Lutherische Kirche in Bayern

motorrad-evangelisch.de

10

Motorrad-Evangelisch.de is a niche community website operated under the Evangelisch-Lutherische Kirche in Bayern, targeting motorcycle enthusiasts interested in evangelical Christian faith and community events in Bavaria and neighboring regions. The site offers event listings, spiritual gatherings, regional contacts, and multimedia content to engage its audience. Technically, the site is built on Drupal 10, leveraging modern web technologies and includes GDPR-compliant privacy and cookie consent mechanisms. Hosting is provided by kunde24.de, a professional hosting provider. Security posture is solid with HTTPS enforced and cookie consent implemented, though some HTTP security headers could be improved. Contact information is clearly presented with church-affiliated emails and phone numbers, enhancing trust and credibility. Overall, the website is well-structured, accessible, and professionally maintained, serving its community effectively.

S

Soli deo gloria - Gott allein sei Ehre

solideo.de

10

Soli deo gloria is a non-profit initiative focused on Evangelical church music in Bavaria, Germany. The website provides information about church music professions, events, instruments, and associations, targeting church musicians and members of the Evangelical Lutheran Church. The platform is niche and regionally focused, serving as a cultural and religious resource. Technically, the site is built on Drupal 10 with Bootstrap components, hosted on German servers, and optimized for mobile devices with good navigation and content quality. Security posture is moderate with HTTPS usage but lacks explicit security headers and incident response policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy, professionally presented, and safe for general audiences.

E

Evangelische Kirche in Bayern (ELKB) implied

offene-kirchen-bayern.de

10

The website offene-kirchen-bayern.de serves as an informational portal for open evangelical churches in Bavaria, Germany. It is affiliated with the Evangelische Kirche in Bayern (ELKB) and provides visitors with details about churches open on weekdays, special church types, and related tourism information. The site targets the general public interested in religious and cultural visits. Technically, it is built on Drupal 10 with modern libraries such as Leaflet.js for interactive maps and Bootstrap for responsive design. The site demonstrates good content quality, clear navigation, and consistent branding aligned with ELKB. Security posture is moderate, with HTTPS usage implied but lacking explicit security headers and cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected. Overall, the site is trustworthy and professionally maintained, though improvements in privacy compliance and security headers are recommended.

B

Bergspiritualität: Endlich Pilgern

bergspiritualitaet.com

10

The website bergspiritualitaet.de is a German-language platform dedicated to spiritual mountain experiences, including retreats, pilgrimages, and mountain masses. It targets a broad audience interested in spirituality and nature, offering educational courses and community events. The site is built on TYPO3 CMS with a moderate technical infrastructure, incorporating common JavaScript libraries and a cookie consent mechanism. Security posture is adequate with HTTPS enforced, but lacks explicit security headers and incident response information. Privacy compliance is good with a clear privacy policy and cookie consent. Business credibility is moderate due to limited explicit company or contact information. Overall, the site is professionally presented with consistent branding and relevant content for its niche.

E

Evangelisch-Lutherische Kirche in Bayern (ELKB) implied

berggottesdienste.de

10

Berggottesdienste.de is a niche non-profit website affiliated with the Evangelical Lutheran Church in Bavaria, providing information and promotion of outdoor mountain church services across various Bavarian regions. The site targets churchgoers and visitors interested in religious events in nature, offering a searchable database and links to related church tourism resources. Technically, the website is built on Drupal 10 with Bootstrap, hosted via kunde24.de, and demonstrates good mobile optimization and navigation clarity. Security posture is solid with HTTPS enforced, though lacking advanced security headers and explicit incident response policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy, safe, and professionally presented, serving its community-focused mission effectively.

B

Brunner Medien AG

bag.ch

61

Brunner Medien AG is a well-established Swiss media company specializing in personalized and automated communication solutions, including marketing automation, graphic design, print on demand, logistics, and publishing. Positioned as the largest printing company in the canton of Lucerne, it offers a comprehensive suite of services to businesses and organizations seeking integrated media and publishing solutions. The website reflects a mature digital presence with a professional design, clear navigation, and active content updates. Technically, the site leverages Pimcore CMS and integrates multiple modern analytics and marketing tools, demonstrating digital maturity. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and explicit policies could be improved. Privacy compliance is strong with dedicated GDPR and cookie policy pages and consent mechanisms. Overall, the site projects high trustworthiness and professionalism.

M

Musiknetz Kloten

musiknetz-kloten.ch

9

Musiknetz Kloten is a local community network in Switzerland that unites over twenty music clubs and organizations alongside the Musikschule Region Flughafen to promote music education, cultural events, and social engagement in Kloten. The website serves as an informational portal highlighting events, projects like 'Concerts of Nations', and member organizations. The business model is non-profit and community-focused, targeting local residents interested in music and cultural activities. Technically, the website is built on Joomla CMS using standard web technologies including jQuery, WebComponents, and FontAwesome. It employs HTTPS with a good SSL configuration and basic obfuscation of email addresses to reduce spam. The site is moderately optimized for mobile and has a clear navigation structure, though accessibility features are basic. No advanced analytics or advertising tools are detected, indicating a privacy-conscious approach. From a security perspective, the site benefits from HTTPS and CSRF token usage but lacks important security headers and formal security policies. There is no cookie consent mechanism, and no incident response or vulnerability disclosure information is provided. These gaps suggest room for improvement in compliance and security posture. Overall, the website is trustworthy and professional for its community purpose but would benefit from enhanced security practices, privacy compliance improvements, and formal policy disclosures to strengthen user trust and regulatory adherence.

M

Mario Fehr

mariofehr.ch

49

The website mariofehr.ch serves as the official online presence of Mario Fehr, a government official and Regierungsrat of the Canton of Zurich, Switzerland. It provides political information, updates, and personal engagement content targeted primarily at the citizens of Zurich. The site is built on Joomla CMS and incorporates modern web technologies including jQuery and Google Analytics for visitor tracking. The design is professional, mobile-optimized, and accessible, supporting a positive user experience. Security posture is solid with HTTPS enforced and CSRF tokens present, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is partial, with a privacy policy page present but no visible cookie consent mechanism. Overall, the site is trustworthy and well-aligned with its governmental purpose.

P

Pfaller & Söhne AG

pfaller.ch

31

Pfaller & Söhne AG is a well-established Swiss company specializing in painting, wallpapering, flooring, plastering, and mold remediation services primarily serving the Zurich region since 1974. The company emphasizes craftsmanship, experience, and customer service, targeting residential and commercial property owners and managers. Their website reflects a professional local business with clear service offerings and contact information. Technically, the site is built on Joomla CMS with modern JavaScript libraries and integrates Google Analytics and Google Ads for marketing and tracking. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

V

Verein Szene Kloten

szenekloten.ch

46

Verein Szene Kloten is a local non-profit cultural association based in Kloten, Switzerland, organizing concerts, theater, art exhibitions, readings, multimedia shows, and managing the local museum. Supported by the city of Kloten, the Canton of Zurich's cultural office, sponsors, and members, it serves a community-oriented audience interested in cultural events. The website reflects a well-structured, content-rich platform with clear navigation and consistent branding, targeting local residents and culture enthusiasts. Technically, the site runs on Joomla CMS with modern libraries like jQuery and Google Tag Manager for analytics, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS and CSRF protections, but lacks explicit cookie consent and published security policies. Overall, the site is trustworthy and professionally maintained, though improvements in privacy compliance and security transparency are recommended.

R

Riiterstübli Waldhof

riiterstuebli.ch

46

Riiterstübli Waldhof is a small hospitality business located in Winkel, Switzerland, specializing in traditional home-style cuisine with a focus on fresh, bio ingredients. The restaurant offers daily lunch and dinner menus, room rental for private events, and seasonal outdoor grilling in a garden pergola. The website is built on Joomla CMS and integrates Google Analytics for visitor tracking. The design is professional and mobile-optimized, providing a good user experience with clear navigation and consistent branding. Contact information and legal disclaimers are clearly presented, enhancing business credibility. However, the site lacks a dedicated cookie consent mechanism and formal security or incident response policies, which are areas for improvement.

R

Ralf Eggenberger

ralfing.ch

57

Ralf Eggenberger operates a specialized complementary therapy practice focusing on Strukturelle Integration (Rolfing) in Zürich and Baden, Switzerland. The business targets individuals seeking holistic bodywork to improve physical and psychological well-being through manual therapy techniques. The website presents a professional image with clear service descriptions, contact information, and social media presence, positioning the practice as a trusted local provider in the healthcare sector. Technically, the site is built on Joomla CMS with modern JavaScript libraries and integrates Google Analytics 4 and Google Tag Manager for analytics and marketing. A comprehensive cookie consent mechanism ensures GDPR compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and incident response information are absent. Overall, the site is well-structured, user-friendly, and trustworthy, supporting the business's credibility and client engagement.

R

Rüffert Werbung GmbH

rueffert.de

52

Rüffert Werbung GmbH is a small German manufacturer and installer specializing in high-quality advertising technology and outdoor advertising solutions. Their offerings include illuminated advertising pylons, light advertising, LED letters, advertising towers, and building lighting, serving a broad range of business customers from single enterprises to large chains. The company emphasizes comprehensive service from planning through installation, ensuring product quality and customer satisfaction. Technically, the website employs modern web technologies including jQuery and Siema slider, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and cookie consent mechanisms are absent. Overall, the site reflects a professional and trustworthy business with active customer engagement and social media presence.

The website avt.li is currently inaccessible due to a 403 Forbidden error, indicating that access to the resource is denied. This prevents any meaningful analysis of the website's content, business model, or services. The server is running Apache 2.4.41 on Ubuntu, but no metadata, forms, or external links are available for review. The lack of accessible content and absence of privacy, cookie, or terms of service policies significantly limit the ability to assess compliance or security posture. The domain's WHOIS data is privacy protected, which reduces transparency and trustworthiness. Overall, the website appears to be either restricted intentionally or misconfigured, resulting in a poor user experience and low trust indicators.

P

Home | Play'n GO

playngo.com

64

The website www.playngo.com appears to be built using the Wix platform, incorporating standard Wix scripts and Google Analytics for tracking. However, the domain WHOIS data is not publicly available, indicating either the domain is unregistered, privacy protected, or the WHOIS query failed. The website content is minimal with no visible privacy policy, cookie policy, terms of service, or contact information, which limits trust and compliance assessment. Technically, the site uses modern web technologies but lacks visible security headers and comprehensive SEO or accessibility features. Overall, the security posture is moderate due to HTTPS usage and some cookie handling mechanisms, but the absence of critical policies and registrant data reduces confidence. Strategic recommendations include improving transparency with privacy and contact information, enhancing security headers, and verifying domain registration details.

N

NetEnt AB (publ)

netent.com

71

NetEnt AB (publ) is a leading technology provider specializing in digitally distributed gaming systems for the online gaming industry. With over 20 years of experience, the company offers a comprehensive suite of gaming solutions including games, pooled jackpots, branded games, and back-office services. Their target audience primarily consists of online gaming operators seeking premium gaming content and services. NetEnt holds multiple licenses from reputable regulatory bodies such as the UK Gambling Commission and Malta Gaming Authority, underscoring their commitment to compliance and responsible gaming. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Modernizr, and Owl Carousel. It demonstrates excellent mobile optimization, fast performance, and good SEO practices. The site employs HTTPS with strong SSL configuration and integrates analytics tools like Google Analytics and Facebook Pixel for user tracking and marketing insights. A cookie consent mechanism is present, supporting privacy compliance. From a security perspective, the site follows best practices such as HTTPS enforcement, use of reCAPTCHA, and cookie consent banners. However, it lacks explicit security policy documentation and incident response contact details, which are recommended for enhanced transparency and readiness. No critical vulnerabilities or exposed sensitive data were detected in the analysis. Overall, NetEnt's website reflects a mature, professional, and trustworthy online presence aligned with its market position as a premium gaming technology supplier. The absence of WHOIS data is noted but likely due to registrar query limitations rather than suspicious activity. Strategic recommendations include publishing a dedicated security policy, providing incident response contacts, and enhancing security headers to further strengthen the security posture.

E

Evolution AB (publ)

evolution.com

64

Evolution AB (publ) is a leading enterprise specializing in providing B2B online casino technology solutions, including live casino, game shows, slots, and other gaming products. The company holds multiple industry licenses and certifications, positioning itself as a market leader in the online gaming technology sector. Their website reflects a mature digital presence with comprehensive content targeting casino operators and gaming businesses globally. The technical infrastructure is built on WordPress with modern frameworks and plugins, ensuring good performance, mobile optimization, and SEO compliance. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit security policies could be enhanced. The absence of WHOIS data for the domain is a notable anomaly but does not detract significantly from the overall legitimacy given the company's market presence and certifications. Strategic recommendations include improving security header implementation, publishing security policies, and adding vulnerability disclosure channels to further strengthen trust and compliance.

S

SOFTSWISS

softswiss.com

66

SOFTSWISS is a well-established B2B iGaming software provider specializing in online casino and sportsbook solutions. The company offers a comprehensive suite of products including game aggregation, sportsbook platforms, affiliate tracking, jackpot management, and managed services. With over 15 years of industry experience and a large employee base, SOFTSWISS holds a strong market position, particularly in crypto gambling. Their website reflects a professional and modern digital presence with extensive content, multiple language support, and active engagement through news and knowledge base resources. Technically, the site is built on WordPress with modern SEO and analytics tools, ensuring good performance and accessibility. Security posture is strong, supported by ISO 27001 certification, GLI certifications, and an MGA license, although explicit incident response contacts and cookie consent mechanisms could be improved. Overall, the website and business demonstrate high professionalism and trustworthiness, suitable for their target B2B audience.

B

Billionairespin Official Site ᐉ Billionairespin Casino Login

billionairespin.com

59

The website 52billionairespin51.com operates as an online casino platform branded as Billionairespin, offering a variety of casino games including slots, live casino, and instant win games. The platform targets adult users interested in online gambling and provides bonuses and promotions to attract players. The site features games from well-known providers such as Evolution, Pragmatic, Novomatic, and Playson, indicating a broad game portfolio. The domain is relatively new, registered in 2025, which aligns with a startup or recently launched online casino business. From a technical perspective, the website uses modern web technologies including Vue.js, Google Fonts, and Cloudflare DNS services. The site appears to be mobile-optimized with good design quality and user experience. However, SEO optimization is limited, and accessibility features are basic. The site uses Google Tag Manager for analytics and marketing purposes, indicating some level of digital maturity. Security posture shows room for improvement. While the domain status clientTransferProhibited and use of Cloudflare DNS are positive indicators, the absence of DNSSEC, lack of security headers, and missing privacy and cookie policies are notable gaps. No contact information or incident response channels are provided, which reduces transparency and trust. The site is served over HTTPS (implied by canonical URL), but SSL configuration details are not visible. Overall, the security score is moderate but could be enhanced by implementing best practices. The website content is gambling-related, intended strictly for adults, and no adult explicit content beyond gambling is detected. The lack of privacy and cookie policies and terms of service is a compliance risk, especially under GDPR and other data protection regulations. The domain WHOIS data shows an unusual future creation date, which may be a data anomaly but warrants attention. No registrant details are publicly available, which is common but reduces trust. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, adding security headers, publishing terms of service, and providing clear contact and incident response information. Enhancing SEO and accessibility would improve user reach and compliance. Overall, the site is functional and professionally designed but requires improvements in security and compliance to increase trust and reduce risk.

P

profihost

de-nserver.de

71

profihost is a German technology company specializing in managed hosting, cloud services, and IT infrastructure solutions tailored for businesses, especially in e-commerce. Their website presents a professional and comprehensive portfolio of services including managed servers, security solutions, performance optimization, and specialized hosting for platforms like Shopware and Magento. The company targets business customers seeking reliable and scalable hosting and IT services. Technically, the website is well-structured, mobile-optimized, and uses modern technologies such as Google Tag Manager and consent management tools to ensure compliance and analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response contacts are not evident. The absence of WHOIS data raises some concerns about domain registration transparency, but the overall website professionalism and content quality suggest a legitimate and established business. Strategic recommendations include enhancing security headers, publishing a security policy, and verifying domain registration details for trust enhancement.

B

Blechexpo Internationale Fachmesse für Blechbearbeitung

blechexpo-messe.de

55

Blechexpo is a leading international trade fair specializing in sheet metal processing and related joining technologies, held in Stuttgart, Germany. The website serves as a professional platform to provide information about upcoming events, exhibitor details, and industry news. It targets professionals and companies within the manufacturing sector, particularly those involved in cold forming, cutting, joining, and related technologies. The business model revolves around organizing and hosting trade fairs that facilitate industry networking and innovation showcasing. Technically, the website is built on WordPress with a modern tech stack including jQuery, WP Rocket for performance optimization, Borlabs Cookie for consent management, and WPML for multilingual support. The site demonstrates excellent mobile optimization, SEO practices, and fast performance, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. However, it lacks explicit published privacy policies, terms of service, and security incident response information, which are important for compliance and trust. No critical vulnerabilities or WAF blocking were detected, and no sensitive data exposure was found. Overall, the website is professional, trustworthy, and well-maintained, but could improve privacy and security transparency by publishing relevant policies and contact points. Strategic recommendations include adding privacy and terms pages, publishing security policies, and enhancing security headers to further strengthen trust and compliance.

B

Buth Maschinen + Technik GmbH & Co. KG

baisonlaser.de

55

Baison Laser Europa, operated by Buth Maschinen + Technik GmbH & Co. KG, is a specialized distributor of fiber laser cutting machines for metal processing in Europe. The company offers a range of high-performance laser cutting and welding equipment targeting industrial manufacturing sectors. Their market position is that of an official distributor with a focus on precision, efficiency, and automation in metal cutting technologies. The website reflects a professional and consistent brand image with clear product offerings and calls to action such as live and online demos. Technically, the site is built on the Webflow CMS platform, utilizing modern web technologies including Google Fonts, jQuery, and Usercentrics for GDPR-compliant cookie management. Performance and mobile optimization are good, though accessibility features are basic. Security posture is solid with HTTPS enforced and bot protection via Google reCAPTCHA, but lacks advanced security headers and published security policies. Overall, the site is trustworthy and safe with no adult or questionable content detected. WHOIS data is partially consistent with the business claims but lacks detailed registrant information. The domain appears legitimate with no privacy protection or suspicious patterns. Recommendations include enhancing security headers, publishing explicit security and incident response policies, and adding vulnerability disclosure information to improve trust and compliance.

F

Fräser24

fraeser24.shop

65

Fräser24 is a German-based small e-commerce business specializing in milling and engraving tools and accessories. The website offers product categories such as Fräsen (milling), Gravieren (engraving), and Zubehör (accessories). Although the site is currently under construction, it provides basic navigation and contact options including a phone hotline and contact form. The business targets manufacturing professionals and hobbyists requiring specialized tools. Technically, the site is built on the Shopware platform with a ThemeWare theme, featuring responsive design and basic SEO elements. Security posture is moderate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and advanced security headers. Privacy compliance is good with a cookie consent mechanism and privacy policy present. Overall, the website is functional but could improve in security and content depth to enhance trust and user experience.

B

Buth Graviersysteme GmbH & Co. KG

bg-cam.de

53

Buth Graviersysteme GmbH & Co. KG operates the BG-CAM website, specializing in the manufacture and sale of high-precision portal milling machines tailored to customer requirements. The company targets manufacturing workshops and industrial clients needing robust, vibration-free milling solutions with advanced CNC control. The website demonstrates a strong market position within a niche manufacturing segment, offering detailed product specifications, configurators, and comprehensive customer support channels. Technically, the site is built on the Webflow platform with modern web technologies, delivering good performance and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, reflecting a small but credible German manufacturing business.

Q

queo

queo.de

58

queo is a German technology company founded in 2004 specializing in agency business and software development. With over 180 employees across six locations, it operates multiple group brands including queo valueTec, queonext, intolight, Procunia, Social Web macht Schule, and admoderate. The company targets business clients seeking integrated communication, technology, and software solutions. The website is professionally designed, well-structured, and optimized for mobile, reflecting a mature digital presence. The technical infrastructure is based on the Neos CMS and Flow PHP framework, utilizing modern JavaScript libraries and analytics tools such as Matomo and Facebook Pixel. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, alongside references to TISAX certification indicating adherence to automotive industry security standards. However, explicit security headers and incident response contacts are not evident, suggesting areas for improvement. Overall, queo presents a credible and trustworthy business with a good balance of technical sophistication and compliance.

Z

zur Mühlen Gruppe

zurmuehlengruppe.de

38

The zur Mühlen Gruppe is a large German manufacturing company specializing in the production and distribution of meat and sausage products. With approximately 4,000 employees across 12 locations, the company produces over 2 billion consumer packages annually and holds multiple prestigious awards such as 'Marke des Jahrhunderts' and 'Top Marke 2020'. Their business model focuses on high-quality food production, supported by rigorous quality assurance processes including 50,000 laboratory tests annually. The company also operates internationally through its subsidiary zur Mühlen International (ZMI), marketing products in over 40 countries. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries like jQuery and Swiper.js for interactive content. The site demonstrates good mobile optimization, clear navigation, and professional design, although some accessibility features are basic. Performance is moderate, with no critical errors or broken elements detected. However, there is no visible cookie consent mechanism, and security headers are not explicitly present in the provided data. From a security perspective, the site uses HTTPS as indicated by canonical URLs, but lacks explicit security headers and incident response information. No forms or contact emails are visible on the main page, limiting direct user communication channels. There is no security.txt or vulnerability disclosure policy found. Overall, the security posture is moderate but could be improved by implementing standard security headers, cookie consent, and incident response contacts. The overall risk assessment is low to moderate. The site is legitimate, professionally maintained, and focused on a well-established business sector. Strategic recommendations include enhancing privacy compliance with cookie consent, adding security headers, publishing incident response policies, and improving contact information visibility to strengthen trust and security culture.