Energy security reports

A

A & B Engineering

abeng.co.uk

66

A & B Engineering is a privately owned mechanical and electrical engineering company based in the Northwest UK, with annual sales around £60 million. They provide comprehensive M&E/MEP services across multiple sectors including healthcare, education, residential, commercial, retail, hospitality, industrial, and public sector projects. The company emphasizes quality, sustainability, and safety, holding BIM Level 2 accreditation and recognized by regional construction awards. Their website reflects a mature digital presence with modern technologies and a professional design. Technically, the site uses jQuery, FontAwesome, and cloud-based CDN hosting, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are absent. WHOIS data is unavailable due to domain registration issues, but the website content and business information indicate legitimacy. Overall, the company demonstrates a strong market position and credible online presence.

Cambridge Insitu Pressuremeter Testing is a specialized service provider offering insitu pressuremeter testing with over 50 years of experience across mining, tunnelling, offshore, and civil engineering sectors. The company positions itself as a world-leading international full-service provider, targeting engineering and construction professionals. The website is built on the Squarespace platform, leveraging modern web technologies including Google Analytics and Google Maps API, indicating a moderate level of digital maturity. The site is well-designed, mobile-optimized, and provides clear navigation, although it lacks explicit privacy and terms of service documentation. Security posture is strong with HTTPS and HSTS enabled, but the absence of WHOIS registration data raises concerns about domain legitimacy. Overall, the website is professional and business-focused but would benefit from enhanced transparency and compliance documentation.

S

Springvale EPS Ltd.

springvale.com

47

Springvale EPS Ltd. is a UK-based company specializing in sustainable insulation solutions for floors, walls, and roofs. With a domain registered since 1996, the company demonstrates a long-standing presence in the energy and construction sector. Their website showcases a range of products including Floorshield, Beamshield, Groundshield, Ecobead, Roofshield, Hydroshield, and Warmsqueez / Warmsark, targeting construction professionals and contractors seeking eco-friendly insulation options. The business model is primarily B2B, focusing on manufacturing and supplying insulation materials with technical support and downloadable resources.

N

Nationwide Heating & Cooling

nationwidehc.co.uk

54

Nationwide Heating & Cooling Ltd is a UK-based HVAC contractor specializing in heating, ventilation, refrigeration, and air conditioning engineering services for commercial and industrial sectors nationwide. The company positions itself as a leading service provider in the HVAC industry with a focus on quality and nationwide coverage. The website is professionally designed using the Wix platform, featuring structured data for local business identification and standard SEO metadata. However, the domain registration appears problematic as WHOIS queries fail due to domain naming rules violations, raising concerns about domain legitimacy despite the professional web presence. Technically, the site uses modern web technologies and is mobile optimized but lacks advanced security headers and privacy compliance mechanisms. Security posture is moderate with HTTPS enforced but missing explicit security policies and incident response contacts. Overall, the site is functional and informative but requires improvements in privacy, security disclosures, and domain registration legitimacy to enhance trust and compliance.

Ocean Partners is a well-established commodity supply chain company founded in 2001, specializing in trading, warehousing, blending, agency, consulting, and structured finance services for metals and minerals. The company operates globally with offices in the UK, USA, Mexico, Peru, and Chile, targeting miners, smelters, refiners, and metal consumers. Their market position is that of a specialized, analytical, and creative partner in commodity supply chains, offering bespoke solutions to long-term clients. Technically, the website is built on WordPress with modern front-end technologies such as jQuery and Typekit fonts. The site is mobile optimized, accessible, and SEO friendly with structured data markup. Performance is moderate, and the site is well-branded and professionally designed. From a security perspective, the site uses HTTPS with a valid SSL configuration and domain transfer protection. However, it lacks DNSSEC, explicit security headers, and published security or incident response policies. No cookie consent mechanism was detected, which is a compliance gap given the GDPR relevance. No analytics or tracking scripts were found, indicating minimal user tracking. Overall, the website is professional, trustworthy, and business credible with a strong domain history and consistent WHOIS data. The main risks relate to privacy compliance and security best practices, which can be improved to enhance trust and regulatory adherence.

B

B.Kent Electrical Ltd

bkentelectrical.co.uk

49

B Kent Electrical Ltd is a small UK-based electrical contracting company specializing in domestic, commercial, and industrial electrical services. Their market position is that of a local specialist serving Leighton Buzzard, Milton Keynes, Bedford, and surrounding areas. Key services include electrical contracting, testing and inspecting, lighting solutions, fire and security services, and data solutions. The website presents basic but relevant content with certifications from NIC and CHAS, indicating industry compliance and trustworthiness. Technically, the website is built on Joomla CMS with Bootstrap 5 and jQuery libraries, providing a moderately optimized and mobile-friendly experience. However, the site lacks advanced SEO and accessibility features and does not display any analytics or tracking tools. Security-wise, the site includes a CSRF token but lacks visible security headers and explicit HTTPS enforcement details. No privacy or cookie policies are present, which is a compliance gap. The WHOIS lookup failed due to domain registration issues, indicating the domain name is invalid under Nominet UK rules. This raises concerns about the domain's legitimacy or registration status, although the website content appears professional and legitimate. No WAF or blocking mechanisms were detected, and the site content is fully accessible and safe for general audiences. Overall, the website scores moderately on content quality and technical implementation but scores low on privacy compliance and domain legitimacy. Strategic improvements in security headers, privacy policies, and domain registration verification are recommended to enhance trust and compliance.

E

ELECTRICAL REPAIR

jnelectricalservicesllc.com

51

The website www.jnelectricalservicesllc.com operates as a pay-per-call lead generation platform connecting customers with local independent electricians for residential electrical repair services. It offers services such as outlet repair, lighting fixes, circuit breaker and panel issues, wiring, and fixture installation. The site emphasizes fast, reliable, and affordable service with same-day appointments often available. The business model relies on connecting callers to third-party service providers rather than providing services directly. Technically, the website is built with modern HTML5, CSS (using Tailwind CSS utilities), and JavaScript. It is mobile-optimized and presents a professional design with clear navigation and calls to action. However, no CMS or hosting provider information is evident. The site uses a custom call tracking pixel and JavaScript event tracking but lacks common third-party analytics or marketing tools. From a security perspective, the site enforces HTTPS (implied by URL) but lacks visible security headers such as Content-Security-Policy or HSTS in the provided data. No forms collect sensitive data, reducing attack surface, but privacy and cookie policies are absent, indicating poor privacy compliance. The WHOIS data is unavailable or unregistered, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is functional and professional for its purpose but has gaps in transparency, privacy compliance, and domain registration legitimacy. Strategic improvements in security headers, privacy disclosures, and WHOIS transparency would enhance trust and compliance.

A

Alfred H Knight

ahkgroup.com

55

Alfred H Knight is a well-established company with over 140 years of experience providing independent inspection, analytical, and technical consultancy services to support global trade in commodities such as metals, minerals, solid fuels, and agricultural products. The company positions itself as a trusted partner in the industry, supported by ISO certifications and a professional online presence. The website is built on WordPress and integrates modern technologies and analytics tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly available. The absence of WHOIS data limits domain trust verification but does not detract from the professional business presentation. Overall, the website is secure, privacy compliant, and professionally maintained, serving a business audience effectively.

S

SS Motors (Fuels) Ltd

ss-motors.co.uk

58

SS Motors (Fuels) Ltd is a small, family-owned independent heating oil supplier operating since 1966, serving regions in Lincolnshire, Cambridgeshire, Suffolk, and Norfolk in the UK. The company offers a range of premium fuel products, boiler servicing and repairs, tank and boiler replacement services, and fuel security solutions. Their market position is that of a trusted local supplier with a strong reputation for quality and service. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting domestic and commercial heating oil customers. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, and Google reCAPTCHA for form security. It is mobile responsive and implements cookie consent mechanisms, indicating a reasonable level of digital maturity. However, no CMS or hosting provider details are evident, and some security best practices such as security headers are missing. From a security perspective, the site uses HTTPS and protects forms with reCAPTCHA, but lacks explicit security policies and incident response information. The WHOIS data is unavailable due to a domain naming rules error from Nominet UK, which raises some concerns about domain registration legitimacy. Despite this, the website content and business information appear consistent and trustworthy. Overall, the website scores moderately well in content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic improvements in security headers, incident response transparency, and WHOIS data clarity would enhance trust and compliance.

Bourne to Plumb is a small, locally focused plumbing and heating specialist company operating primarily in Gloucestershire, UK. With over 25 years of experience, the company offers a range of services including boiler installation, bathroom installation, servicing, repairs, and emergency call-outs. They hold recognized certifications such as Gas Safe Register accreditation and Vaillant accreditation, which enhance their market credibility. The website presents a professional image with clear contact details and service descriptions targeting residential and commercial customers in the region. Technically, the website uses a modern tech stack including Bootstrap for responsive design, jQuery, and various JavaScript libraries for UI enhancements and analytics. The site is mobile optimized and offers a good user experience with clear navigation. However, there is no evidence of a CMS or hosting provider information. Performance is moderate, and SEO is basic but adequate for a small business site. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are important for compliance and user trust. The WHOIS lookup for the domain failed due to a naming rules violation error from Nominet UK, which is unusual and reduces domain trustworthiness. No forms or sensitive data exposure were detected, and HTTPS usage is assumed but not confirmed from the data provided. Overall, the website is functional and professional but would benefit from improved privacy compliance, security header implementation, and clarification or correction of domain registration issues to enhance trust and security posture.

Standard Laboratories, Inc is a well-established U.S.-based analytical laboratory specializing in fuel analysis, environmental testing, materials testing, and elemental analysis. With over 75 years of experience, the company serves a diverse industrial clientele, focusing on quality control and consulting services. The website reflects a professional and consistent brand image, highlighting key certifications such as ISO 17025 and partnerships with recognized industry bodies. Technically, the site is built on WordPress using Elementor and Yoast SEO, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced, though improvements can be made by adding security headers and cookie consent mechanisms. The absence of WHOIS data reduces transparency but does not negate the apparent legitimacy of the business. Overall, the site is trustworthy and well-positioned in its market niche.

T

TRAVEX ENERGY GMBH

travex-energy.de

55

Travex Energy operates in the energy sector, likely providing energy-related services or trading solutions. The website is built on WordPress and uses standard web technologies including Google Fonts and JavaScript. The site content is minimal and lacks detailed business or security information, with no visible privacy or cookie policies, contact details, or social media presence. Security posture is basic, with no detected security headers or vulnerability disclosures. WHOIS data indicates a legitimate domain registration consistent with a German business. Overall, the website shows a low to moderate level of digital maturity and security readiness.

C

Conexus

conexus.lv

65

Conexus is a Latvian energy sector company specializing in natural gas transmission and storage services, including management of the Inčukalna underground gas storage facility. The company serves energy market participants and the general public with a focus on infrastructure and market services. The website reflects a medium-sized enterprise with a professional and consistent brand presence. Technically, the site uses modern web technologies such as Bootstrap and jQuery, hosted behind Cloudflare, ensuring good performance and security. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism implemented via Cookiebot. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers could be improved. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

F

First Light Fusion

firstlightfusion.com

53

First Light Fusion is a UK-based company specializing in inertial fusion energy technology, aiming to accelerate the commercialization of clean and limitless fusion power. The company positions itself as a leader in the UK fusion sector with proven technology validated on major research platforms. Their business model focuses on advanced target design and partnership-led development to reduce complexity and power requirements of fusion plants. The website reflects a professional and consistent brand image targeting energy sector stakeholders, scientific communities, and potential partners. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, and integrates analytics tools like Google Analytics and HubSpot. The site is moderately performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is good with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Security evaluation shows no critical vulnerabilities or WAF blocking. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement in security transparency and compliance. Overall, the domain registration data aligns well with the business profile, supporting legitimacy and trustworthiness. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, publishing security and incident response policies, and enhancing security headers to strengthen the security posture and compliance standing.

E

Elektryk

wawaelektryk.pl

44

The website www.wawaelektryk.pl represents a small local electrical services business operating in Warsaw and surrounding areas in Poland. The company offers a range of electrical services including installation, modernization, fault repair, and mounting of electrical components. The site is professionally designed using WordPress with a modern theme and block editor, providing a good user experience and clear navigation. Contact information including phone number and physical address is prominently displayed, enhancing business credibility. However, the absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. Technically, the site uses HTTPS and Google Tag Manager for analytics, but lacks advanced security headers and incident response information. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for small businesses. Overall, the site is secure, professional, and trustworthy with room for improvement in privacy compliance and security best practices.

T

Tata Power

tatapower.com

73

Tata Power is India's largest power and energy company, offering a comprehensive portfolio of energy solutions including renewable energy generation, thermal and hydro power, transmission, distribution, solar rooftop solutions, EV charging infrastructure, and smart home automation. The company holds a strong market position as a diversified energy provider with a focus on sustainability and innovation. The website reflects a mature digital presence built on Adobe Experience Manager, integrating modern analytics and tracking tools such as Google Tag Manager and Microsoft Clarity. Security posture is robust with HTTPS enforcement and multiple security headers, though there is room for improvement in privacy compliance and incident response transparency. The absence of WHOIS data is a notable anomaly but does not detract from the overall legitimacy of the site. Strategic recommendations include enhancing privacy and security disclosures and establishing clearer incident response channels.

S

SIA ENERGOFIRMA “JAUDA”

jauda.com

50

SIA ENERGOFIRMA “JAUDA” is a well-established Latvian company specializing in high-quality solutions in the energy and metal processing sectors. The company offers a range of products including compact transformer substations (KTA), switchboards, metal constructions, and various metal processing services. Positioned as one of the largest electromaterial and equipment manufacturers in the Baltic region, Jauda targets business clients requiring industrial and energy-related equipment and services. The website reflects a professional and modern digital presence with clear navigation, multilingual support, and comprehensive product and service information. Technically, the website is built on WordPress CMS, utilizing modern SEO and analytics tools such as Yoast SEO and Google Analytics, alongside a cookie consent management plugin ensuring GDPR compliance. The site is mobile-optimized, accessible, and performs moderately well. Hosting and domain registration are stable and consistent with the company's long operational history. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements cookie consent mechanisms. However, it lacks advanced security headers and published security policies or incident response contacts, which are recommended for enhanced trust and compliance. No vulnerabilities or suspicious activities were detected in the content or technical setup. Overall, the website demonstrates a high level of professionalism, business credibility, and compliance with privacy regulations. Strategic improvements in security policies and technical security headers would further strengthen the company's digital trustworthiness and resilience.

C

Circle K

circlek.lv

63

Circle K Latvia operates as a prominent fuel and convenience retail provider, offering quality fuel products, food, and beverages to private individuals and businesses. The website demonstrates a mature digital presence with integration of modern marketing and analytics tools such as Google Analytics, Adobe Launch, and Salesforce Pardot. The technical infrastructure is based on Drupal CMS with additional third-party services enhancing user experience and marketing capabilities. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and bot detection, although some security headers could be explicitly confirmed and enhanced. Privacy compliance is well addressed with detailed cookie policies and GDPR-aligned consent management. Overall, the website reflects a professional and trustworthy business with a clear focus on customer convenience and digital engagement.

A

AS Latvenergo

latvenergo.lv

56

AS Latvenergo is a leading Latvian state-owned energy company specializing in electricity and heat production, trading, and natural gas sales. Established in 1939, it holds a significant market position in the Baltic region, serving approximately 896,000 customers. The company emphasizes renewable energy, with 66% of its production from renewable sources, and offers services including energy efficiency and electric vehicle charging. The website reflects a professional corporate presence with clear navigation and comprehensive information about the company and its services. Technically, the website is built on OctoberCMS and employs modern web technologies such as Google Tag Manager, Facebook Pixel, and Usercentrics for cookie consent management. The site is mobile-optimized and demonstrates good SEO practices. Security posture is strong with HTTPS enforced and privacy compliance evident through detailed cookie and privacy policies. However, explicit security policies and incident response contacts are not found, representing an area for improvement. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements. The presence of official contact details, social media links, and consistent branding further enhance credibility. No critical vulnerabilities or suspicious content were detected, indicating a low-risk profile for users and stakeholders.

T

Tilsig AS

tilsig.com

62

Tilsig AS is a Norwegian technology company specializing in decision support solutions for the optimization and operation of hydropower and water resource management. Their offerings include IoT sensor data collection, real-time monitoring dashboards, and installation services, targeting small to large hydropower companies. The company emphasizes 'Made in Norway' quality and provides comprehensive digitalization solutions for waterway monitoring. Technically, the website is built on modern frameworks such as Next.js and React, with a fast, mobile-optimized, and accessible design. Security posture is strong with HTTPS, security headers, and encrypted IoT communications, though explicit security policies and incident response details are not published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website presents a professional and trustworthy digital presence, though the WHOIS data is missing, indicating possible recent registration or privacy masking. Strategic recommendations include publishing security policies and vulnerability disclosure information to enhance trust and compliance.

H

Hepta Airborne

heptainsights.com

70

Hepta Airborne is a technology company specializing in AI-powered inspection solutions for power grids. Their platform leverages AI-enhanced software to detect anomalies in transmission and distribution grids, helping utilities prioritize repairs and reduce maintenance costs. The company serves a global client base including over 30 DSOs and TSOs across 21 countries, inspecting thousands of kilometers of power lines monthly. Their business model focuses on providing B2B software and integration services with options for cloud or on-premise deployment. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Google Tag Manager, and Facebook Pixel. Hosting is on AWS infrastructure, and the site is mobile-optimized with good performance and accessibility standards. Cookie consent is implemented with detailed user controls, reflecting good privacy compliance. From a security perspective, the site enforces HTTPS and uses domain transfer protection. However, DNSSEC is not enabled and security headers are not explicitly detected, indicating room for improvement. No exposed sensitive data or vulnerabilities were found. The WHOIS data is consistent with the company's founding date and business claims, supporting legitimacy. Overall, the website presents a professional, trustworthy, and secure digital presence suitable for its target audience of power grid operators and utilities. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and establishing a vulnerability disclosure process to further enhance trust and compliance.

The website 'Symposium Zukunftwärme' serves as an informational platform focused on the energy sector, specifically future heating technologies. It targets professionals and stakeholders interested in energy innovations and symposium events. The site is built on TYPO3 CMS, indicating a moderate level of technical infrastructure with standard web technologies such as JavaScript and CSS. The website implements a cookie consent mechanism compliant with GDPR, including Google Analytics tracking with user consent. However, it lacks visible contact information, terms of service, and explicit security or incident response policies, which limits transparency and user trust. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but it does not implement advanced security headers or publish detailed security policies. No vulnerabilities or suspicious patterns were detected in the provided content. The website is accessible without WAF or blocking mechanisms, allowing full content analysis. The overall risk is moderate, with recommendations to enhance security headers, publish incident response information, and improve accessibility and SEO. The business appears to be a small, niche event and information platform within the German energy sector. The lack of detailed business contact information and certifications limits the assessment of business credibility. The website content quality and user experience are basic but functional, suitable for its informational purpose.

T

The smarter E South America

intersolar-brasil.com

54

Intersolar Brasil operates as a key organizer of solar energy events in Brazil, focusing on the Northeast and South regions with events that promote photovoltaic and storage solutions. The website presents a professional and well-structured platform targeting industry professionals, exhibitors, and visitors interested in renewable energy. The technical infrastructure employs modern web technologies including consent management and CAPTCHA for security, with good mobile optimization and SEO practices. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and ownership transparency. Security posture is generally good with HTTPS and consent mechanisms, but lacks visible security headers and explicit security policies. Overall, the site is trustworthy for its content and business purpose but would benefit from improved transparency and security disclosures.

The SiliconPV Conference 2025 website serves as an informational platform for an energy sector event focused on photovoltaic technology. The site is built on TYPO3 CMS and includes a cookie consent mechanism compliant with GDPR principles, utilizing Google Analytics for user behavior tracking. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. The website lacks visible contact information, terms of service, and security policies, which limits transparency and user trust. Technically, the site uses modern CMS technology but could improve in security header implementation and accessibility. Overall, the security posture is moderate but could benefit from enhanced best practices and clearer business information.

I

Intersolar Middle East

intersolar.ae

54

Intersolar Middle East is a prominent event organizer specializing in solar energy exhibitions and conferences within the MENA region, particularly hosted at the Dubai World Trade Centre. The platform serves industry professionals, exhibitors, and visitors interested in photovoltaics, PV production technologies, and energy storage systems. The website reflects a well-established market position as a leading solar event in the Middle East, offering comprehensive event information, publications, and newsletters to its audience. Technically, the website employs modern JavaScript libraries, CAPTCHA for form security, and a consent management platform to ensure privacy compliance. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforcement and CAPTCHA usage, though it lacks some advanced security headers and explicit security policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

The Battery Business & Development Forum website serves as an industry-focused platform providing information and community engagement related to battery technology and business development. The site targets professionals and stakeholders within the energy sector, offering forums and resources to support industry collaboration. Technically, the website is built on TYPO3 CMS and employs JavaScript for interactivity, with a cookie consent mechanism and Google Analytics for user tracking. The site demonstrates moderate digital maturity with basic mobile optimization and SEO features. Security posture is moderate; while HTTPS is used, no security headers were detected, and no explicit contact or incident response information is provided. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the website is functional and safe but would benefit from enhanced security practices, clearer business and contact information, and improved compliance documentation.

The website 'www.zukunftsnetz.net' serves as an informational platform primarily focused on the 'Zukünftige Stromnetze' conference, targeting professionals in the energy sector interested in future power grid technologies. The site is built on TYPO3 CMS and incorporates modern web technologies including compressed CSS and JavaScript assets. It features a cookie consent mechanism compliant with GDPR, utilizing Google Analytics for user behavior tracking. However, no contact information or terms of service pages were found, which limits direct user engagement and transparency. From a technical perspective, the website demonstrates moderate performance and good mobile optimization. The absence of explicit security headers and lack of visible security or incident response policies indicate room for improvement in security posture. The SSL configuration is excellent, ensuring encrypted communications. The missing WHOIS registration data raises concerns about domain legitimacy and trustworthiness, although the active content and cookie compliance suggest a legitimate operation. Security-wise, the site benefits from HTTPS and cookie consent but lacks advanced security headers and detailed privacy or incident response disclosures. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is safe for general audiences, with no adult or questionable content. Strategically, the site should enhance transparency by publishing contact details, terms of service, and security policies. Implementing security headers and improving accessibility would strengthen its security and compliance posture. Addressing the WHOIS data anomaly is critical to improve trust and legitimacy perception.

Sustainable Solar Europe is a website focused on promoting sustainable solar energy solutions within the European market. The site is built on TYPO3 CMS and includes basic cookie consent and privacy policy mechanisms, indicating some level of compliance with data protection regulations. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and transparency. The website lacks visible contact information, terms of service, and security policies, which limits trust and business credibility. Technically, the site uses standard web technologies and Google Analytics for user tracking but does not demonstrate advanced security configurations or performance optimizations. Overall, the security posture is moderate but could be improved by implementing security headers and providing clearer business and contact information.

Conexio-PSE GmbH is a small German company operating in the energy sector, providing energy management and related services. The website is built on TYPO3 CMS and targets German-speaking business customers. The site includes a cookie consent mechanism compliant with GDPR and uses Google Analytics for user tracking. The technical infrastructure is moderate with basic mobile optimization and accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit incident response information. Overall, the website is professional and trustworthy but could improve in security transparency and contact information availability.

I

Intersolar & Energy Storage North America

intersolar.us

66

Intersolar & Energy Storage North America operates as a professional event organizer specializing in the solar and energy storage sectors. The company provides flagship and regional events designed to facilitate networking, exhibiting, and showcasing innovations within the renewable energy industry. Their market position is that of an established event platform serving industry professionals and businesses seeking to connect and grow within this niche. The website reflects a medium-sized business with a focused business model centered on event management and exhibition services. Technically, the website is built on WordPress using the Elementor framework, integrating multiple marketing and analytics tools such as Google Tag Manager, Marketo, Hotjar, and Facebook Pixel. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security measures include HTTPS enforcement, sandboxing of iframes, and a cookie consent mechanism via OneTrust, indicating a reasonable level of digital maturity. From a security perspective, the website benefits from strong SSL configuration and several security headers, contributing to a solid security posture. However, the absence of a publicly accessible privacy policy, terms of service, and incident response contacts represents compliance gaps. The lack of WHOIS data raises concerns about domain legitimacy, although the website's professional appearance and functionality mitigate some risk. Overall, the site scores well but should address privacy and transparency to improve trust. Strategically, the business should prioritize publishing comprehensive privacy and terms documents, disclose contact information for security incidents, and consider implementing a security.txt file to enhance vulnerability disclosure. These steps will strengthen compliance, user trust, and security readiness.

Solar Promotion Group is a professional event organizer specializing in exhibitions and conferences within the renewable energy sector. Their portfolio includes globally recognized events such as Intersolar and The smarter E Digital platform, targeting industry professionals and stakeholders in energy, transport, and related fields. The website is well-structured, with clear navigation and relevant content showcasing their services and topics of interest. Technically, the site uses modern JavaScript libraries, a consent management platform (Usercentrics), and bot protection (Friendly Captcha), indicating a mature digital infrastructure. Security posture is generally strong with HTTPS and consent mechanisms, though explicit security headers and incident response information are absent. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, but the professional presentation and content support legitimacy. Overall, the website is safe, compliant with GDPR, and provides a trustworthy user experience.

M

MOOS licht ag

mooslicht.ch

73

MOOS licht ag is a Swiss company specializing in the development, production, and distribution of lighting solutions, with a strong market position in specialty lighting, technical lighting, and emergency lighting systems. The company targets architects, lighting planners, and electrical planners/installers, offering customized and innovative lighting products and services. Their website reflects a professional and consistent brand image with clear navigation and comprehensive service descriptions. Technically, the site uses modern JavaScript libraries, a specialized CMS (CONTENS), and integrates Google Analytics with user consent, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in HTTP security headers and explicit security policies. Overall, the website is trustworthy, compliant with GDPR, and presents a low risk profile.

K

Kaminfeger Koch

kfk.ch

72

Kaminfeger Koch is a specialized regional service provider based in Switzerland offering chimney sweeping, heating system maintenance, fire protection consulting, and firestop installations. Their services target private homeowners, builders, municipalities, and architects primarily in the regions of Zofingen, Sursee, and Olten. The company emphasizes performance efficiency, environmental protection, and safety compliance in their offerings. Technically, the website is built on the CONTENS CMS platform and uses modern JavaScript libraries such as jQuery and Flickity for UI components. It integrates Google Analytics 4 for minimal user tracking and employs CookieHub for comprehensive cookie consent management. The site is well-structured, mobile-optimized, and uses HTTPS with good SSL configuration, although additional security headers could enhance protection. No critical vulnerabilities or suspicious content were detected. However, the absence of a published security policy or incident response contact is noted. Overall, the website presents a professional and trustworthy digital presence aligned with its business domain.

I

IBW Installationen AG

ibw-installationen.ag

71

IBW Installationen AG is a Swiss-based company specializing in electrical installations, photovoltaic systems, electric mobility charging solutions, energy storage, and smart home technologies. Positioned as a regional expert in the Aargau area, the company offers comprehensive services including a 24-hour emergency on-call service, targeting both private and commercial customers interested in sustainable energy and modern electrical solutions. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site is built on the CONTENS CMS platform, utilizing modern JavaScript libraries such as jQuery and Swiper, and integrates Friendly Analytics for user tracking. The site is mobile-optimized and performs moderately well, with good SEO practices in place. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks some standard security headers and explicit cookie consent mechanisms. WHOIS data is unavailable publicly, which slightly reduces trust but does not negate the legitimacy indicated by the website content and business presence. Overall, the site demonstrates a solid digital maturity with room for improvement in privacy compliance and security best practices.

E

Elektrizitäts-Genossenschaft Siggenthal

egs-strom.ch

50

Elektrizitäts-Genossenschaft Siggenthal is a Swiss-based electricity cooperative focused on providing sustainable and community-supported energy solutions. The website presents a professional and consistent brand image, targeting local customers interested in sustainable electricity. The business model is community-oriented, positioning itself as a local energy provider with a clear focus on sustainability. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, leveraging modern web technologies and SEO best practices. The site is mobile-optimized and includes structured data for enhanced search engine visibility. Security-wise, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism, but lacks explicit security headers and detailed security or incident response policies. No privacy policy or terms of service documents were found, which is a gap in compliance. Overall, the website is trustworthy and professionally maintained but could improve in privacy and security transparency.

I

ibw

ibw.ag

68

ibw is a regional energy utility company based in Wohlen, Switzerland, providing electricity, gas, water, and related services including electrical installations and energy consulting. The company maintains a professional website with comprehensive service information, a customer portal, and a retail shop. The technical infrastructure relies on Dynasite CMS and includes common JavaScript libraries and analytics tools. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some improvements are recommended such as updating legacy libraries and adding security headers. Privacy compliance is good with a clear privacy policy, but lacks a visible cookie consent mechanism. Overall, the website reflects a trustworthy and established business with a medium-sized market presence in the energy sector.

A

Antennengenossenschaft Dottikon (AGD)

antennengenossenschaft.ch

64

Antennengenossenschaft Dottikon (AGD) is a Swiss cooperative based in Dottikon, focused on providing its members and subscribers with reception of domestic and international television and radio programs, as well as enabling data communication services. The cooperative owns and maintains the entire signal distribution infrastructure. The website is built using BaseKit CMS and hosted on web.host.ch, featuring a moderate performance and basic mobile optimization. However, the site lacks critical privacy and cookie policies, contact information, and security headers, which impacts its overall security posture and privacy compliance. No signs of WAF or content blocking were detected, allowing full content accessibility. The WHOIS data aligns well with the business claims, supporting the legitimacy of the domain and organization.

K

K. Lienhard AG

lienhard-ag.ch

49

K. Lienhard AG is a Swiss engineering firm specializing in the planning, documentation, and maintenance of infrastructure for energy and water supply. With over six decades of experience, the company serves utilities and infrastructure operators across Switzerland, offering a broad range of professional services and products. The website reflects a mature market position with clear service offerings and a professional digital presence. Technically, the site is built on WordPress with WooCommerce and integrates privacy-conscious analytics and Google reCAPTCHA for form security. Security posture is solid with HTTPS and no obvious vulnerabilities, though some improvements in security headers and explicit policies could enhance trust. Overall, the site is accessible, well-structured, and compliant with GDPR, though a cookie consent mechanism is missing. Strategic recommendations include enhancing security policies, adding cookie consent, and publishing terms of service to improve compliance and user trust.

E

EWK Energie AG

ewk-energie.ch

56

EWK Energie AG is a local energy distribution company serving the Gemeinde Kölliken in Switzerland. The company provides electricity distribution services, including standard and renewable energy sourced from local hydropower. Their market position is that of a trusted local utility provider with a focus on reliable energy delivery and customer support. The website reflects a professional and consistent brand image, targeting residents and businesses within the community. Technically, the site is built on WordPress using Elementor, with modern web technologies and good mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is partially addressed with a privacy policy page but no cookie consent mechanism. Overall, the website is trustworthy and functional, supporting the company's business objectives effectively.

E

Eniwa AG

eniwa.ch

67

Eniwa AG is a Swiss energy company providing energy supply and related services primarily to regional customers. The website reflects a professional corporate presence with a focus on energy solutions. The technical infrastructure uses modern web technologies such as Vue.js and Mapbox GL JS, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, though some SEO and accessibility features could be improved. Security posture is acceptable with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies and consent mechanisms. Overall, the website is legitimate and consistent with the business claims, but improvements in privacy and security transparency are recommended.

E

Über 20 Jahre Kompetenz für die Energiewirtschaft - Energy4u GmbH

energy4u.org

62

Energy4U is a German-based energy sector service provider with a long-established domain since 2000. The company appears to offer energy consultancy and related services targeting businesses and consumers interested in energy solutions. The website is professionally designed using WordPress CMS with Bootstrap and Font Awesome, providing a good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, which impacts its privacy compliance score. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and trustworthy but would benefit from improved privacy compliance and enhanced security measures.

G

GEN energija d.o.o.

esvet.si

53

eSvet.si is an educational website operated under the GEN energija d.o.o. group, focusing on energy topics relevant to Slovenia. It provides comprehensive information on various energy sources including nuclear, hydro, fossil, and renewable energies. The platform targets a broad audience including students, professionals, and the general public interested in energy and sustainability. The site is well-branded, consistent, and supported by recognized energy sector partners, enhancing its credibility and trustworthiness. Technically, the site is built on Drupal CMS with modern JavaScript libraries and analytics tools, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are not published. Overall, the site demonstrates a mature digital presence with good compliance to privacy regulations and a strong educational mission.

G

GEN energija

jek2.si

53

The website jek2.si represents the JEK2 nuclear energy project, a strategic initiative by GEN energija to develop a modern, reliable, and environmentally friendly electricity supply in Slovenia. The site serves as an information hub for the public, stakeholders, and government entities, providing news, project details, and educational content. It positions itself as a key player in Slovenia's energy future, emphasizing nuclear energy's role alongside renewables to achieve climate neutrality. Technically, the website is built on WordPress with a modern tech stack including Google Fonts, Google Analytics, and multilingual support via WPML. It is hosted behind Cloudflare DNS and CDN services, ensuring good performance and security. The site employs HTTPS with strong SSL configuration and uses reCAPTCHA v3 to secure its contact form. Privacy and cookie policies are present and GDPR compliant, reflecting a mature approach to data protection. However, no explicit security policy or incident response contacts are published. Overall, the site is professional, trustworthy, and well-maintained, with a strong focus on transparency and public engagement.

R

Radenska d.o.o.

srcnozajutri.si

40

The website www.srcnozajutri.si is a well-developed corporate campaign platform for Radenska d.o.o., a Slovenian company focused on mineral water production and environmental sustainability. The site highlights Radenska's commitment to ecological projects such as tree planting, circular economy, green energy, water resource protection, and social sponsorships. It targets environmentally conscious consumers and local communities. Technically, the site uses modern web technologies, is mobile-optimized, and hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with cookie consent and a comprehensive cookie policy. Overall, the site reflects a trustworthy and professional brand presence with strong environmental and social responsibility messaging.

F

FIDIC For Global Goals

climatechangecharter.world

47

The website 'FIDIC For Global Goals' serves as a campaign platform focused on addressing climate change challenges within the industry by bringing together stakeholders to collaborate on sustainability goals. The site presents itself professionally with clear messaging, calls to action, and countdown timers highlighting key climate targets such as SDGs 2030 and Net Zero 2045. Technically, the site is built on WordPress using the Divi theme and includes common plugins for cookie consent and social sharing. While the site uses HTTPS and has a cookie consent mechanism, it lacks visible privacy and terms of service pages, security headers, and explicit contact information, which are areas for improvement. The WHOIS data is privacy protected, which is typical for non-profit initiatives, and no suspicious patterns were detected. Overall, the site demonstrates a moderate level of digital maturity and security posture but would benefit from enhanced transparency and security best practices.

Horfam d.o.o. is a Croatian company specializing in lighting solutions, offering a broad range of lighting products and services including design and project planning. Established in 2000, the company positions itself as a provider of modern, ecological, and energy-efficient lighting technologies tested in demanding applications. The website is built on WordPress, leveraging popular plugins such as Yoast SEO and Google Analytics, and includes a cookie consent mechanism compliant with GDPR requirements. Security measures include HTTPS and Google reCAPTCHA, but lack explicit security policies or vulnerability disclosures. The domain registration data aligns well with the company's claims, indicating legitimacy and trustworthiness.

L

Lipapromet d.o.o.

lipapromet.hr

56

Lipapromet d.o.o. is a Croatian company specializing in wholesale distribution of lighting and electrical materials, as well as providing professional services in lighting design and building management systems. Established in 2001, the company has a solid market presence with multiple project references across Croatia, serving professional and commercial clients. Their website reflects a medium-sized enterprise with a focus on B2B services in the energy and retail sectors. Technically, the website is built on ASP.NET WebForms with DotNetNuke CMS, using jQuery and hosted likely via Croatian Academic and Research Network (CARNET) or Azure DNS. The site is secured with HTTPS and includes privacy and cookie policies with consent mechanisms, though some modern security headers like CSP are missing. The security posture is good but could be enhanced by updating libraries and adding incident response information. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

E

ENERGY PLUS d.o.o.

energyplus.hr

44

ENERGY PLUS d.o.o. is a Croatian company established in 2005 specializing in professional LED lighting, industrial machinery production, and renewable energy solutions such as photovoltaic systems. The company targets industrial and business clients seeking modern lighting and machinery solutions. Their website reflects a stable, small-sized manufacturing business with consistent branding and clear service offerings. Technically, the website is built on WordPress using the Divi theme, with standard libraries like jQuery and MediaElement.js, hosted likely under Croatian infrastructure. The site is moderately performant, mobile-optimized, and accessible at a basic level. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and documented security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy but could improve in compliance and security transparency.

V

VDE VERLAG GmbH

ehp-magazine.com

59

The website energie.de hosts the EUROHEAT&POWER international trade magazine, a leading publication focused on district heating, district cooling, and cogeneration markets in Europe. Operated by VDE VERLAG GmbH, the site targets decision makers and professionals in the heating and energy sectors, offering print and digital magazine editions, newsletters, and advertising opportunities. The content is professionally curated, with a clear focus on industry developments, technical innovations, and energy policy trends. The website is built on TYPO3 CMS and integrates modern web technologies including JavaScript and CSS, with advertising managed through AdSpirit and analytics via eTracker. GDPR compliance is evident through comprehensive privacy and cookie policies with user consent mechanisms.

V

VDE VERLAG GmbH

et-magazin.de

58

The website energie.de hosts the magazine 'et - Energiewirtschaftliche Tagesfragen', a professional publication focused on the energy sector, covering news, expert articles, interviews, and future-oriented topics. Operated by VDE VERLAG GmbH, it targets professionals and stakeholders in the energy industry, providing specialized content and subscription services. The site demonstrates a solid market position as a specialized energy media publisher in Germany. Technically, the website is built on TYPO3 CMS with Yoast SEO integration, employing modern web technologies including JavaScript and CSS. Hosting is managed via agenturserver nameservers, indicating a professional hosting environment. The site is mobile-optimized with good SEO and basic accessibility features, delivering moderate performance. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Advertising is managed transparently with GDPR consent, and analytics are performed via etracker with moderate user tracking. Overall, the website is professional, secure, and compliant with privacy regulations, suitable for its target audience. Recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.