Security Directory

K

KMR Service GmbH

kmr-fernwaerme.de

47

KMR Service GmbH is a specialized German company providing industrial services and products in the energy sector, focusing on district heating (Nah- und Fernwärme) and related services such as pipe systems, insulation, error detection, and container construction. With over two decades of experience, the company positions itself as a reliable B2B partner serving clients nationwide in Germany, including biogas and agricultural sectors. The website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with WooCommerce and Elementor, indicating a modern and flexible digital infrastructure. The site is mobile-optimized and includes GDPR-compliant cookie and privacy policies, demonstrating good privacy practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly disclosed. Overall, the website is trustworthy, well-maintained, and suitable for its target industrial audience.

BRUGG Pipes is a specialized manufacturer and service provider of flexible and rigid pipe systems primarily serving the energy and industrial sectors. The company is positioned as a global market leader in safe transport solutions for flammable and water-hazardous substances, offering a comprehensive product portfolio including pipe systems for district heating, cooling, industrial applications, and tank stations. Their website is professionally designed, multilingual, and rich in content, targeting industry professionals and infrastructure planners. Technically, the site is built on TYPO3 CMS with modern tracking and consent management tools, ensuring GDPR compliance and good user experience across devices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data slightly reduces trust but does not detract from the overall legitimacy. The company maintains active social media presence and partners with professional platforms, enhancing its market reach and credibility.

3

3S Antriebe GmbH

3s-antriebe.de

47

3S Antriebe GmbH is a specialized German company focused on developing and selling electric drive systems for underground valves used in water, gas, and district heating networks. Their innovative actuator solutions improve operational efficiency and reduce costs for network operators. The company maintains a professional online presence with clear contact information, ISO 9001 certification, and active social media channels. The website is built on a modern WordPress platform with WooCommerce and Elementor, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are absent. Overall, the company presents a trustworthy and professional image suitable for its B2B industrial market.

P

PSI Products GmbH

psi-products.de

48

PSI Products GmbH is a specialized German company providing high-quality accessories for pipeline construction, civil engineering, and the supply industry. The company positions itself as a leading specialist provider in its niche, offering a broad range of products including sealing technology, pipe pulling accessories, corrosion protection, flange gaskets, and pipe cleaning solutions. Their business model is primarily B2B, targeting industrial clients in energy and infrastructure sectors. The website is professionally designed, multilingual (German and English), and includes an online shop for convenient ordering. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as jQuery and Slick Carousel for enhanced user experience. It integrates a consent management platform (Usercentrics) to comply with GDPR requirements and uses Google Analytics for traffic analysis with user consent. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and employs a consent mechanism for cookies and tracking. However, it lacks explicit security headers and a public vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is structured and consistent with the business, though the use of third-party name servers suggests external DNS management. Overall, the security posture is solid but could be improved with additional headers and incident response information. The overall risk assessment is low, with the website showing strong business credibility, compliance with privacy regulations, and a professional online presence. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing explicit incident response contacts to further strengthen trust and security culture.

S

STURM Isotech GmbH & Co. KG

sturm-isotech.de

57

STURM Isotech GmbH & Co. KG is a specialized service provider in the energy sector, focusing on district heating pipeline planning and network monitoring. The company positions itself as a trusted partner for comprehensive support in the construction and operation of district heating infrastructure. Their website reflects a professional and consistent brand image, targeting businesses and professionals involved in energy infrastructure. Technically, the website is built on WordPress with a modern theme and integrates essential Google services such as Analytics, Maps, Fonts, and reCAPTCHA for spam protection. The site is GDPR compliant with a detailed cookie consent mechanism and a comprehensive privacy policy. Security posture is solid with HTTPS enforced and spam protection in place, though some security headers could be improved. Overall, the website is well-structured, performant, and trustworthy, supporting the company's market position as a niche energy service provider.

S

Seal For Life

sealforlife.com

58

Seal For Life is a global leader in protective coatings and infrastructure solutions, serving industrial and commercial clients primarily in the energy and infrastructure sectors. The company offers a broad portfolio of brands and products focused on pipeline protection, maintenance coatings, and safety solutions. Their market position is strong, supported by multiple ISO certifications and a comprehensive digital presence. The website reflects a mature business with professional branding and clear communication of services and subsidiaries. Technically, the website is built on WordPress with modern SEO and privacy compliance tools such as Yoast SEO and OneTrust for cookie consent. The site is mobile-optimized and performs moderately well, with good accessibility and SEO practices. Analytics are implemented responsibly with user consent mechanisms. From a security perspective, the site enforces HTTPS and includes standard security headers, but lacks a dedicated security policy or incident response page. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain transparency and trust slightly, but the overall security posture is solid. Overall, the website presents a low risk with strong business credibility and compliance, though improvements in transparency and security communication are recommended.

H

HPW Fernwärme

hpw-fernwaerme.de

53

HPW Fernwärme is a well-established German company specializing in district heating and industrial insulation services with over 30 years of experience. The company offers a comprehensive range of services including planning, trade, production of custom PE parts, value preservation, and service. They hold certifications such as AGFW FW 605 and DIN EN ISO/IEC 17024, underscoring their commitment to quality and industry standards. Their market position is strong within the energy sector, targeting businesses and organizations requiring efficient and sustainable heating solutions. Technically, the website is built on a modern WordPress platform using Elementor and Yoast SEO, ensuring good SEO and mobile optimization. The site loads moderately fast and provides a professional user experience with clear navigation and relevant content. However, some technical improvements could enhance performance and security further. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers and published security policies. There is no visible incident response or vulnerability disclosure information, which could be improved to enhance trust and compliance. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website presents a trustworthy and professional image with solid business credibility. Strategic improvements in security policies, privacy compliance, and direct contact information would further strengthen their digital presence and risk posture.

V

Vexve

vexve.com

62

Vexve is a Finnish company specializing in manufacturing valves and providing solutions for district heating and cooling networks, industrial applications, and energy production. The company targets industrial clients and energy sector professionals, positioning itself as a reliable B2B provider of high-quality valve products and energy system solutions. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built using modern frameworks such as Next.js and React, and it employs Cookiebot for cookie consent management, ensuring compliance with privacy regulations like GDPR. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. Performance is moderate, with room for improvement in hosting and speed optimizations. From a security perspective, the website enforces HTTPS and includes important security headers, contributing to a strong security posture. However, the absence of a security.txt file, incident response contacts, and vulnerability disclosure mechanisms indicates areas for enhancement in security transparency and readiness. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professional, but the lack of publicly available WHOIS data for the domain www.vexve.com raises questions about domain registration transparency. This should be investigated further to ensure full legitimacy. Strategic recommendations include publishing security policies and contact information for incident response, improving domain registration visibility, and enhancing performance metrics.

ISOBRUGG - Stahlmantelrohr GmbH is a German manufacturing company specializing in steel jacket pipes. The website content is minimal and primarily structured using outdated framesets created with Microsoft FrontPage 12.0, indicating a lack of recent modernization. The business appears to target industrial clients requiring steel piping solutions, but the website provides very limited information and no direct contact details or policies. Technically, the site lacks modern web standards, mobile optimization, and accessibility features, resulting in a poor user experience and low SEO effectiveness. Security posture is weak due to absence of visible HTTPS enforcement, security headers, and privacy compliance documentation. WHOIS data is consistent with a legitimate German business domain, but the overall digital maturity is low. Strategic improvements are needed to enhance security, compliance, and user engagement.

B

BASF SE

basf.eu

79

BASF SE is a leading global chemical company headquartered in Germany, with a long history dating back to 1865. The company focuses on profitable growth and creating value for society by providing innovative chemical solutions that support sustainability. Their website reflects a mature digital presence with comprehensive content aimed at industrial clients, partners, and stakeholders worldwide. The site is well-structured, professionally designed, and optimized for mobile devices, demonstrating a high level of digital maturity. Technically, the website uses modern frameworks such as Angular and a CMS platform (Magnolia), with good performance and accessibility standards. Security-wise, BASF employs HTTPS, robust security headers, and follows recognized standards like ISO 27001, indicating a strong security posture. Privacy and cookie policies are clearly presented with consent mechanisms, supporting GDPR compliance. Despite the absence of WHOIS registration details, the overall trustworthiness and legitimacy of the website are high, supported by consistent branding, certifications, and contact information. Strategic recommendations include maintaining regular security assessments, enhancing incident response automation, and continuing to improve privacy transparency to sustain trust and compliance.

R

RAV Armaturen GmbH

rav-valve.com

45

RAV Armaturen GmbH is a German manufacturer specializing in industrial valves, particularly safety-relevant ball valves used in sectors such as petrochemicals, gas industry, and pipeline construction. The company has a long-standing market presence since 1997 and targets industrial clients requiring high-precision valve solutions. Their website reflects a professional and consistent brand image with clear contact information and multilingual support (German and English). Technically, the website is built on standard HTML5, CSS, and JavaScript with jQuery 1.11.3. While the site is functional and moderately optimized for mobile, it lacks modern security features such as DNSSEC and security headers. No CMS or advanced frameworks are detected, indicating a relatively simple but stable infrastructure. Performance is moderate with basic SEO and accessibility features. From a security perspective, the site uses HTTPS (assumed from domain but not explicitly confirmed in data), but lacks DNSSEC and security headers, which are recommended for enhanced protection. No cookie consent mechanism is present, which may impact GDPR compliance. The WHOIS data shows a consistent and legitimate domain registration with no privacy protection, appropriate for the business type. No incident response or vulnerability disclosure information is found. Overall, the website is trustworthy and professional but could improve its security posture and privacy compliance. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and updating JavaScript libraries to mitigate vulnerabilities.

B

Böhmer GmbH

boehmer.de

52

Böhmer GmbH is a medium-sized German manufacturer specializing in industrial ball valves for sectors including energy, oil and gas, pipelines, and district heating. The company positions itself as a reliable supplier for industrial clients requiring high-quality valve solutions. The website reflects a professional digital presence with multilingual support and clear business information. Technically, the site is built on WordPress using modern plugins such as Yoast SEO, Elementor, and Real Cookie Banner Pro, indicating a mature digital infrastructure. Security measures include HTTPS, Wordfence plugin, and comprehensive cookie consent management, though no explicit security policy or incident response details are published. Overall, the website demonstrates a solid security posture and compliance with GDPR, supporting trustworthiness and business credibility.

B

BRANDES GmbH

brandes.de

54

BRANDES GmbH is a specialized company with over 55 years of experience providing leak detection and monitoring systems primarily for the energy sector, including district heating and cooling, industrial applications, and environmental protection. The company positions itself as a leading system manufacturer and service provider with a comprehensive product portfolio and extensive service offerings such as planning, installation, and maintenance. Their market presence is supported by certifications and a strong brand identity. Technically, the website is built on TYPO3 CMS, integrates Google Analytics and Tag Manager with consent mechanisms, and is hosted by Parrot Media. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security posture is good with HTTPS enforced and privacy compliance evident, though explicit security policies and incident response contacts are not published. Overall, the website and domain registration data indicate a trustworthy and legitimate business with a strong focus on compliance and user privacy.

B

BEM GmbH

bem-gmbh.de

43

BEM GmbH is a small German company specializing in pipe network services, primarily serving clients in Dinslaken and surrounding areas. The website is built on Joomla CMS using the Yootheme template and UIkit framework, indicating a moderate level of technical maturity. The site includes a cookie consent mechanism via Usercentrics, demonstrating some compliance with GDPR requirements. However, the absence of a privacy policy, terms of service, and explicit contact information limits the site's overall compliance and trustworthiness. Security posture is moderate with HTTPS enabled but lacking security headers and detailed incident response information. Overall, the website is functional but would benefit from enhanced privacy, security, and business transparency measures.

K

KÄHLER Industrie-Armaturen GmbH

kaehler-armaturen.de

49

KÄHLER Industrie-Armaturen GmbH is a specialized supplier and service provider of high-quality industrial valves and fittings, primarily serving the energy, petrochemical, and industrial sectors in Germany. The company partners with reputable manufacturers such as Vexve to offer a broad portfolio of products including fully welded ball valves and hot tapping systems. Their business model focuses on B2B sales and comprehensive service offerings including installation training and maintenance support. The website reflects a professional and consistent brand image targeting industrial clients with clear contact channels and product information. Technically, the website is built on a modern stack likely using Shopware CMS, with integration of Google Tag Manager and cookie consent management via Cloud CCM19. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Performance is moderate with standard web technologies and lazy loading of images. From a security perspective, the site enforces HTTPS and uses consent management for analytics, but lacks explicit security headers and detailed security or incident response policies. No vulnerability disclosure or security.txt file is present, which could be improved to enhance trust and compliance. Privacy and cookie policies are not explicitly found, indicating a gap in GDPR compliance documentation. Overall, the website is trustworthy and professional with a solid business presence, but could benefit from enhanced privacy and security disclosures to improve compliance and user trust. Strategic improvements in security headers and policy transparency are recommended to strengthen the security posture.

B

Bayern Fernwärme

gorisek.net

58

Bayern Fernwärme is a small German company specializing in the insulation and re-insulation of district heating pipelines, operating primarily in Donaueschingen. The website presents a professional image with clear business descriptions and contact information, targeting property owners and businesses interested in cost-effective heating solutions. The company positions itself as a reliable local service provider with a focus on customer consultation and quality service. Technically, the website is built on the IONOS MyWebsite platform, utilizing standard web technologies such as HTML, CSS, and JavaScript. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. No advanced frameworks or analytics tools are detected, indicating a basic digital maturity level. From a security perspective, the site uses HTTPS but lacks important security headers and policies such as privacy and cookie notices, which are critical for GDPR compliance. The absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. No forms or data collection mechanisms are present, reducing immediate data protection risks but also limiting user engagement. Overall, the website is functional and professional but requires improvements in compliance, security best practices, and domain registration transparency to enhance trust and reduce risk.

S

SPIE Deutschland & Zentraleuropa

spie.de

72

SPIE Deutschland & Zentraleuropa is a leading multi-technical service provider operating in Germany and neighboring Central European countries. The company specializes in services for buildings, plants, and infrastructure, positioning itself as a key player in the energy and transportation sectors. The website reflects a professional corporate presence with clear business descriptions and a focus on B2B customers. Technically, the site uses a modern CMS (Sitefinity), integrates Google Maps API, and employs Microsoft Application Insights for telemetry, indicating a mature digital infrastructure. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy and professionally maintained, with room for improvement in transparency around security and terms of service.

H

Hartmann Valves

hartmann-valves.com

9

Hartmann Valves is an established company specializing in the manufacturing and supply of industrial valves, primarily serving the energy sector. The website highlights over 75 years of experience and focuses on technical innovations for reliable energy supply. The digital infrastructure is based on WordPress CMS with modern tools such as Elementor and Yoast SEO, hosted on Kinsta, indicating a moderate level of digital maturity. The website is professionally designed, mobile-optimized, and includes marketing and analytics tools such as Google Analytics, LinkedIn Insight, and Leadinfo. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks some security headers and explicit privacy and terms of service documentation. The absence of WHOIS data for the domain is a notable concern, suggesting either a WHOIS privacy service or an unregistered domain, which conflicts with the active website presence. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

H

H. Anger's Söhne

angers-soehne.com

62

H. Anger's Söhne is a well-established German company specializing in drilling and well construction services, with a history dating back to 1863. The company offers a broad range of services including shallow and deep drilling, well regeneration, horizontal well construction, groundwater monitoring, and geothermal energy solutions. Their market position is strong within the energy and water sectors, targeting industrial clients and businesses requiring specialized drilling services. The website reflects a professional and consistent brand image, supporting multilingual access and providing comprehensive service information. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, indicating a mature digital infrastructure. Hosting is provided by IONOS SE, a reputable registrar and hosting provider. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be improved. Performance is moderate, suitable for the content and media-rich nature of the site. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks DNSSEC and some recommended security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Contact information is transparent and professionally presented, enhancing business credibility. Overall, the website presents a low-risk profile with a solid security posture and good compliance. Strategic improvements in security headers and DNSSEC implementation would further strengthen their defenses. The company’s digital presence effectively supports their business operations and market positioning.

SONNTAG | Sonntag & Partner Partnerschaftsgesellschaft mbB is a large, multidisciplinary German economic law firm offering services in auditing, tax consulting, and legal advice. With over 500 experts and offices in Augsburg, Munich, Ulm, and Nuremberg, the firm targets medium-sized enterprises and corporate clients, providing integrated solutions across finance, law, and digital tax advisory. The website reflects a mature digital presence built on WordPress with modern SEO and cookie consent mechanisms, indicating a good level of digital maturity. Security posture is solid with HTTPS and cookie consent, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the firm presents a professional and trustworthy image with comprehensive service offerings and a strong market position in Germany.

B

BUHLMANN GROUP

buhlmann-group.com

51

BUHLMANN GROUP is a well-established premium trading company specializing in steel pipes, fittings, and accessories with a global reach and a strong presence in the energy, chemical, shipbuilding, and machine construction sectors. The company emphasizes quality and innovation, supported by multiple ISO certifications and advanced logistics solutions. Technically, the website is built on a modern WordPress platform with good SEO and mobile optimization, leveraging tools like Google Tag Manager and Borlabs Cookie for privacy compliance. Security posture is solid with HTTPS enforcement and domain transfer protections, though there is room for improvement in security headers and incident response transparency. Overall, the site reflects a professional and trustworthy business with comprehensive content and good user experience.

KLINGER Fluid Control GmbH is a well-established manufacturer specializing in high-quality industrial valves with over 130 years of experience. The company operates globally with a strong network of distribution partners and is a subsidiary of the KLINGER Group. Their website reflects a professional and consistent brand image, targeting industrial clients primarily in the manufacturing and energy sectors. Technically, the website employs modern web standards and includes user tracking via Google Analytics, though it lacks explicit cookie consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, but could be improved by adding security headers and incident response information. Overall, the site is trustworthy and professionally maintained, supporting the company's market position.

I

INTEC GMK

gmk.info

46

INTEC GMK is a specialized manufacturer and turnkey supplier of Organic Rankine Cycle (ORC) power plants designed to generate electricity from waste heat, geothermal energy, and biomass. The company positions itself as an innovative leader with the broadest range of ORC products, targeting industrial and energy sector clients. Their business model focuses on custom-made, highly individual solutions that integrate seamlessly into client processes, supporting the ongoing energy transition with sustainable power generation technologies. The website reflects a professional and consistent brand image with clear contact information and participation in industry exhibitions, reinforcing market credibility. Technically, the website is built using modern JavaScript frameworks such as Nuxt.js and Vue.js, likely managed via the Wagtail CMS. The site demonstrates good mobile optimization, clear navigation, and moderate performance. SEO practices are adequately implemented with proper meta tags and canonical URLs. However, some technical improvements could enhance security and privacy compliance, such as implementing cookie consent mechanisms and security headers. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are publicly available. The absence of security headers and cookie consent banners indicates room for improvement in security posture and GDPR compliance. The WHOIS data is unavailable due to a malformed response, suggesting privacy protection, which is reasonable for this business type. Overall, the domain appears legitimate and consistent with the website's claims. The overall risk assessment is moderate with no critical vulnerabilities detected. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and implementing cookie consent to improve privacy compliance and user trust. These steps will strengthen the company's digital maturity and security culture, supporting its professional market presence.

B

Baker Hughes

bakerhughes.com

77

Baker Hughes is a leading energy technology company focused on advancing safer, cleaner, and more efficient energy solutions globally. The company offers a broad portfolio of services and technologies including energy transition, hydrogen technologies, geothermal solutions, carbon capture, emissions abatement, remote operations, AI-driven energy operations, liquefied natural gas, industrial technology, and mature asset solutions. Their market position is that of a large, established enterprise headquartered in the United States, serving energy industry professionals and partners worldwide. Technically, the website is built on Drupal CMS with modern JavaScript integrations, including analytics and consent management tools, demonstrating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly detailed. Overall, the website presents a professional, trustworthy, and well-structured digital presence aligned with enterprise standards.

I

ISOPLUS Group

isoplus.de

61

ISOPLUS Group is a large European manufacturer specializing in pre-insulated pipe systems for district heating, cooling, industry, solar thermal, bioenergy, agriculture, and CCS sectors. The company operates in over 30 countries with a workforce of approximately 1,600 professionals and is part of the Viessmann Generations Group. Their website is professionally designed, multilingual, and provides comprehensive information about their products, services, and corporate profile. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and integrates Google Analytics and Tag Manager for user tracking. Security-wise, the site enforces HTTPS and implements a cookie consent mechanism, but lacks explicit security policies and incident response contacts. WHOIS data is privacy protected, which is justified for a business of this scale. Overall, the website demonstrates a mature digital presence with good privacy compliance and a strong business credibility profile.

A

Atlas Copco

atlascopco.com

71

Atlas Copco is a global industrial manufacturing company specializing in sustainable productivity solutions. Their website reflects a large enterprise with a professional digital presence, targeting industrial and business customers worldwide. The site uses modern web technologies including Adobe Helix, jQuery, and integrates Google Maps and OneTrust for cookie consent, indicating a mature technical infrastructure. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks visible security headers and explicit security policies. The absence of WHOIS data for the www subdomain is unusual but does not detract from the overall legitimacy given the brand recognition and website quality. Strategic recommendations include enhancing security headers, publishing clear privacy and security policies, and verifying domain registration details for full trust assurance.

B

badenovaWÄRMEPLUS GmbH & Co. KG

badenovawaermeplus.de

68

badenovaWÄRMEPLUS GmbH & Co. KG is a regional energy provider specializing in sustainable heat supply and renewable energy solutions in Germany. The company focuses on delivering Fernwärme (district heating), biogas, geothermal energy, solar, and wind energy services, targeting private customers, businesses, and industrial clients. Their market position is that of a key regional player driving the energy transition with innovative and efficient solutions. The website reflects a professional and consistent brand image with clear navigation and relevant content for their audience. Technically, the site uses modern JavaScript libraries and Google Tag Manager for analytics, with good mobile optimization and accessibility features. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response information are missing. Privacy compliance is well addressed with cookie consent and a comprehensive privacy policy. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

N

Nordwest Assekuranzmakler GmbH & Co. KG

nw-assekuranz.de

55

Nordwest Assekuranzmakler GmbH & Co. KG operates as an independent insurance broker based in Bremen, Germany, specializing in global insurance broking for industrial sectors. Their services encompass insurance management, risk management, risk assessment, due diligence, and provisions, targeting a diverse range of industries including renewable energy, transport, real estate, aerospace, and manufacturing. The company leverages its membership in the UnisonSteadfast network to provide global market access and specialized expertise. Technically, the website is built on the Contao CMS platform, utilizing modern web technologies such as jQuery and lazy loading for images, and integrates Matomo analytics with privacy-conscious configurations. The site demonstrates good mobile optimization, clear navigation, and professional design, reflecting a mature digital presence suitable for their target audience. From a security perspective, the website enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and incident response policies are not evident, representing areas for improvement. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the business claims, supporting the site's legitimacy. Overall, the website presents a trustworthy and professional front for the company, with strong business credibility and privacy compliance. Strategic enhancements in security policy transparency and technical security controls could further strengthen their security posture and stakeholder confidence.

S

Stadtwerke Schwerin GmbH

stadtwerke-schwerin.de

50

Stadtwerke Schwerin GmbH is a regional utility provider delivering electricity, gas, heat, fiber-optic internet, and water services primarily to customers in Schwerin, Germany. The company positions itself as a reliable and experienced service provider with over 30 years in the market, emphasizing personal customer service and sustainable regional engagement. Their website targets both private and business customers, offering detailed product information, customer portals, and interactive tariff calculators. Technically, the site is built on Drupal 10, uses Matomo for analytics, and integrates Usercentrics for cookie consent management, reflecting a modern and privacy-conscious digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be improved. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the website is professional, well-structured, and trustworthy, supporting the company's market position as a key regional energy and telecommunications provider.

K

Kraftanlagen Energies & Services SE

kraftanlagen.com

46

Kraftanlagen Energies & Services SE is a German-based integrated solutions provider specializing in decarbonization and energy transition services across energy, industrial, and building technology sectors. The company operates as part of the Equans Group and offers comprehensive services including consulting, engineering, construction, and maintenance. Their market position is strong within the DACH region, supported by a network of subsidiaries and a professional digital presence. The website demonstrates a mature technical infrastructure leveraging WordPress CMS, modern plugins, and consent management tools, reflecting a good level of digital maturity. Security posture is solid with HTTPS, reCAPTCHA, and consent mechanisms, though some security headers and incident response details could be improved. Overall, the site is professional, well-branded, and compliant with GDPR, but the absence of WHOIS registration data introduces some uncertainty about domain legitimacy that should be verified.

E

Enerchange

enerchange.de

60

Enerchange is a specialized agency focused on renewable energy consulting and services, targeting businesses and stakeholders within the energy sector in Germany. The website presents a professional and consistent brand image, leveraging WordPress with the Thrive Theme to deliver content effectively. The technical infrastructure is modern and includes standard security practices such as HTTPS and security headers. However, the site lacks explicit privacy policies, terms of service, and detailed contact information, which are important for compliance and user trust. No security incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency and readiness. Overall, the website is safe, accessible, and well-structured but would benefit from enhanced privacy and security documentation.

E

ERDWERK GmbH

erdwerk.com

52

ERDWERK GmbH is a German-based company specializing in geothermal energy solutions, including consulting, planning, execution, and project management services. The company has a solid market presence with numerous projects primarily in Germany and some international locations. Their website is professionally designed using Drupal 8 CMS, featuring integration with Google Maps and Piwik analytics, indicating a moderate level of digital maturity. Contact information and social media links are clearly provided, enhancing business credibility. From a security perspective, the website uses HTTPS and does not expose sensitive data in the HTML content. However, it lacks visible security headers and explicit privacy or cookie policies, which are important for compliance and security best practices. The absence of WHOIS registration data is a concern, as it reduces trustworthiness despite the professional website presence. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website demonstrates a good business and technical foundation but requires improvements in privacy compliance, security headers, and WHOIS transparency to enhance trust and security posture. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and clarifying domain registration details.

G

GEF Ingenieur AG

gef.de

44

GEF Ingenieur AG is a well-established German engineering company specializing in heat supply and district heating solutions with over 40 years of experience. Their services span strategic consulting, planning, research, and software development tailored to the energy sector. The company targets municipalities, energy providers, and research institutions within Germany and the EU. Technically, the website is built on WordPress using the Divi theme, with common plugins for forms and social icons, hosted on rzone.de servers. The site is professionally designed, mobile-optimized, and content-rich, reflecting a mature digital presence. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in compliance and security transparency.

B

Bayerischer Bauindustrieverband

bauindustrie-bayern.de

55

The Bayerischer Bauindustrieverband website serves as the official online presence of the Bavarian construction industry association. It provides comprehensive information about the association's activities, including member services, educational programs, events, and industry news. The site targets industry professionals, member companies, and prospective trainees, positioning itself as a key regional player in the construction sector. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies and integrating external services for analytics and content delivery. Security posture is adequate with HTTPS and Content-Security-Policy headers, though additional security headers and privacy compliance mechanisms are recommended. Overall, the website is professional, well-structured, and trustworthy, with moderate technical performance and good user experience.

J

Josef Weiß Elektrotechnik GmbH & Co KG

et-weiss.de

42

Josef Weiß Elektrotechnik GmbH & Co KG is a medium-sized German company specializing in electrical engineering services, including industrial installations, medium and low voltage systems, automation technology, and geothermal energy solutions. The company positions itself as a reliable partner for environmentally friendly and future-oriented energy supply primarily in Bavaria and the German-speaking region. The website reflects a professional business with clear service offerings and references to significant projects and partners in the energy sector. Technically, the website is built on WordPress using the Divi theme, incorporating modern web technologies such as jQuery and Google Analytics for tracking. The site is mobile-optimized and has good SEO practices, though accessibility features are basic. Hosting is managed via domaincontrol.com nameservers, indicating a standard hosting environment. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers and a formal vulnerability disclosure mechanism. No privacy or cookie policies were found, indicating compliance gaps with GDPR and related regulations. Contact information is clearly presented, enhancing business credibility. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy compliance and security hardening to reduce risk and improve user trust.

W

Wärmeversorgung Ismaning GmbH & Co. KG

waermeversorgung-ismaning.de

43

Wärmeversorgung Ismaning GmbH & Co. KG operates as a municipal energy provider focusing on geothermal heating solutions to supply environmentally friendly and cost-effective heat to the community of Ismaning, Germany. The website serves as an informational platform to transparently communicate the progress and details of the geothermal project, targeting local citizens and stakeholders interested in sustainable energy. The business model centers on local renewable energy infrastructure development and customer engagement for heat supply services. Technically, the website is built on WordPress using the Avada theme and incorporates modern plugins such as Yoast SEO and Slider Revolution, indicating a moderate to good level of digital maturity. The site is mobile-optimized with good navigation and SEO practices, although some accessibility features could be improved. Hosting details are not explicit, but the site uses HTTPS and standard web technologies. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, demonstrating GDPR compliance awareness. However, no explicit security headers or incident response policies are visible, and there is room for improvement in security best practices. No vulnerabilities or suspicious content were detected in the analysis. Overall, the website presents a professional and trustworthy image consistent with a municipal utility provider. The risk profile is low, but enhancing security headers and publishing security policies would strengthen the security posture and trust further.

S

Scholl Communications AG

erdwaerme-gruenwald.de

63

Erdwärme Grünwald is a local German energy initiative focused on geothermal energy solutions to address climate change in Grünwald. The website is professionally designed using the Weblication® CMS platform and hosted with Cloudflare DNS services, indicating a moderate level of technical maturity. However, the site lacks explicit privacy, cookie, and terms of service policies, which are critical for GDPR compliance and user trust. Security posture is basic with no detected security headers or incident response information, suggesting room for improvement in security best practices. Overall, the website presents a credible business presence but would benefit from enhanced privacy and security measures to improve compliance and trustworthiness.

E

Energie-Wende-Garching GmbH

ewg-garching.de

61

Energie-Wende-Garching GmbH is a local energy provider based in Garching, Germany, specializing in sustainable district heating using geothermal energy. The company positions itself as a green energy supplier focused on reducing CO2 emissions and providing environmentally friendly heating solutions to residents and businesses in the Garching area. Their website reflects a professional and well-structured digital presence with clear navigation, comprehensive customer support portals, and detailed business information. Technically, the site employs modern web standards including Bootstrap for responsive design, JSON-LD structured data for SEO, and optimized media formats such as WebP images. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data, although formal security policies and vulnerability disclosures are absent. Overall, the website demonstrates a mature digital infrastructure aligned with the company's sustainable energy mission, fostering trust and credibility among its audience.

B

Bundesverband Erneuerbare Energie e.V.

bee-ev.de

56

The Bundesverband Erneuerbare Energie e.V. (BEE) is a German national umbrella association representing various renewable energy sectors including wind, solar, biomass, hydropower, and geothermal. The organization acts as a non-profit advocacy group aiming to promote 100% renewable energy across electricity, heat, and mobility sectors. Their website provides news, publications, event information, and policy positions targeted at stakeholders in the renewable energy industry in Germany. The site is professionally designed, well-structured, and mobile-optimized, running on TYPO3 CMS with modern frontend technologies.

A

AFK Geothermie GmbH

afk-geothermie.de

58

AFK Geothermie GmbH is a German regional energy provider specializing in geothermal energy and district heating services. Their website offers information about their services including geothermal energy production, district heating network expansion, internet services bundled with heating connections, and customer support. The company targets residential and commercial customers within the energy sector, positioning itself as a reliable regional utility provider. The website is built on WordPress with modern plugins and demonstrates good digital maturity with mobile optimization and cookie consent mechanisms. Security posture is solid with HTTPS enabled and no exposed sensitive data, though security headers and explicit security policies are absent. Overall, the website is professional, trustworthy, and compliant with GDPR, but could improve by publishing security policies and enhancing security headers.

I

Interreg Deutschland-Danmark

interreg-de-dk.eu

48

The website www.interreg-de-dk.eu represents the Interreg Deutschland-Danmark program, a government-backed EU-funded initiative supporting cross-border cooperation projects between Germany and Denmark. It provides funding and resources to foster regional development and collaboration. The site is professionally designed, multilingual, and targets organizations and stakeholders involved in regional cooperation. Technically, it is built on TYPO3 CMS, uses modern frontend frameworks like Bootstrap, and integrates Google Tag Manager and CookieFirst for analytics and consent management. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the domain appears legitimate despite WHOIS privacy protection, consistent with EU domain privacy norms. The site is trustworthy, well-maintained, and serves a clear public sector mission.

Region Sjælland operates as a regional government entity providing healthcare, psychiatric, social services, and regional development functions within Denmark. The website serves as an information portal for hospitals, emergency services, social institutions, and regional infrastructure. It targets residents, patients, and partners within the region. The digital presence is built on modern web technologies including Next.js and React, hosted on Microsoft Azure, indicating a mature technical infrastructure. The site is mobile-optimized and accessible, with good SEO practices and performance. Security posture is strong with HTTPS enforced, appropriate security headers, and a comprehensive cookie consent mechanism ensuring GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies are clearly linked and detailed, supporting compliance with data protection regulations. However, WHOIS data is unavailable, limiting domain registration trust verification. Overall, the website demonstrates a professional and trustworthy digital presence suitable for a public healthcare authority. Recommendations include adding explicit contact information for security and privacy concerns, publishing a security.txt file for vulnerability disclosures, and maintaining regular security audits of third-party scripts.

T

Tønder Kommune

toender.dk

69

Tønder Kommune operates as the official municipal government website for the Tønder region in Denmark, providing residents and stakeholders with access to municipal services, public information, and citizen support. The website is positioned as a local government authority, serving a medium-sized audience within the government sector. The digital presence is built on modern web technologies including Nuxt.js, with a focus on accessibility, mobile optimization, and SEO best practices. The site implements a comprehensive cookie consent mechanism aligned with GDPR requirements, reflecting a mature approach to privacy compliance. However, the absence of WHOIS data limits the ability to fully verify domain registration legitimacy. Security posture is moderate, with HTTPS implied but lacking explicit security headers and published security policies. Overall, the website presents a professional and trustworthy interface suitable for its governmental role.

S

Sønderborg Kommune

sonderborgkommune.dk

76

Sønderborg Kommune operates as the official municipal government website for the Sønderborg region in Denmark, providing a comprehensive range of public services to its citizens. The site targets residents and visitors seeking information on personal affairs, health and care, construction, education, traffic, employment, and environmental issues. It holds a strong market position as a local government authority with a well-established digital presence since 1997. Technically, the website leverages Drupal CMS, integrates privacy-focused analytics via Matomo, and employs Cookiebot for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure suitable for public sector needs. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms to comply with privacy regulations. However, it lacks explicit security headers and a public security policy or incident response contact, which are areas for improvement. No critical vulnerabilities or WAF blocking were detected, indicating a stable security posture. Overall, Sønderborg Kommune's website is a trustworthy, professional, and privacy-conscious platform that effectively serves its public audience. Strategic enhancements in security policy transparency and DNS security could further strengthen its risk profile and compliance stature.

Region Syddanmark is a Danish regional government authority responsible for healthcare, regional development, and environmental management within the Southern Denmark region. The website serves as an official information portal for citizens and partners, providing comprehensive details about its services and operations. The organization holds a strong market position as a public entity with a long-established presence since 2004. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates third-party services such as Cookiebot for cookie consent management, Cludo for search functionality, and Monsido for website monitoring. The site is well-optimized for mobile devices and accessibility, with good SEO practices and performance. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. However, there is room for improvement in security headers and publishing explicit security policies or incident response contacts. No critical vulnerabilities or suspicious activities were detected. Overall, the website demonstrates a solid risk posture with high legitimacy and trustworthiness. Strategic recommendations include enabling DNSSEC, enhancing security headers, and publishing security and incident response policies to further strengthen compliance and user trust.

P

Professor Dr. ABC

prof-dr-abc.com

46

Professor Dr. ABC operates an educational website focused on language learning for children, offering interactive expeditions, games, and songs to engage young learners. The website is professionally designed, multilingual (German and Danish), and carries a recognized European Language Label certification, indicating quality in language education. The business model centers on educational content delivery and personal appearances, targeting a niche market in the education sector primarily in Germany. Technically, the site is built on TYPO3 CMS, uses jQuery and Google Analytics, and is moderately optimized for performance and mobile devices. Security posture is adequate with HTTPS and secure login forms, but lacks some security headers and cookie consent mechanisms. WHOIS data is missing, which raises concerns about domain registration legitimacy, though the website content and certifications suggest a legitimate operation. Overall, the site is trustworthy and professional but would benefit from enhanced security and privacy compliance measures.

L

Leadpartner Brand & Redning Sønderjylland

112interreg.eu

55

Interreg112 is a bilingual project website supporting the DanGer112 initiative, co-financed by the EU's Interreg 6A program. The project focuses on enhancing cross-border cooperation in emergency services between Denmark and Germany. The website serves as an information portal for project partners, stakeholders, and the public, providing news, events, and contact details. The site is professionally designed with consistent branding and clear navigation, targeting government agencies and emergency service organizations in the region. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, and accessibility tools like Monsido, ensuring good mobile optimization and user experience. Hosting and domain registration are consistent with the regional focus, with the registrar being a reputable Danish provider. The site uses HTTPS and includes cookie consent mechanisms, reflecting basic GDPR compliance. From a security perspective, the site has a good baseline with HTTPS and no exposed sensitive data. However, it lacks explicit security headers and a published privacy policy or incident response information, which are recommended for enhanced security posture and compliance. No vulnerabilities or suspicious patterns were detected. Overall, the website is trustworthy and professional, with moderate technical sophistication and a solid foundation for security and privacy. Strategic improvements include publishing comprehensive privacy and terms of service documents, adding security headers, and establishing incident response contacts to strengthen compliance and user trust.

The website at kulturfokus.de is currently inaccessible, returning a 403 Forbidden error page that blocks access to any substantive content. The page only displays a styled error message with no business or contact information, policies, or interactive elements. The lack of content and metadata prevents a meaningful assessment of the business or its services. Technically, the site includes only a Google Fonts external resource and no detectable CMS, analytics, or security headers. WHOIS data is minimal, showing only name servers without registrant details, which limits trust and legitimacy evaluation. Overall, the site appears to be either restricted by access controls or misconfigured, resulting in a poor digital presence and security posture.

H

Haderslev Kommune

haderslev.dk

68

Haderslev Kommune operates an official municipal website providing digital self-service and information to its residents and visitors. The site is designed to facilitate 24/7 access to municipal services and information, reflecting a commitment to digital accessibility and citizen engagement. The website leverages modern web technologies including ASP.NET Core, jQuery, Bootstrap, and third-party services such as Monsido for analytics and Cookie Information for privacy compliance. The cookie consent mechanism is comprehensive and GDPR compliant, indicating a strong focus on privacy and regulatory adherence. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and registration details. Security posture is generally good with HTTPS enforced and secure cookie practices, but the lack of explicit security headers and absence of published security policies suggest areas for improvement. Overall, the website presents a professional and trustworthy digital presence for the municipality, with moderate technical performance and good user experience.

S

Stadt Flensburg

flensburg.de

58

The website www.flensburg.de serves as the official digital portal for the city of Flensburg, Germany. It provides a broad range of municipal services and information including citizen services, social programs, cultural and educational resources, political and administrative details, and urban planning information. The site targets residents, local businesses, and visitors, positioning itself as a comprehensive government resource. The business model is that of a government municipal service provider, focusing on public service delivery rather than commercial activities. Technically, the site employs a mix of established JavaScript libraries such as jQuery 1.11.3, FontAwesome 5, jPlayer, and Flowplayer, indicating a moderately mature digital infrastructure. The site appears to be custom-built or uses a proprietary CMS, with good mobile optimization and accessibility features like visual assistance tools. Performance is moderate, with room for modernization of some libraries. From a security perspective, the site uses HTTPS and includes accessibility and privacy-related CSS and scripts, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partial, with a cookie policy and consent mechanism present but no clear privacy policy or terms of service pages found. Incident response and vulnerability disclosure information are absent. Overall, the website is a trustworthy and professional government portal with good content quality and business credibility. However, it would benefit from enhanced privacy disclosures, security header implementation, and clearer contact information to improve compliance and user trust.