Security Directory

Z

zelaznefinanse.pl

zelaznefinanse.pl

0

Żelazne Finanse is a small financial advisory business based in Warsaw, Poland, specializing in credit consulting including mortgage loans, cash loans, and insurance brokerage. The website positions itself as a local expert advisor, targeting individuals seeking professional financial advice. The business was founded in 2020 and operates primarily through its WordPress-based website, which is well-structured and optimized for SEO with modern plugins and tools. The site uses Google Tag Manager for analytics and CookieYes for cookie consent management, indicating a basic level of digital maturity. However, Google Analytics is not fully configured, and no privacy policy or terms of service pages were detected, which may impact compliance and user trust.

T

Tax Clear - Księgowość, Optymalizacja, Podatki Sp. z o.o.

taxclear.pl

0

TaxClear is a Warsaw-based accounting firm specializing in comprehensive accounting and tax services for small and medium-sized enterprises, including sole proprietorships and commercial law companies. The company offers services such as business registration assistance, tax advisory, and modern online accounting solutions. Their market position is focused on local businesses in the Warsaw area, providing tailored and professional financial services. The website is built on a modern WordPress platform using Elementor, with integration of Google Tag Manager for analytics and marketing. The technical infrastructure is solid, hosted by cyber_Folks S.A., and the site is mobile-optimized with good SEO practices. However, some security best practices like DNSSEC and security headers are missing. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but improvements are recommended in DNS security and HTTP headers. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional and trustworthy with room for security and compliance enhancements. The risk assessment indicates a low risk of security or compliance issues but highlights the need for formal privacy and cookie policies to meet GDPR requirements. Strategic recommendations include implementing security headers, enabling DNSSEC, and publishing comprehensive privacy and cookie policies to improve compliance and trust.

K

Kancelaria LexWibor

lexwibor.pl

0

Kancelaria LexWibor is a Polish legal consultancy specializing in invalidating WIBOR variable interest clauses in credit agreements. Founded in 2022, it targets individuals affected by WIBOR-related credit issues, offering niche legal services. The website is built on WordPress with Elementor and integrates modern tools like Google Tag Manager and Cookiebot for analytics and GDPR compliance. Hosting is provided by home.pl, a reputable Polish hosting provider. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks security headers and explicit privacy and terms policies. No contact emails or phone numbers are directly visible, which may impact user trust. Overall, the site is professional and focused but could improve transparency and security documentation.

BIDV is a major Vietnamese commercial bank offering a wide range of financial services including retail, corporate, and premium banking. The website reflects a professional and enterprise-grade digital presence, leveraging IBM WebSphere Portal CMS and modern web technologies such as jQuery and Bootstrap. The site is mobile optimized and integrates multiple analytics and marketing tools including Google Analytics, Facebook Pixel, and TikTok Pixel, indicating a mature digital marketing strategy. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though the absence of explicit security policies and privacy/cookie policies suggests room for improvement in compliance and transparency. Overall, the website is trustworthy and well-maintained, supporting BIDV's position as a leading financial institution in Vietnam.

N

Nauda

nauda.money

0

Nauda is a fintech company focused on providing streamlined financial services tailored for freelancers and small to medium enterprises (SMEs). Their platform offers multi-currency business accounts, efficient international payment solutions, and business loans up to £500,000, positioning themselves as a cost-effective alternative to traditional banks. The website reflects a professional and consistent brand image with clear service descriptions and pricing plans, targeting startups and SMEs globally. Technically, the website is built on the Webflow platform, utilizing modern frontend technologies including jQuery. It is mobile-optimized and provides a good user experience with clear navigation and responsive design. However, the site lacks visible advanced security headers and explicit incident response or security policies, which are important for fintech platforms handling sensitive financial data. From a security perspective, the site uses HTTPS (implied by Webflow hosting), has a cookie consent mechanism, and no exposed sensitive data was found in the HTML. The absence of WHOIS registrant data suggests privacy protection, which is common and justified for fintech businesses. No signs of WAF blocking or malicious content were detected. Overall, the security posture is moderate but could be improved by implementing stronger HTTP security headers and publishing security policies. The overall risk assessment is moderate with no critical issues detected. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and improving accessibility compliance. These steps will strengthen trust and compliance, critical for fintech customer confidence and regulatory adherence.

A

AI Invest Lab

aiinvestlab.com

0

AI Invest Lab is a small fintech company based in Dubai, UAE, specializing in automated investing solutions leveraging AI technologies. The company operates a professionally designed website hosted on the Squarespace platform, targeting investors and users interested in automated financial investment services. Their market position appears to be a niche fintech provider focusing on AI-driven investment automation. The website includes social media presence on Instagram, YouTube, and TikTok, enhancing their digital footprint. Technically, the website is built on Squarespace CMS with integrations such as Typekit fonts, Google reCAPTCHA for form security, and Weglot for multilingual support. The site demonstrates good mobile optimization and moderate performance. SEO and accessibility are basic but adequate for a small business. Hosting and domain registration are consistent and legitimate, with SSL and HSTS enabled, ensuring secure communications. From a security perspective, the website follows several best practices including HTTPS enforcement and use of reCAPTCHA. However, it lacks advanced security headers like Content-Security-Policy and does not publish privacy, cookie, or terms of service policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency and readiness. Overall, AI Invest Lab presents a moderate risk profile with a solid technical foundation but gaps in privacy compliance and security policy disclosures. Strategic improvements in these areas would enhance trustworthiness and regulatory compliance.

S

Swedbank

swedbank.lv

0

Swedbank Latvia is the largest bank in Latvia serving nearly one million individuals and over 71,000 businesses. The website provides comprehensive banking services including internet and mobile banking, financial advisory, loans, investments, and insurance. The site is well-branded, professionally designed, and optimized for Latvian users with multilingual support. Technically, it uses modern web components and scripts, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and privacy compliance, though some security headers and incident response contacts are not explicitly found. The domain WHOIS data aligns with the bank's identity, indicating legitimacy and trustworthiness. Overall, the website is a reliable and professional digital presence for Swedbank Latvia.

B

bilic

bilic.io

0

Bilic is a technology company specializing in AI-driven agents designed to enhance finance security and compliance processes. Their platform leverages advanced AI, including Large Language Models, to automate and improve transaction monitoring, customer due diligence, risk assessment, anti-money laundering compliance, fraud detection, and regulatory checks. The company positions itself as an innovative player in the finance compliance sector, supported by notable partners such as AWS and Barclay. The website presents a professional and consistent brand image with clear messaging targeted at financial institutions and compliance professionals. Technically, the website is built using modern web technologies including React, Bootstrap, and integrates third-party services like Calendly for demos, Hotjar for analytics, and Google Tag Manager. The site is mobile optimized and performs moderately well, with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and secure form handling, though some security headers are missing and no explicit security policy or incident response information is provided. Overall, the security posture is good with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy, cookie, and terms policies, including a cookie consent mechanism. The lack of WHOIS registrant data is mitigated by the professional site presentation and active social presence, indicating a legitimate and privacy-conscious startup. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

C

Compass Inkasso

compass-inkasso.de

0

Compass Inkasso GmbH is a small, regionally focused German company specializing in professional debt collection and receivables management services since 2006. The company positions itself as a reliable partner offering fair, transparent, and legally compliant solutions with personal consulting. Their key services include Forderungsmanagement, personal consultation, creditworthiness checks, and installment payment management, targeting businesses primarily in Ostfriesland and surrounding areas. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to business clients. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, indicating a modern and maintainable infrastructure. Hosting is managed via domaincontrol.com name servers, likely GoDaddy. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility at a basic level. Cookie consent is managed via Borlabs Cookie, ensuring GDPR compliance. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. The domain WHOIS data is limited but shows no privacy protection or suspicious patterns, supporting legitimacy. Overall, Compass Inkasso's website demonstrates a solid business and technical foundation with good privacy compliance and moderate security posture. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance trust and resilience.

F

Ferratum by Multitude Bank p.l.c.

ferratum.lv

0

Ferratum by Multitude Bank p.l.c. is a licensed financial institution operating primarily in Latvia, offering fast and flexible financial solutions such as consumer loans, credit lines, and a banking app. The company has a strong market presence with over 2 million clients since 2005 and operates in 13 countries. The website is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital infrastructure. Technically, it leverages modern frameworks like React and Next.js, with advanced script management via Partytown to enhance performance and security. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy. Strategic recommendations include publishing explicit security policies, adding vulnerability disclosure mechanisms, and enhancing security contact channels to further strengthen trust and compliance.

2

21Shares

21shares.com

0

21Shares operates as a pioneering issuer of exchange-traded crypto products (ETPs), providing institutional and retail investors with regulated and accessible investment vehicles for cryptocurrencies. The company positions itself as the world's first and largest crypto ETP issuer, offering a broad portfolio including single asset, diversified index, smart index, and staking products. Their market approach leverages existing brokerage and banking infrastructure to simplify crypto investments. Technically, the website is built on Webflow with modern JavaScript frameworks and integrates privacy and analytics tools such as Cookiebot, Hotjar, and Google Tag Manager. The site demonstrates excellent design, mobile optimization, and user experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not publicly detailed. The WHOIS data for the domain is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the website is professional and trustworthy, but the lack of WHOIS data and direct contact information slightly reduce business credibility.

B

Bitpanda

bitpanda.com

0

Bitpanda is a prominent European online brokerage platform specializing in a wide range of investment products including cryptocurrencies, stocks, ETFs, precious metals, and leverage trading. The platform targets retail investors and crypto enthusiasts across Europe, offering easy access to trading starting from as low as 1 euro. Bitpanda positions itself as a leading broker with a comprehensive suite of services including savings plans, staking, and educational resources to empower users. Technically, the website is built on modern frameworks such as Next.js and React, ensuring fast performance, mobile optimization, and good SEO practices. The use of analytics tools like RudderStack indicates a mature digital infrastructure. Security-wise, the site enforces HTTPS, employs multiple security headers, and shows no visible vulnerabilities, reflecting a strong security posture. However, the absence of publicly available WHOIS data and direct company contact details slightly reduces transparency. Overall, Bitpanda presents a professional, trustworthy, and compliant online presence suitable for its financial services business.

P

Parqet Fintech GmbH

parqet.com

0

Parqet Fintech GmbH operates a sophisticated portfolio tracking and financial visualization platform primarily targeting private investors in Germany. The company offers a comprehensive suite of tools including portfolio dashboards, dividend calendars, financial news feeds, and developer APIs, positioning itself as a leading fintech solution for investment monitoring. With over 350,000 users and strong app store ratings, Parqet has established a solid market presence. Technically, the website leverages modern frameworks such as Nuxt.js and Vue.js, hosted with Cloudflare DNS services, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforcement and clientTransferProhibited domain status, though DNSSEC is not enabled and no explicit security.txt or incident response contacts are published. Privacy compliance is well addressed with clear GDPR-aligned policies and cookie consent mechanisms. Overall, Parqet demonstrates a mature digital infrastructure and trustworthy business model with room for minor security enhancements.

A

Allfunds Bank S.A.U.

allfunds.com

0

Allfunds Bank S.A.U. operates as a leading B2B WealthTech platform with over 20 years of experience, providing integrated wealth management and fund distribution solutions globally. The company offers a comprehensive digital ecosystem that includes advanced tools for dealing, execution, ESG, compliance, and blockchain technology to transform investment fund environments. Positioned as a market leader with over €1.7 trillion in assets under administration, Allfunds targets fund houses, distributors, and wealth managers worldwide. The website reflects a mature digital infrastructure with modern technologies such as React and Material-UI, hosted on Akamai's CDN for performance and reliability. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

PITax.pl is a well-established Polish online tax filing platform operated by PITAX sp. z o.o., providing free and comprehensive personal income tax (PIT) filing services. The platform targets a broad audience including employees, retirees, entrepreneurs, and investors, offering expert support and educational resources to maximize tax refunds. The website demonstrates a mature digital infrastructure using Silverstripe CMS, modern JavaScript libraries, and integrates analytics and marketing tools with user consent mechanisms. Security posture is strong with HTTPS enforcement and secure form handling, though some security headers could be improved. The domain registration is consistent with the business claims, supporting legitimacy and trust. Overall, PITax.pl presents a professional, user-friendly, and trustworthy service in the Polish finance sector.

Q

Quickpay

quickpay.net

0

Quickpay is a well-established payment service provider founded in 1999, offering flexible and scalable online payment solutions to over 30,000 merchants with more than 4 million transactions processed monthly. The company provides a comprehensive product portfolio including payment method integrations, API access for developers, and a partner program, positioning itself as a reliable player in the European fintech and e-commerce market. The website reflects a professional and modern digital presence, leveraging technologies such as Hugo for static site generation, Cookiebot for consent management, and Google Tag Manager for analytics, ensuring good performance, accessibility, and SEO optimization. Security posture is strong with HTTPS enforced, clientTransferProhibited domain status, and cookie consent mechanisms, although DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, Quickpay demonstrates high business credibility and technical maturity with minor areas for improvement in security transparency and DNS security.

I

iConsult d.o.o.

iconsult.si

0

iConsult d.o.o. is a Slovenian consulting firm specializing in tax, legal, and financial advisory services primarily targeting medium and large enterprises. Established in 2020 as the successor to Taxgroup, the company leverages a team of over 15 experienced professionals, including licensed valuators and legal experts. Their integrated service offering addresses complex business challenges in finance, law, and taxation, positioning them as a trusted advisor in the Slovenian market. The website is built on WordPress with modern technologies such as WPBakery Page Builder and Yoast SEO, indicating a mature digital infrastructure. Hosting is provided by a reputable Slovenian provider, NEOSERV.si. The site demonstrates good mobile optimization, SEO practices, and user experience, with clear navigation and professional branding. Security posture is solid with HTTPS enforced, presence of key security headers, and secure form handling. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including GDPR consent mechanisms. However, the site lacks a publicly available security policy and incident response information, which could enhance trust and preparedness. Overall, the website and business present a low-risk profile with strong credibility and professionalism. Strategic recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure to further strengthen security transparency and compliance.

G

Gold Price Group Inc

goldprice.org

0

GoldPrice.org is a well-established financial information website specializing in live gold price charts and historical data across multiple currencies. Founded in 2003, it serves investors and individuals interested in precious metals pricing worldwide. The site is positioned as a leading resource in its niche, offering fast-loading charts and market insights supported by advertising revenue. Technically, the site uses Drupal 10 CMS, Cloudflare for DNS and CDN, and integrates modern web technologies such as lazy loading and Google Tag Manager for analytics. Privacy compliance is robust with a comprehensive privacy policy and a Cookiebot consent mechanism enabling granular user control over cookies. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly observed. No contact or incident response information is published, which could be improved. Overall, the site is professional, trustworthy, and safe for general audiences.

S

Slovenská asociácia poisťovní

slaspo.sk

0

Slovenská asociácia poisťovní (SLASPO) is a Slovak insurance industry association representing commercial insurance companies. The website serves as an informational and educational platform providing access to insurance statistics, legislative information, and key industry topics. The association aims to protect and promote the interests of its members in relation to government bodies and the public. The website is professionally designed with clear navigation and content relevant to its target audience of insurance professionals and the public. Technically, the site uses legacy jQuery 1.9.1 and Google Analytics for tracking, hosted on websupport.sk with DNSSEC and HTTPS enabled, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by updating libraries and adding security headers. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and legitimate with a domain age consistent with the association's history.

H

Handelsbanken

handelsbanken.se

0

Handelsbanken is a well-established Swedish bank offering a wide range of financial services including mortgages, personal loans, savings, pensions, and private banking. The website reflects a strong market position with a focus on personalized customer service and digital banking solutions. The content is professionally presented, targeting both private individuals and businesses in Sweden. Technically, the site uses modern JavaScript frameworks and analytics tools, ensuring good performance and mobile optimization. Security practices are solid with HTTPS enforcement and user guidance on fraud prevention, although explicit security headers and a public security policy could enhance trust further. The absence of WHOIS data for the www subdomain is likely a technical artifact rather than a legitimacy concern. Overall, the site is trustworthy, compliant with privacy regulations, and provides comprehensive customer support.

H

Handelsbanken

handelsbanken.no

0

Handelsbanken is a well-established personal and private banking institution operating primarily in Norway, with strong ties to its parent company Svenska Handelsbanken AB (publ). The website emphasizes personalized advisory services without sales targets, positioning itself as a trusted and stable bank with Europe's safest commercial bank ranking and the highest customer satisfaction in Norway. The digital presence is modern, mobile-optimized, and content-rich, targeting private banking customers seeking reliable financial services. Technically, the site uses modern JavaScript frameworks and Adobe Analytics for user insights, with good SEO and accessibility practices. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security headers and vulnerability disclosure are absent. WHOIS data is unavailable due to Norid's privacy policies, but the domain's legitimacy is supported by consistent branding and external references.

S

SAB servis s.r.o.

myplann.cz

0

SAB servis s.r.o. operates as a brokerpool providing comprehensive support services for financial advisors and leaders of advisory firms primarily in the Czech Republic. The company emphasizes simplifying the operational life of its clients through education, events, and a suite of tools designed to enhance advisory practices. Their market position is supported by a clear vision and active engagement with their target audience, positioning them as a proactive player in the financial advisory sector. Technically, the website is built on the Solidpixels CMS platform and leverages modern web technologies including Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good SEO practices and a professional design, though some accessibility features could be improved. Performance is moderate, with a well-structured navigation system and clear content presentation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, no advanced security headers were detected, and there is no visible security or incident response policy published. The absence of WHOIS data limits the ability to fully verify domain registration legitimacy, though the professional web presence and social media footprint support the company's credibility. Overall, SAB servis presents a trustworthy and professional digital presence with room for improvement in security transparency and domain registration disclosure. Strategic enhancements in security policies and WHOIS transparency would further strengthen their risk posture and trustworthiness.

A

Avenir Financial Group

avenirgroup.cz

0

Avenir Financial Group is a Czech Republic based financial advisory company with over 20 years of experience among its founders. The company offers a comprehensive range of financial services including insurance, investment, real estate, mortgage advisory, and vehicle financing. Their business model focuses on providing clients with access to a broad portfolio of vetted financial institutions and products, emphasizing fair and quality service. The website reflects a mature digital presence built on Joomla CMS with Bootstrap and jQuery, featuring a cookie consent mechanism and Google Analytics integration with IP anonymization. Contact information and partner affiliations are clearly presented, enhancing business credibility. However, the absence of WHOIS data limits domain trust evaluation. Security posture is moderate with room for improvement in security headers and incident response transparency. Overall, the website is professional, user-friendly, and compliant with privacy regulations, targeting clients seeking financial and insurance services in the Czech market.

H

Handelsbanken

handelsbanken.ee

0

Handelsbanken is a well-established Swedish bank founded in 1871, recognized as one of the world's strongest banks with a decentralized operational model and strong local presence in Sweden, Norway, the Netherlands, and the UK. The website provides comprehensive information about the bank's services, investor relations, sustainability efforts, and press releases, targeting banking customers, investors, and the general public. The digital infrastructure leverages modern web technologies including JavaScript frameworks and Adobe Analytics for performance and user insights. Security practices include HTTPS enforcement, cookie consent mechanisms, and sandboxed iframes for external content, though explicit security headers are not visible in the provided data. The WHOIS data is incomplete, lacking registrar and creation details, which is unusual but does not detract from the site's legitimacy given the professional content and branding. Overall, the site demonstrates a mature digital presence with strong business credibility and good privacy compliance.

Z

ZB Invest

zbi.hr

0

ZB Invest is a Croatian financial investment company specializing in investment funds and related services. The website provides fund pricing, yield data, calculators, and contact options primarily targeting Croatian investors. The domain is well-established since 2000 and hosted with professional infrastructure including Akamai CDN services. The website uses standard JavaScript libraries for UI and data visualization but lacks modern CMS or frameworks. Security posture is basic with no visible security headers or privacy policies, and no contact information is explicitly provided in the analyzed content. Overall, the site is functional but could improve in privacy compliance and security best practices.

Stocktwits is a leading social media platform and real-time market data provider focused on investors and traders. Founded in 2008, it has grown to serve over 10 million users, offering live stock and cryptocurrency quotes, social community discussions, news, earnings tracking, and AI-powered insights. The platform integrates multiple advertising and analytics services to monetize and optimize user engagement. Technically, Stocktwits employs modern web technologies including Next.js, Cloudflare CDN, and various tracking and marketing tools, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforcement and domain locking, though DNSSEC is not enabled and explicit privacy and security policies are not found in the provided content. Overall, Stocktwits presents a professional, trustworthy, and comprehensive service for its target audience of investors and traders.

The website etrisbank.de is currently inaccessible, returning a 403 Forbidden error with minimal HTML content indicating a firewall block. This prevents any meaningful analysis of the website's content, services, or user interface. The domain is registered with standard German name servers via INWX, suggesting legitimate registration, but no further business details or digital assets are publicly accessible. The lack of accessible content and security headers, combined with no visible privacy or cookie policies, results in a very low digital maturity and security posture score. Without access to the site, it is impossible to evaluate the company's market position, services, or compliance status. Strategic recommendations focus on resolving access issues, enabling HTTPS, and publishing essential compliance and contact information.

M

Münchener Verein Versicherungsgruppe

muenchener-assekuranz.de

0

Münchener Assekuranz is an insurance service platform associated with the Münchener Verein Versicherungsgruppe, a well-established insurance group in Germany. The website serves primarily German-speaking customers, offering insurance brokerage and customer login services. The business model focuses on providing insurance products and customer service through a secure online portal. The company maintains a consistent brand presence and targets a medium-sized market segment within the finance industry in Germany. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including jQuery and Usercentrics for consent management. Hosting and DNS services are provided via Cloudflare, enhancing security and performance. The site demonstrates good mobile optimization, accessibility, and basic SEO practices, although there is room for improvement in metadata and structured content. From a security perspective, the site enforces HTTPS and uses secure login forms. However, it lacks visible security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partially addressed through a cookie consent mechanism, but no explicit privacy policy or terms of service pages were found. Overall, the website presents a professional and trustworthy front for an insurance business but would benefit from enhanced privacy disclosures, security headers, and formalized security policies to improve compliance and user trust.

M

Münchener Verein Versicherungsgruppe

maklerview.de

0

Maklerview.de is a professional blog platform serving partners and intermediaries of the Münchener Verein Versicherungsgruppe, a German insurance group. The website provides industry news, practical tips, and community engagement content tailored for insurance brokers. It positions itself as a niche content hub within the finance sector, targeting German-speaking insurance professionals. The business model revolves around content delivery and community support rather than direct sales. The site is moderately sized and was founded around 2021, aligning with the domain's apparent age.

The website analyzed is a login page for Helvetia, a Swiss insurance company. The page content is minimal and appears to be blocked or protected by a security mechanism, likely a Web Application Firewall (WAF), as indicated by the hidden body and placeholder text. The site lacks visible privacy, cookie, or terms of service policies, and no contact information or forms are present. The technical infrastructure shows minimal publicly accessible content with a single JavaScript file loaded, and no metadata or structured data is available for deeper analysis. From a security perspective, the absence of visible security headers, privacy policies, and incident response contacts suggests a low transparency posture, although this may be due to the page's nature as an identity provider login portal. The lack of accessible content limits the ability to assess SSL configuration or other security best practices. No vulnerabilities or exposed sensitive data were detected, but the inability to access full content restricts comprehensive evaluation. Overall, the website's risk assessment is constrained by the blocked content, resulting in a low AI score. Strategic recommendations include improving transparency by publishing privacy and cookie policies, adding contact and incident response information, and ensuring security headers and SSL configurations are properly implemented and visible. These steps will enhance trust and compliance with data protection regulations.

E

EBONITETE.SI

ebonitete.si

0

EBONITETE.SI is a Slovenian business credit rating agency established in 2012, offering creditworthiness evaluations and financial reliability information for companies. Positioned as the first credit rating agency in Slovenia, it targets businesses seeking reliable partner evaluations. The website is built on WordPress with Elementor, integrating modern technologies such as Google Tag Manager and Microsoft Clarity for analytics and marketing. The site demonstrates good design quality, mobile optimization, and SEO practices, although accessibility features are basic. Security posture is solid with HTTPS and security headers implemented, but lacks publicly disclosed security policies or incident response information. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service pages. Overall, the site is legitimate and professionally maintained but would benefit from enhanced transparency and compliance documentation.

L

Luzerner Kantonalbank

lukb.ch

0

Luzerner Kantonalbank (LUKB) is a leading regional bank based in Luzern, Switzerland, providing a broad range of financial services including retail banking, mortgages, investment products, and personalized financial advisory. The website targets private customers primarily in the Luzern and Central Switzerland region, emphasizing personal service and innovative banking solutions. The bank maintains a strong market position as a trusted cantonal bank with a professional digital presence. Technically, the website employs modern web technologies such as Google Tag Manager, Cookiebot for consent management, and HTMX for dynamic content. It is well-optimized for mobile devices and accessibility, with good SEO practices and comprehensive metadata. The site uses HTTPS with strong security headers, ensuring secure communications and protecting user data. From a security perspective, the site demonstrates good practices including secure cookie handling, consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are not publicly detailed, representing an area for improvement. The privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the website is professional, trustworthy, and secure, with extensive content relevant to its audience. It integrates multiple analytics and marketing tools responsibly, maintaining transparency and user control over data. Strategic recommendations include publishing detailed security policies, vulnerability disclosure mechanisms, and enhancing transparency around data protection officers to further strengthen trust and compliance.

H

Helvetia Insurance

helvetia.ch

0

Helvetia Insurance is a well-established Swiss insurance company with over 160 years of history, serving more than 1.3 million customers. The company offers a broad range of insurance and pension products targeting private customers in Switzerland. Their website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding. The technical infrastructure leverages Adobe Experience Manager CMS, integrates multiple analytics and marketing tools, and employs modern web technologies ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms in place. However, WHOIS data is not publicly available, likely due to privacy protection, which is common for large enterprises. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

K

KENDRIS Capital Limited

kendriscapital.com

0

KENDRIS Capital Limited is an independent alternative investment fund manager specializing in multi-asset class fund solutions domiciled in Cyprus and Luxembourg. It operates as a wholly owned subsidiary of KENDRIS AG, targeting professional and well-informed investors with a comprehensive suite of fund management services including portfolio management, risk management, marketing, distribution, and fund administration. The company emphasizes a personal, independent, and digital approach to fund management, supported by a strong regulatory framework under CySEC. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics, and CookieYes for consent management, ensuring a professional and user-friendly digital presence. Security measures include HTTPS enforcement and reCAPTCHA integration, though there is room for improvement in security headers and published security policies. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the overall website content and regulatory disclosures support a trustworthy business profile.

M

Münchener Verein Versicherungsgruppe

mv-maklernetz.de

0

Münchener Verein Versicherungsgruppe operates a professional insurance broker portal offering a wide range of insurance products including health, care, retirement, and business insurance. The company holds a strong market position in Germany, evidenced by multiple industry awards and certifications. The website targets insurance brokers and business customers, providing tools, calculators, and comprehensive product information to support daily operations. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates Google Analytics and Usercentrics for privacy compliance. The site is hosted behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS and consent management, though HTTP security headers could be improved. No vulnerabilities or blocking mechanisms were detected. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Münchener Verein Versicherungsgruppe

mv-partnernetz.de

0

Münchener Verein Versicherungsgruppe operates a professional partner portal targeting insurance brokers and customers in Germany. The website offers comprehensive insurance products including health, life, pension, and business insurance solutions. It holds a strong market position as a multiple-time award-winning insurer, emphasizing trust and reliability. The portal supports partners with product details, contracts, and tools, reflecting a B2B and B2C hybrid business model. Technically, the site is built on TYPO3 CMS, integrates modern analytics and consent management tools, and is hosted behind Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS and GDPR compliance, though some security headers and explicit policies could be enhanced. Overall, the site is professional, trustworthy, and well-structured, serving its target audience effectively.

M

Münchener Verein Versicherungsgruppe

muenchener-verein.de

0

Münchener Verein Versicherungsgruppe is a well-established German insurance provider with over 100 years of history, specializing in health, retirement, and business insurance products. The company operates as a mutual insurance association, emphasizing fair premiums and community strength without external shareholders. Their market position is strong, evidenced by multiple awards including 'Versicherer des Jahres' for 14 consecutive years and top ratings from Stiftung Warentest. Technically, the website is built on TYPO3 CMS, uses modern tracking and consent management tools, and is hosted with Cloudflare DNS services, ensuring good performance and security. Security posture is strong with HTTPS, security headers, and GDPR compliance, though explicit security policies and incident response contacts are not publicly detailed. Overall, the website is professional, trustworthy, and user-friendly, targeting both private and business customers with comprehensive insurance offerings and digital service channels.

K

KENDRIS Ltd

kendris.com

0

KENDRIS Ltd is a Swiss-based international advisory and fiduciary services firm with a strong focus on wealthy individuals, family offices, corporations, and institutional clients. The company emphasizes its Swiss entrepreneurial roots, confidentiality, and independence from banks and financial institutions. With over 110 years of history and a presence in multiple countries, KENDRIS offers a broad range of services including trusts, corporate services, tax and legal advice, family office services, and alternative investment fund solutions through its subsidiary KENDRIS Capital Limited. The website is professionally designed, well-structured, and provides comprehensive information about its services and corporate group. Technically, the website employs modern technologies such as Google Tag Manager, CookieYes for consent management, and Mautic for marketing automation. It is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS enforced and secure forms, though it lacks explicit security policy and incident response information. Privacy compliance is well addressed with clear cookie and privacy policies and GDPR adherence. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which partially impacts the overall trustworthiness score. Despite this, the professional presentation and detailed business information mitigate some risks. Overall, the website represents a credible and mature financial services firm with room for improvement in transparency around security policies and domain registration verification.

C

Coop Rechtsschutz AG

cooprecht.ch

0

Coop Rechtsschutz AG is a Swiss legal protection insurance provider offering comprehensive insurance products for private individuals, businesses, and special sectors such as health insurers and unions. The company maintains a professional online presence with clear navigation, multi-language support, and a blog providing relevant legal content. Their market position is supported by numerous partnerships with reputable Swiss organizations, enhancing trust and reach. Technically, the website uses a proprietary CMS (SharedGWA), integrates Matomo analytics for privacy-conscious tracking, and employs modern frontend technologies like Swiper.js for UI elements. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and policies are not published. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. Overall, the website reflects a mature digital infrastructure aligned with business goals and regulatory requirements.

E

Euronext Corporate Solutions

companywebcast.com

0

Euronext Corporate Solutions operates as a comprehensive platform offering corporate services, compliance solutions, and investor relations tools tailored for listed companies and capital market participants. The website positions itself as a trusted partner in governance, regulatory compliance, and market communications, leveraging its affiliation with the reputable Euronext group. The platform provides a broad suite of products including IR.Manager, Shareholder Analysis, ESG advisory, and governance tools, targeting corporate clients seeking to optimize their capital market readiness and compliance frameworks. Technically, the website is built on HubSpot CMS, integrating advanced marketing and analytics tools such as Google Analytics, Microsoft Clarity, and Segment, reflecting a mature digital infrastructure with good performance and mobile optimization. Security posture is strong with HTTPS enforced, use of Google reCAPTCHA Enterprise, and cookie consent mechanisms, although explicit security headers and a public security policy are not evident. The absence of WHOIS data for the subdomain is expected and does not detract from the legitimacy of the site, which aligns with the main euronext.com domain. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

B

Banca Națională a României

bnro.ro

0

The website www.bnr.ro represents the official online presence of the National Bank of Romania (BNR), the country's central bank. It provides comprehensive information about the bank's functions, currency issuance, statistics, publications, and contact points, targeting a broad audience including the general public, financial institutions, and government entities. The site is professionally designed with consistent branding and clear navigation, reflecting its authoritative role in Romania's financial sector. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integration of Google Tag Manager and Cookiebot for analytics and cookie consent management. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO metadata completeness. From a security perspective, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism. However, explicit security headers are not evident in the provided data, and no public security or incident response policies are published. The WHOIS data is not publicly available due to ROTLD privacy policies, which is typical for .ro domains and justified for a government entity. Overall, the website demonstrates a strong business credibility and privacy compliance posture, with moderate technical and security maturity. There are no indications of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, improving accessibility, and publishing explicit security policies to further strengthen trust and compliance.

N

National Bank of Belgium

nbb.be

0

The National Bank of Belgium operates as the central financial institution of Belgium, providing essential banking and monetary services. The website serves a broad audience including the general public, financial professionals, and researchers, offering multilingual support and comprehensive information about the bank's functions. The site is built on Drupal 10, leveraging modern web technologies and analytics platforms such as Matomo and Google Analytics, with a strong emphasis on privacy and cookie consent compliance. Technically, the website demonstrates a mature digital infrastructure with good mobile optimization, accessibility, and SEO practices. Security posture is robust with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers could be improved. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, the domain WHOIS data is privacy protected, which is justified for a governmental financial institution. Despite the lack of WHOIS transparency, the website exhibits strong trust indicators and professionalism. The risk assessment is low, with recommendations focusing on enhancing security headers and publishing security policies to further strengthen trust and compliance.

C

Coop Pank

cooppank.ee

0

Coop Pank is a well-established Estonian bank offering a comprehensive range of retail and business banking services including loans, savings, insurance, and payment solutions. The bank positions itself as a local partner for customers both in urban and rural areas, emphasizing innovative and customer-centric financial products. The website reflects a mature digital presence with modern technologies such as React and Next.js, and integrates multimedia content and social media channels effectively. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit cookie consent mechanisms and published security policies could be improved. Overall, the site is professional, trustworthy, and well-aligned with the company's business objectives and regulatory requirements.

Z

Zagrebačka banka

zaba.hr

0

Zagrebačka banka is a leading Croatian financial institution offering a broad range of retail and corporate banking services. The website reflects a mature digital presence with comprehensive information on loans, savings, insurance, and digital banking platforms such as mobile and internet banking. The bank targets a wide audience including individuals, small and large businesses, and private banking clients. The site is professionally designed with consistent branding and clear navigation, supporting a strong market position within Croatia and under the UniCredit Group umbrella. Technically, the website employs modern JavaScript libraries and analytics tools such as Adobe Analytics and Tealium, hosted on Akamai infrastructure for performance and reliability. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response disclosures are absent. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. No critical vulnerabilities or suspicious activities were detected. The domain's WHOIS data confirms legitimacy with a long registration history and consistent registrant information. Strategic recommendations include publishing a dedicated security policy, incident response plan, and vulnerability disclosure guidelines to enhance transparency and trust. Regular security audits and header enhancements would further strengthen the security posture.

H

Hrvatska narodna banka

hnb.hr

0

Hrvatska narodna banka (HNB) is the central bank of the Republic of Croatia, responsible for monetary policy, financial stability, banking supervision, and currency issuance. The website serves as an official portal providing comprehensive information about the bank's functions, regulatory framework, statistics, publications, and consumer protection. It targets a broad audience including the general public, financial institutions, and government entities. The site is well-structured and professionally maintained, reflecting the bank's authoritative position in the Croatian financial sector. Technically, the website is built on the Liferay CMS platform, utilizing modern JavaScript frameworks such as React and Alloy UI. It employs Google Tag Manager for analytics and tracking, and the site is optimized for both desktop and mobile devices with a moderate performance profile. Accessibility and SEO practices are basic but adequate for the target audience. From a security perspective, the site enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly documented, representing areas for improvement. Privacy and cookie policies are present and indicate GDPR compliance, with consent mechanisms implemented. Overall, the website demonstrates a strong business credibility and security posture appropriate for a national central bank. Strategic recommendations include publishing detailed security and incident response policies, enhancing accessibility features, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

S

Swedbank AS

swedbank.ee

0

Swedbank AS is a leading Estonian bank providing a wide range of financial services including daily banking, financing, insurance, investment, and savings solutions. The website serves both private and business clients with a strong focus on digital banking services such as internet and mobile banking. The company holds a strong market position in Estonia and is part of the larger Swedbank Group, with several subsidiaries specializing in leasing, investment funds, and insurance. The website content is professionally designed, localized primarily in Estonian with English translations, and demonstrates a high level of GDPR compliance and user privacy awareness. Technically, the website employs modern web technologies including Web Components, JavaScript frameworks, and optimized asset loading strategies. It supports multiple authentication methods including Smart-ID, Mobile-ID, and biometrics, indicating a mature digital infrastructure. Performance and mobile optimization are excellent, with good accessibility and SEO practices observed. From a security perspective, the site uses HTTPS with strong SSL configuration and implements best practices such as ARIA labels for accessibility and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not prominently published, suggesting room for improvement in transparency. Overall, the website is trustworthy, professional, and secure, reflecting the reputation of a major financial institution. Recommendations include publishing detailed security policies, adding a security.txt file for vulnerability disclosures, and enhancing visible security headers to further strengthen the security posture.

J

Julianus Inkasso

julianus.ee

0

Julianus Inkasso is a well-established Estonian debt collection company founded in 1995, operating as a leading provider in Estonia and the Baltic region. The company offers comprehensive credit management services including debt collection, legal proceedings, and purchase of debt portfolios. It is part of the Aktiva Finance Group, which enhances its market position and operational scale. The website reflects a professional and consistent brand image, targeting both debtors and creditors with multilingual support and self-service portals. Technically, the site is built on WordPress with modern plugins and analytics tools, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the domain registration and website content align well, indicating a trustworthy and credible business presence.

Credit24.ee is a well-established Estonian online consumer finance provider offering a variety of loan products including credit accounts, car loans, and personal loans. The company operates under IPF Digital AS and has a strong regional presence with subsidiaries and partner brands across the Baltics and Australia. The website is professionally designed using modern web technologies such as React and Next.js, hosted on AWS, and incorporates GDPR-compliant cookie consent mechanisms. Analytics and marketing tools like Microsoft Clarity and Google Tag Manager are used for user behavior tracking and advertising. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not publicly detailed. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

A

AS LHV Pank

lhv.ee

0

AS LHV Pank is a leading Estonian financial institution offering a broad range of services including banking, loans, investments, insurance, and pension management. The company targets both individual and business customers within Estonia, positioning itself as a trusted and comprehensive financial services provider. The website reflects this with professional design, clear navigation, and extensive service information. Technically, the site employs modern frameworks such as Bootstrap and uses analytics tools like Google Analytics and PostHog, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and secure login mechanisms, although there is room for improvement in publishing dedicated security policies and incident response contacts. Overall, the site is trustworthy, compliant with GDPR, and provides a positive user experience.

Inbank is a medium-sized Estonian financial institution specializing in retail banking services such as loans and deposits. The website reflects a professional digital banking platform primarily targeting customers in Estonia and the Baltic region. The technical infrastructure leverages modern web technologies including Nuxt.js and integrates third-party authentication services like Dokobit, hosted on Amazon AWS infrastructure. While the site demonstrates good design and mobile optimization, it lacks visible privacy and cookie policies, as well as explicit contact information, which impacts privacy compliance and user trust. Security posture is moderate with HTTPS enforced and use of secure authentication, but missing security headers and incident response details suggest room for improvement. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and consistency. Strategic enhancements in privacy transparency, security headers, and incident response readiness are recommended to strengthen compliance and trust.