Security Directory

K

KDPW_CCP S.A.

kdpwccp.pl

0

KDPW_CCP S.A. operates as a central counterparty clearing house in Poland, providing clearing, risk management, collateral management, and reporting services primarily for organized and non-organized financial and commodity markets. The website presents a professional and comprehensive overview of its services, targeting financial market participants and counterparties. The company holds a significant market position within Poland's financial infrastructure, supported by regulatory compliance and transparent communication. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Swiper.js, with integration of Google Analytics and Tag Manager for user tracking and performance monitoring. The site is mobile-optimized and offers good navigation and content relevance, although accessibility features could be improved. The SSL configuration is excellent, ensuring secure communications. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks some HTTP security headers and does not publish explicit incident response or vulnerability disclosure policies, which are recommended for enhanced security posture. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the website is trustworthy and professional, though the absence of WHOIS data limits domain trust verification. Strategic improvements in security headers and incident response transparency would further strengthen its security and compliance stance.

A

Association of National Numbering Agencies

anna-web.org

0

The Association of National Numbering Agencies (ANNA) operates as a global coordinating body for national numbering agencies responsible for securities identification. The website presents professional finance-related content targeting financial institutions and market participants. The technical infrastructure is based on WordPress with standard SEO and user management plugins, hosted by GoDaddy. The site is accessible without WAF or security challenges, but lacks explicit privacy, cookie, and security policies. Security posture is basic with HTTPS enabled but missing security headers and DNSSEC. Overall, the website is legitimate and professional but would benefit from enhanced privacy compliance and security transparency.

BNP Paribas is a major international banking and financial services institution headquartered in France. The website analyzed is a subdomain (mediahub.bnpparibas) currently under maintenance, providing corporate and brand information in multiple languages. The business model focuses on banking and financial services with a strong market position. The site uses common web technologies such as jQuery and Bootstrap but lacks advanced CMS or frameworks. Security posture is moderate with domain registration locks but missing DNSSEC and visible HTTPS configuration. No privacy or cookie policies are present, and no contact information is provided on the maintenance page. Social media presence is strong with official accounts linked. Overall, the site is professional but currently limited in content due to maintenance.

BNP Paribas is a major European and international banking group with a diversified business model spanning corporate, institutional, commercial, personal banking, and investment services. The website reflects a mature digital presence with comprehensive content targeting a broad audience including investors, clients, and job seekers. The technical infrastructure employs modern web technologies and analytics tools, ensuring good performance and user experience. Security posture is strong with HTTPS enforcement and domain registration protections, though DNSSEC is not enabled and explicit security policies are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness consistent with a leading financial institution.

Morgan Stanley's client login portal provides a secure and professional interface for wealth management clients to access their financial accounts and manage investments. The website leverages modern web technologies including Adobe Target for personalized marketing and Glia for customer engagement, hosted likely on Akamai infrastructure to ensure performance and availability. The site demonstrates a strong security posture with HTTPS enforcement and browser compatibility checks, although explicit security headers and privacy policies are not present on the login page, indicating room for improvement in transparency and compliance. Overall, the portal aligns with enterprise standards for financial services platforms, offering a trustworthy and functional user experience.

S

Société Générale

sg.fr

0

The website https://particuliers.sg.fr/ represents Société Générale's retail banking and insurance services, targeting individual customers primarily in France. It serves as a portal for account access and product discovery, reflecting the merger of Société Générale and Crédit du Nord banks. The site exhibits professional branding, consistent messaging, and promotes official mobile applications, indicating a mature digital presence. Technically, the site uses a custom Société Générale JavaScript framework with modern asynchronous features and standard web technologies. Security measures include HTTPS and frame busting scripts, though explicit security headers could be further confirmed. The absence of WHOIS data reduces domain trust slightly but does not detract from the site's legitimacy given the strong brand presence. Privacy and cookie policies were not detected in the analyzed content, suggesting an area for improvement in compliance transparency. Overall, the site is well-structured, secure, and trustworthy for its banking audience.

I

ING

ing.com

0

ING is a large, established global financial institution of Dutch origin, providing a broad range of banking and financial services with a strong emphasis on sustainability and corporate governance. The website serves multiple audiences including customers, investors, and the general public, offering comprehensive information on corporate strategy, compliance, and sustainability initiatives. The digital infrastructure employs modern web technologies and analytics tools, supporting a professional and accessible user experience. Security posture is strong with HTTPS enforced and CSRF protections, though explicit security headers and incident response contacts could be improved. Overall, the website reflects a mature and credible financial services brand with a high level of professionalism and trustworthiness.

D

Danske Bank

danskebank.co.uk

0

Danske Bank's UK personal banking website offers a comprehensive range of financial products including current accounts, mortgages, savings, and loans. The site targets personal banking customers in the UK and presents a professional, well-structured digital presence consistent with a large, established financial institution. The domain has been registered since 1998, reinforcing its legitimacy and market presence. Technically, the website employs modern web technologies such as JavaScript and SVG icons, with good mobile optimization and accessibility features. Security is enforced through HTTPS and secure login portals, although explicit security headers and privacy policies are not clearly visible in the provided content. Analytics usage is moderate, primarily via eGain services. Overall, the site demonstrates a solid business and technical foundation but would benefit from enhanced privacy compliance and security transparency.

D

Danske Bank

danskebank.se

0

Danske Bank Sweden operates a professional and comprehensive banking website targeting private customers with a broad range of financial products including mortgages, savings, loans, insurance, and pension services. The site reflects a mature digital presence with clear navigation, professional design, and integration of Swedish digital authentication standards such as BankID. The bank is part of the larger Danske Bank Group, with a domain registered since 2000, indicating a well-established market presence in Sweden. Technically, the website uses modern web technologies and integrates third-party analytics and advertising services, though some security enhancements like DNSSEC and explicit security headers could be improved. Privacy and cookie policies are not explicitly found in the provided content, which may impact compliance and user trust. Overall, the site is trustworthy and professionally maintained, serving a large customer base with a focus on digital banking convenience.

D

Danske Bank

danskebank.no

0

Danske Bank's Norwegian corporate banking website presents a comprehensive suite of financial services tailored for businesses of all sizes across Norway and the Nordic region. The bank positions itself as a leading Nordic corporate bank offering daily banking, financing, advisory, and international trade solutions. The website is professionally designed with clear navigation, responsive layouts, and rich content that supports business customers in various growth stages. The presence of sustainability certification (Miljøfyrtårn) and detailed customer service information enhances trust and credibility. Technically, the site employs modern web technologies including JavaScript, SVG icons, and a CSS framework (Foundation), ensuring good performance and accessibility. The site is mobile-optimized and includes SEO best practices. Security posture is strong with HTTPS enforced, security headers present, and secure login portals. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. No critical security vulnerabilities or blocking mechanisms were detected, indicating a mature security posture. However, explicit security policies and incident response details are not publicly available, suggesting room for improvement in transparency. Overall, the site reflects a stable, trustworthy, and professional banking institution with a solid digital presence.

D

Danske Bank A/S

danskebank.fi

0

Danske Bank A/S operates a comprehensive Finnish banking website targeting retail and private banking customers. The site offers a wide range of financial services including loans, savings, investments, and digital banking solutions. The bank holds a strong market position as a major Nordic financial institution with a long-established presence since 1997. The website demonstrates a mature digital infrastructure with modern technologies and good mobile optimization. Security posture is strong with HTTPS, DNSSEC, and secure login portals, although explicit security policies and incident response information are limited publicly. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

T

Tatra banka, a.s.

tatrabanka.sk

0

Tatra banka, a.s. is a leading Slovak financial institution specializing in personal banking services including accounts, loans, payment cards, savings, investments, and insurance. The website reflects a mature digital presence with a strong emphasis on innovation and customer-centric services. It targets Slovak personal banking customers with a comprehensive product portfolio and digital banking capabilities. The bank is part of the Raiffeisen Bank International group, indicating a strong market position and backing. The technical infrastructure is modern, leveraging popular JavaScript libraries, Bootstrap framework, and advanced marketing and analytics tools such as Google Tag Manager and Exponea. The site is mobile optimized and uses secure HTTPS connections with CSRF protections and reCAPTCHA on forms, demonstrating a good security posture. However, explicit security policies and incident response information are not publicly detailed. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie regulations. It integrates multiple contact channels and social media platforms, enhancing customer engagement. No critical vulnerabilities or suspicious patterns were detected, making it a low-risk digital asset for the bank.

C

Censitio s.r.o.

censitio.com

0

Censitio s.r.o. is a specialized tax advisory company based in the Czech Republic, led by Ing. Tomáš Hajdušek, a recognized tax advisor with extensive experience in tax administration and dispute resolution. The company focuses on providing comprehensive tax advisory services, including representation during tax audits, dispute resolution regarding VAT refunds, and legal actions against tax authorities. Their target audience primarily consists of entrepreneurs and businesses seeking expert assistance in tax matters. The website reflects a professional and consistent brand image, with detailed service descriptions and multiple contact channels, including social media presence on LinkedIn and Twitter. Technically, the website is built on WordPress using the Avada theme and Fusion Builder, incorporating modern web technologies such as jQuery, Google reCAPTCHA, and Yoast SEO for optimization. The site is hosted on reputable infrastructure with SSL properly configured, ensuring secure communications. Performance and mobile optimization are adequate, though accessibility features are basic. The cookie consent mechanism is implemented, supporting GDPR compliance to some extent, although no explicit privacy policy or terms of service pages were found. From a security perspective, the site uses HTTPS and includes Google reCAPTCHA to protect forms from abuse. However, no explicit security headers were detected, and there is no published security or incident response policy. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's history and no privacy protection, which supports transparency. No suspicious or malicious content was found, and the site is fully accessible without WAF or blocking mechanisms. Overall, the website demonstrates a solid business credibility and technical foundation with room for improvement in security best practices and privacy documentation. The risk profile is low, with no critical vulnerabilities detected, making it a trustworthy platform for its intended audience.

U

UniCredit

unicreditgroup.eu

0

UniCredit is a major pan-European commercial bank with a strong presence in Italy, Germany, Austria, and Central and Eastern Europe. The website serves as an institutional portal providing comprehensive information about the bank's strategy, governance, investor relations, press releases, and career opportunities. The bank offers a wide range of financial services including retail, corporate, private banking, wealth management, and insurance services. The website is professionally designed, mobile-optimized, and uses modern technologies such as Adobe Experience Manager, jQuery, and Dynatrace for analytics and performance monitoring. Security best practices are observed with HTTPS, security headers, and CSRF protections. Privacy and cookie policies are present and GDPR compliant. The domain WHOIS data is unavailable due to EURid privacy policies, which is common for .eu domains, but the website content and external references strongly support legitimacy. Overall, the site reflects a mature digital presence of a large financial institution with good security posture and compliance.

S

Standard Chartered

sc.com

0

Standard Chartered is a global banking institution focused on wealth, corporate, and investment banking services primarily across Asia, Africa, and the Middle East. The website presents a professional and comprehensive digital presence with clear branding and extensive content targeting corporate, institutional, and affluent clients. The business model emphasizes cross-border capabilities combined with wealth management expertise. Technically, the site is built on WordPress with modern JavaScript frameworks like React and uses Google Tag Manager and OneTrust for analytics and consent management. The site is mobile-optimized and accessible with good SEO practices. Security posture is strong with HTTPS enforced and no visible sensitive data exposure, though security headers are not detected and no explicit incident response contacts or vulnerability disclosure mechanisms are found. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site is trustworthy and professional, though WHOIS data is unavailable, which is unusual for a major bank domain and should be monitored. Strategic recommendations include improving HTTP security headers, publishing a security.txt file, and providing explicit incident response contacts.

S

Société Générale

societegenerale.com

0

Société Générale is a leading European financial services group with over 150 years of history, offering retail banking, corporate and investment banking, and financial solutions. The website reflects a mature, enterprise-level digital presence with comprehensive content in French and English, targeting both retail and corporate clients. The company maintains a strong market position in the finance sector, supported by consistent branding and trust indicators such as ISO 27001 certification and GDPR compliance. Technically, the website is built on Drupal CMS and integrates modern analytics and consent management tools including Piano Analytics, Hotjar, Google Tag Manager, and Didomi. The site is mobile-optimized, accessible, and employs security best practices such as HTTPS enforcement and security headers. Performance is moderate, with room for optimization. Security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well implemented with clear cookie consent mechanisms and a comprehensive privacy policy. However, the WHOIS data is unavailable, which slightly reduces transparency but is common for large enterprises. Overall, the website is professional, secure, and trustworthy, with minor recommendations to enhance vulnerability disclosure and incident response visibility.

S

Santander

santander.com

0

Santander is a major global retail bank headquartered in Spain, offering a wide range of financial services including retail banking, consumer finance, investment services, and financial education. The website reflects a mature, enterprise-level organization with a strong market position and a focus on sustainability and inclusive growth. Technically, the site is built on Adobe Experience Manager with modern JavaScript libraries and tag management, providing a responsive and accessible user experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit incident response contacts and vulnerability disclosures are not found. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting Santander's reputation as a leading financial institution.

N

Northern Trust

northerntrust.com

0

Northern Trust is a well-established financial services company specializing in wealth management, asset servicing, and investment management, targeting prominent individuals, families, and institutions primarily in Europe. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its audience. The technical infrastructure leverages modern web technologies including React, Adobe Experience Manager, and multiple analytics and marketing tools, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response information are not publicly visible. Overall, the website presents a trustworthy and professional image consistent with an enterprise-level financial institution.

Nomura is a major financial services holding company headquartered in Japan, offering investment banking, asset management, and related financial services. The website www.nomura.com acts primarily as a frameset redirecting to the main corporate site at nomuraholdings.com. The digital infrastructure includes common analytics and tracking tools such as Google Analytics, Google Tag Manager, and Microsoft Clarity, indicating a moderate level of digital maturity. However, the site lacks visible privacy and cookie policies, security headers, and WHOIS domain registration data, which raises concerns about transparency and security posture. The absence of WHOIS data and direct content on the domain www.nomura.com suggests it may be an alias or redirect domain rather than a primary site. Overall, the website is safe and professional but requires improvements in security and compliance documentation.

N

NatWest

natwest.com

0

NatWest is a major UK-based financial institution offering a broad range of personal banking products including bank accounts, mortgages, loans, savings, credit cards, investments, and insurance. The website demonstrates a strong market position supported by partnerships such as with Team GB and ParalympicsGB, reflecting its commitment to community and brand trust. The digital platform is built on Adobe Experience Manager, integrating modern web technologies and providing a responsive, accessible, and well-structured user experience. Privacy and cookie compliance are robustly managed via OneTrust, and security best practices such as HTTPS and security headers are implemented effectively. However, the absence of WHOIS data and explicit security policy or incident response information represents an area for improvement. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

M

Morgan Stanley

morganstanley.com

0

Morgan Stanley is a globally recognized financial services firm providing wealth management, investment banking, sales & trading, research, and investment management services. The website reflects a mature digital presence with comprehensive content targeting individuals, families, institutions, and governments. The firm leverages advanced web technologies including Adobe Experience Manager, multiple analytics platforms, and robust consent management mechanisms. Security posture is strong with HTTPS enforcement and Content Security Policy implementation, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS data is notable but does not detract from the overall legitimacy given the professional branding and extensive social media presence. Strategic recommendations include publishing security policies and vulnerability disclosure information to enhance transparency and trust.

L

Lloyds Banking Group plc

lloydsbankinggroup.com

0

Lloyds Banking Group plc operates as the largest UK retail and commercial financial services provider, serving approximately 26 million customers. The company offers a broad range of financial services including retail banking, commercial banking, investment services, and insurance through well-known subsidiaries such as Lloyds Bank, Bank of Scotland, Halifax, and Scottish Widows. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency targeting UK retail and commercial customers. Technically, the site is built on Adobe Experience Manager and integrates modern analytics and tag management tools such as Google Tag Manager and Tealium, alongside accessibility features like the ReciteMe toolbar. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. WHOIS data is unavailable from the provided raw output, which is unusual for a corporate domain but the website content and branding strongly indicate legitimacy. Overall, the site demonstrates a high level of professionalism, accessibility, and compliance with privacy regulations.

ING Wholesale Banking operates as a global financial services provider specializing in wholesale banking solutions across more than 35 markets. The company offers a broad range of services including payments and collections, cash and liquidity management, trade finance, hedging solutions, and strategic advisory with a strong emphasis on sustainability. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to corporate clients and financial institutions. Technically, the website leverages modern web technologies such as the Astro framework, optimized image formats (WebP, AVIF), and advanced font loading strategies. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Analytics are implemented via Webtrekk, indicating moderate user tracking with privacy compliance mechanisms including cookie consent banners. From a security perspective, the site enforces HTTPS and employs secure login components. However, explicit security headers are not evident in the HTML source, and there is no public incident response or vulnerability disclosure information. The WHOIS data is missing or the domain is unregistered, which raises concerns about domain legitimacy despite the professional website content. Overall, the website scores well on content quality and technical implementation but is moderately impacted by the lack of WHOIS data and some security best practices. Strategic recommendations include enhancing security headers, publishing incident response policies, and clarifying domain registration details to improve trust and compliance.

C

Citigroup Inc.

citigroup.com

0

Citigroup Inc. is a leading global financial institution providing a wide range of banking, investment, and wealth management services to institutional and individual clients worldwide. The website reflects its enterprise-scale operations with comprehensive investor relations, press releases, and detailed business segment information. The technical infrastructure leverages modern web technologies including React and Adobe DTM, with strong privacy and cookie consent implementations via OneTrust. Security posture is robust, featuring HTTPS, security headers, and no visible vulnerabilities, aligned with industry best practices. Overall, the site demonstrates a mature digital presence consistent with a top-tier global bank, supporting trust and transparency for its users.

B

BNY

bny.com

0

BNY is a globally recognized financial services company managing over $53 trillion in assets, offering services such as asset management, wealth management, and capital markets execution. The website reflects a mature digital presence with professional design, clear navigation, and strong branding consistent with a large enterprise in the finance sector. Technically, the site leverages modern frameworks like Bootstrap and Adobe Experience Manager, integrates advanced analytics and tracking tools, and implements accessibility and cookie consent mechanisms, indicating a high level of digital maturity. Security posture is strong with HTTPS, Content Security Policy, and no visible vulnerabilities, though explicit privacy and security policies are not prominently linked, which could be improved. Overall, the site is trustworthy and professional, though the absence of WHOIS data and explicit contact details slightly reduce transparency.

BNP Paribas CIB is a globally recognized financial services firm specializing in corporate and institutional banking, offering a broad range of services including capital markets, securities services, advisory, finance, and treasury. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to corporate clients. Technically, the site is built on WordPress with modern SEO and cookie consent tools, ensuring good performance and compliance with privacy regulations. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and published policies. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate corporate entity.

B

BBVA

bbva.com

0

BBVA is a leading multinational financial services group headquartered in Spain, with a strong emphasis on digital banking and sustainability. The website serves as a comprehensive platform for news, investor relations, corporate information, and customer engagement, reflecting BBVA's position as a digital bank of the 21st century. The company offers a wide range of banking and financial services, targeting retail and corporate customers globally, with subsidiaries such as Garanti BBVA and BBVA Spark supporting its innovation and regional presence. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates Adobe Data Layer and OneTrust for analytics and privacy compliance. The site demonstrates good performance, mobile optimization, and accessibility, with clear navigation and professional design. Security measures include HTTPS enforcement, security headers, and a vulnerability disclosure program, indicating a mature security posture. The security evaluation reveals strong adherence to best practices, including GDPR compliance and incident response readiness, though the absence of WHOIS data for the domain is unusual and warrants monitoring. Overall, the website is trustworthy, professional, and aligned with BBVA's corporate identity and regulatory requirements.

B

Barclays

home.barclays

0

Barclays is a leading British universal bank offering a broad range of financial services including consumer banking, corporate and investment banking, and wealth management. The website reflects a mature, enterprise-level digital presence with comprehensive content targeting investors, clients, and the general public. The technical infrastructure is built on Adobe Experience Manager with strong use of modern web technologies and CDN services, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and domain transfer protections, though explicit security headers and incident response contacts could be improved. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility.

E

European Banks for Ukraine

eubanksforukraine.com

0

The website 'European Banks for Ukraine' serves as a humanitarian initiative aimed at facilitating access to banking services for Ukrainian refugees arriving in the European Union. It positions itself as a collaborative effort among European banks to support financial integration for displaced persons. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. While the site presents a professional design and relevant content, it lacks critical compliance elements such as privacy and cookie policies, and no direct contact information is provided. Security-wise, the site uses HTTPS and includes some script-based security hardening, but lacks explicit security headers and incident response contacts. The domain WHOIS data is missing or unavailable, which raises concerns about registration legitimacy and transparency. Overall, the site appears functional and relevant but would benefit from enhanced compliance and transparency measures.

The website crhov.rs represents the Central Registry, Depository, and Clearinghouse for Securities in Serbia, a key financial market infrastructure institution established in 2003. It operates under the registrar TELEKOM SRBIJA A.D., providing essential services such as registration of financial instruments, depository functions, clearing and settlement, and statistical reporting. The site targets financial market participants including investors, issuers, and legal holders, positioning itself as a trusted and reliable partner within Serbia's capital market ecosystem. Technically, the website employs legacy JavaScript libraries like jQuery 1.4.4 and jQuery UI 1.8.10, along with Google Charts for data visualization. The platform appears custom-built without a mainstream CMS, hosted likely by the national telecom provider. Performance and mobile optimization are moderate, with basic SEO and accessibility features. The site structure is clear and content quality is good, supporting a professional user experience. From a security perspective, the site lacks modern security headers and does not enable DNSSEC, which are areas for improvement. No explicit security policy or incident response information is published, and no cookie consent mechanism is present, indicating partial privacy compliance. The WHOIS data is transparent and consistent with the business, enhancing trustworthiness. No WAF or blocking mechanisms were detected, and the site content is safe for general audiences. Overall, the website demonstrates solid business credibility and functional technical implementation but would benefit from enhanced security practices and privacy compliance measures. Strategic recommendations include enabling DNSSEC, updating JavaScript libraries, implementing security headers, publishing security and incident response policies, and adding cookie consent mechanisms to improve user trust and regulatory compliance.

А

АО "Центральный депозитарий ценных бумаг"

kacd.kz

0

АО "Центральный депозитарий ценных бумаг" operates as the national central securities depository in Kazakhstan, providing accounting and custody services for government, municipal, and non-government securities. The website is primarily in Russian and targets financial market participants within Kazakhstan. The business is relatively new, founded in 2022, and the domain registration aligns with this timeline. The company appears to be an essential entity within the finance sector, focusing on securities depository services.

A

Astana International Exchange

aix.kz

0

Astana International Exchange (AIX) is a regional stock exchange established in 2016 and operating under the Astana International Financial Centre (AIFC) framework. It serves as a key financial market gateway for Kazakhstan and Central Asia, offering trading, clearing, settlement, and market data services. The exchange benefits from strong international partnerships with shareholders such as Goldman Sachs, Shanghai Stock Exchange, NASDAQ, and the Silk Road Fund, positioning it as a credible and trusted market player in the region. The website reflects a professional and well-maintained digital presence with comprehensive business information and regulatory compliance documentation. Technically, the site is built on WordPress with modern SEO and analytics tools, providing good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates a mature digital infrastructure aligned with its business goals and regulatory environment.

Н

Національний депозитарій України (НДУ)

csd.ua

0

Національний депозитарій України (НДУ) є ключовим центральним депозитарієм цінних паперів в Україні, що надає широкий спектр фінансових послуг, включаючи облік депозитарних активів, ведення реєстрів, організацію зборів акціонерів та підтримку клієнтів через спеціалізовані портали. Сайт орієнтований на емітентів, депозитарні установи, клієнтів та учасників ринку цінних паперів, демонструючи професійний підхід та стабільну позицію на ринку.

CENTRÁLNY DEPOZITÁR CENNÝCH PAPIEROV SR, a.s. (CDCP SR) operates as Slovakia's central securities depository, providing critical services for securities registration, custody, and corporate event processing. The company serves a diverse audience including financial institutions, issuers, investors, and government bodies, positioning itself as a key infrastructure entity in the Slovak financial market. The website reflects a professional and well-structured digital presence, supporting multiple languages and offering portals for LEI services and participant access. Technically, the website is built on a modern WordPress platform utilizing Elementor for page building and Yoast SEO for search optimization. It employs standard security measures such as HTTPS, Google reCAPTCHA for form protection, and cookie consent mechanisms, indicating a mature digital infrastructure. Performance and mobile responsiveness are adequate, though some accessibility features could be enhanced. From a security perspective, the site demonstrates good baseline practices but lacks explicit published security policies or incident response information. No critical vulnerabilities or suspicious activities were detected in the content or scripts. The WHOIS data aligns well with the business profile, reinforcing legitimacy and trustworthiness. Overall, the website presents a secure, compliant, and professional front for CDCP SR, with room for improvement in transparency around security policies and vulnerability disclosures. Strategic enhancements in these areas would further strengthen stakeholder confidence and regulatory compliance.

K

KDD – Centralna klirinško depotna družba d.d.

kdd.si

0

KDD – Centralna klirinško depotna družba d.d. is the central securities depository in Slovenia, established in 1995. It provides critical financial market infrastructure services including securities registration, clearing and settlement, and issuance of international identification numbers such as LEI. The company holds memberships in key industry associations like ANNA and ECSDA, reinforcing its market position and trustworthiness. The website targets financial institutions, issuers, and investors primarily within Slovenia, offering a range of electronic services and corporate action management tools. Technically, the website employs modern web technologies including jQuery, Slick Carousel, and the Foundation framework, ensuring a responsive and user-friendly experience. Hosting is managed by a Slovenian registrar consistent with the business location. The site is well-structured with good SEO and accessibility basics, though some improvements could be made in accessibility and performance optimization. From a security perspective, the site uses HTTPS with a strong SSL configuration and avoids exposing sensitive data. However, it lacks explicit security headers and does not publicly provide incident response or vulnerability disclosure information. Privacy compliance is generally good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the website is professional, trustworthy, and well-aligned with the business's role in the Slovenian financial market. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance standing.

K

Krajowy Depozyt Papierów Wartościowych S.A.

kdpw.pl

0

Krajowy Depozyt Papierów Wartościowych S.A. (KDPW) operates as Poland's central securities depository, providing essential services such as securities registration, transaction reporting, and code assignment (LEI, ISIN, CFI, FISN). The company targets financial market participants including issuers, direct participants, pension funds, and other financial institutions. KDPW holds a key market position as a national financial infrastructure entity, offering a broad portfolio of services including innovative blockchain-based IT solutions and compensation systems. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, and Swiper.js, alongside Google Analytics and Tag Manager for analytics. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the security posture is robust, with no critical vulnerabilities detected. The absence of WHOIS data is typical for .pl domains and does not detract from the site's legitimacy, which is supported by consistent branding, clear business information, and a professional online presence. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving accessibility features to further strengthen compliance and trust.

Ц

Централен депозитар за хартии од вредност АД Скопје

cdhv.mk

0

The website for Централен депозитар за хартии од вредност АД Скопје serves as the official online presence of the central securities depository in North Macedonia. It provides comprehensive information and services related to securities registration, clearing, custody, and reporting for market participants. The site targets investors, issuers, and financial institutions within the country, positioning itself as a critical infrastructure entity in the national capital market. The business is well-established with a domain age of over a decade, reflecting stability and legitimacy. Technically, the website is built on ASP.NET Web Forms with a reliance on older JavaScript libraries such as jQuery 1.11.1 and uses common plugins like Flexslider and Modernizr. Hosting is managed via Neotel, a local provider, with HTTPS enabled ensuring secure communications. The site implements a cookie consent mechanism and uses Google Analytics for visitor tracking, indicating a moderate level of digital maturity. However, some modernization opportunities exist, particularly updating JavaScript libraries and enhancing security headers. From a security perspective, the site enforces HTTPS and has basic privacy and cookie policies in place. There is no evidence of advanced security policies, incident response contacts, or vulnerability disclosure mechanisms. The use of outdated libraries and absence of security headers present moderate risks. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration data aligns well with the business claims, supporting trustworthiness. Overall, the website is professional, content-rich, and trustworthy for its intended audience. Strategic improvements in security practices and technical modernization would enhance its posture and compliance. The site is safe for general audiences with no adult or questionable content detected.

D

Depozitarul Central Unic

dcu.md

0

Depozitarul Central Unic is a central securities depository operating in Moldova, providing essential financial market infrastructure services such as securities registration, shareholder list management, and account statements for investors. The website positions the entity as a key player in Moldova's financial market, targeting investors, issuers, and market participants. The business model revolves around facilitating transparent and efficient securities transactions and regulatory compliance within the Moldovan financial ecosystem. Technically, the website employs standard modern web technologies including HTML5, CSS3, JavaScript, and Google Fonts. It is mobile optimized with a responsive design and good SEO practices. However, it lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The site is served over HTTPS, ensuring encrypted communications. From a security perspective, the site demonstrates a moderate security posture with HTTPS enabled and no visible exposed sensitive data or vulnerable scripts. However, the absence of security headers, privacy policies, and incident response contacts indicates room for improvement in security maturity and compliance. No WAF or blocking mechanisms were detected, and the site is fully accessible. Overall, the website is professional and trustworthy, with a clear focus on financial market services in Moldova. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, publishing vulnerability disclosure information, and enhancing accessibility features to improve compliance and security posture.

L

LuxCSD S.A.

luxcsd.com

0

LuxCSD S.A. operates as a licensed central securities depository under the Central Securities Depositories Regulation (CSDR), providing issuer and investor services primarily in fixed income and equity securities. The company offers custody, settlement, and asset servicing solutions, targeting custodian banks, issuers, and distributors. Affiliated with the Deutsche Börse Group, LuxCSD holds a reputable market position with STEP eligibility and multi-jurisdictional issuer services. The website reflects a professional and well-structured digital presence with good content quality and navigation. Technically, the website employs modern JavaScript libraries and analytics tools such as Matomo, alongside a cookie consent management system ensuring GDPR compliance. The infrastructure appears stable and moderately optimized for performance and mobile use, though explicit security headers and detailed hosting information are not evident from the data provided. From a security perspective, the site uses HTTPS and session cookies for secure user sessions, with a cookie consent banner indicating privacy awareness. However, the absence of visible security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. The WHOIS data is notably missing or inaccessible, which raises concerns about domain registration legitimacy despite the professional business content. Overall, LuxCSD presents a credible and professional financial services platform with solid compliance and user experience. Strategic recommendations include enhancing security header implementation, publishing explicit security and incident response policies, and verifying domain registration details to strengthen trust and reduce risk.

K

KELER Zrt.

keler.hu

0

KELER Zrt. is a leading central securities depository and clearing house in Central and Eastern Europe with over 30 years of experience. The company provides comprehensive financial market infrastructure services, including securities custody, clearing, and facilitating Target2-Securities benefits. The website reflects a professional and modern digital presence built on React and Next.js frameworks, integrated with Sense/Net CMS and Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with a cookie consent mechanism and a clear privacy policy. Overall, the website demonstrates high business credibility and technical maturity, supporting KELER's market position as a trusted financial institution.

E

Euronext

euronext.com

0

Euronext operates as a leading pan-European stock exchange and market infrastructure provider, offering a comprehensive suite of services including listing, trading, clearing, settlement, and market data solutions. The website reflects a mature and professional digital presence, built on Drupal 10 with modern UI components and optimized for mobile devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published incident response contacts are absent. The absence of WHOIS data is notable but does not detract from the website's legitimacy given the professional content and market position. Overall, the site supports Euronext's role as a critical financial market infrastructure entity.

C

Clearstream

clearstream.com

0

Clearstream is a leading provider of post-trade infrastructure and securities and fund services, operating as part of the Deutsche Börse Group. The company serves international and domestic capital markets with a comprehensive suite of financial services including securities custody, fund services, collateral management, and digital solutions. The website reflects a mature and professional digital presence with modern technologies such as React and Next.js, and integrates analytics and cookie consent mechanisms to comply with privacy regulations. Security posture is strong with HTTPS enforcement, secure forms, and standard security headers, though explicit security policies and incident response information are not publicly detailed. Overall, Clearstream's website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for its enterprise-level financial services business.

Ц

Централен депозитар

csd-bg.bg

0

The Central Securities Depository (Централен депозитар) operates as a key financial infrastructure entity in Bulgaria, providing essential services to issuers, members, investors, and managing special pledges and financial collateral. The website reflects a professional and consistent brand presence with clear navigation and multilingual support (Bulgarian and English). The business model centers on providing secure and reliable central securities depository services, positioning itself as a trusted national financial institution. The company maintains active communication channels including email, phone, and social media platforms, enhancing stakeholder engagement. Technically, the website is built using JavaServer Faces (JSF) with PrimeFaces framework and jQuery libraries, indicating a mature enterprise-grade technology stack. The site is mobile responsive and implements cookie consent mechanisms, though it lacks advanced SEO and accessibility features. Performance is moderate with no critical technical issues detected. Security posture is solid with HTTPS enforced and basic security headers present, but could be improved by adding more comprehensive security headers and publishing a vulnerability disclosure policy. No WAF or blocking mechanisms were detected, allowing full content access. The WHOIS data is privacy protected under GDPR, which is typical for EU domains, and the domain status is active and consistent with the business operations. No suspicious patterns or vulnerabilities were found. Overall, the website demonstrates a good balance of business credibility, technical implementation, and security compliance, suitable for its role in the financial sector. Strategic recommendations include enhancing security headers, publishing a formal privacy policy and incident response contacts, improving SEO and accessibility compliance, and considering a vulnerability disclosure program to further strengthen trust and security culture.

Euroclear is a globally recognized financial market infrastructure provider specializing in securities settlement, custody, collateral management, and related services. The company holds a leading market position with a comprehensive portfolio of services targeting financial institutions and market participants. Their website reflects a mature digital presence with detailed service descriptions and strong branding consistency. Technically, the site leverages modern JavaScript libraries, Adobe Experience Manager CMS, and integrates analytics and user feedback tools, indicating a well-maintained infrastructure. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates high professionalism and trustworthiness, supporting Euroclear's enterprise stature.

R

Registar vrijednosnih papira u Federaciji Bosne i Hercegovine d.d. Sarajevo

rvp.ba

0

The Registar vrijednosnih papira u Federaciji Bosne i Hercegovine d.d. Sarajevo operates as the official securities registry for the Federation of Bosnia and Herzegovina. The website provides comprehensive information and services related to securities registration, dividend payments, corporate actions, and shareholder data management. It serves a specialized audience including shareholders, issuers, financial institutions, and government entities, positioning itself as an authoritative source in the Bosnian financial sector. Technically, the website employs a standard ASP.NET MVC framework with common libraries such as jQuery, Bootstrap, and Modernizr. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. The design is professional and consistent, with clear navigation and relevant content. From a security perspective, the site uses HTTPS but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and functional, with room for improvement in security best practices, privacy compliance, and accessibility. Strategic enhancements in these areas would strengthen the site's security posture and user trust.

O

OeKB CSD GmbH

oekb-csd.at

0

OeKB CSD GmbH operates as a central securities depository providing critical infrastructure services for the Austrian capital market. The company offers a range of services including digital securities issuance, custody, settlement via the European TARGET2-Securities platform, asset servicing, and payment processing for matured securities. Positioned as a key player within the Austrian financial ecosystem and part of the OeKB Group, it targets capital market participants such as issuers and account holders. The website content is professional, well-structured, and primarily in German with English support, reflecting a medium-sized enterprise with a solid market presence. Technically, the website employs modern web technologies including JavaScript and jQuery, with responsive design elements suitable for mobile devices. While no explicit CMS or hosting provider is identified, the site demonstrates moderate performance and good SEO practices. However, some accessibility features could be improved. Security-wise, HTTPS is enforced, and no obvious vulnerabilities or exposed sensitive data are present. The absence of security headers and explicit security policies suggests room for enhancement in security posture. The WHOIS data is unavailable due to NIC.AT registry restrictions, limiting domain registration transparency. Despite this, the website and business information appear consistent and trustworthy. No blocking or WAF mechanisms were detected, allowing full content access. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are lacking. Overall, the site reflects a professional financial services provider with a solid digital presence but could benefit from improved security headers, cookie consent implementation, and enhanced transparency regarding incident response and vulnerability disclosure.

E

Een initiatief van samenwerkende banken

voorkomfraude.nl

0

Voorkomfraude.nl is a Dutch fraud awareness and prevention platform initiated by collaborating banks, aimed at educating the general public about recognizing and preventing various types of fraud. The website offers comprehensive information, including fraud types, educational videos, podcasts, and tools to report fraud. It holds a trusted position in the financial sector within the Netherlands, supported by its consistent branding and professional content. Technically, the website is built on WordPress with modern plugins such as Yoast SEO Premium and EWWW Image Optimizer, ensuring good SEO, accessibility, and performance. The site uses HTTPS with DNSSEC enabled, indicating a strong security foundation. Cookie consent mechanisms and privacy policies demonstrate GDPR compliance, although explicit security and incident response policies are not published. Security posture is solid with no detected vulnerabilities or exposed sensitive data. The site uses Clearsite Security plugin and Google Tag Manager for analytics and tracking, maintaining a balance between user experience and privacy compliance. No WAF or blocking mechanisms interfere with content accessibility. Overall, the site scores well on content quality, technical implementation, security, privacy compliance, and business credibility, making it a reliable resource for fraud prevention education. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure mechanisms to further enhance trust and compliance.

W

WSBI World Congress of Savings and Retail Banks

wsbi-congress.org

0

The WSBI World Congress of Savings and Retail Banks is a professional event organization focused on the global savings and retail banking sector. It hosts international congresses and centenary celebrations, providing a platform for banking professionals to network and share industry knowledge. The organization is positioned as a recognized entity within the finance industry, targeting banks and financial institutions worldwide. The website is hosted on a reliable infrastructure with Amazon Registrar and uses WordPress with modern plugins such as Elementor and WooCommerce, indicating a mature digital presence. Security posture is good with HTTPS enforced and domain security measures in place, though DNSSEC is not enabled. Privacy compliance is strong with clear cookie and privacy policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-maintained, supporting multilingual audiences and providing clear contact information.

I

International Swaps and Derivatives Association, Inc. (ISDA)

swapsinfo.org

0

ISDA SwapsInfo is a specialized financial data platform affiliated with the International Swaps and Derivatives Association, Inc. (ISDA). It provides transparency and detailed analytics on over-the-counter derivatives markets, focusing on interest rate and credit derivatives. The platform offers interactive charts, downloadable data, and weekly market analysis reports, targeting financial professionals, regulators, and market participants. The website content is professionally presented, consistent with ISDA's branding, and leverages authoritative data sources such as DTCC and BIS.