Security Directory

FONDNNO is an online Slovak-language magazine offering diverse content focused on home improvement, energy solutions, finance, gastronomy, and technology. The website is built on WordPress and uses common web technologies such as jQuery, Bootstrap, and Font Awesome. The site is well-structured with multiple articles and categories, targeting a general audience interested in lifestyle and practical advice. However, the absence of WHOIS data raises concerns about domain registration legitimacy. No privacy or cookie policies are present, and no direct contact information or social media links are found, which impacts trust and compliance. Security posture is moderate with HTTPS enabled but lacking security headers. Overall, the site provides good content quality and user experience but requires improvements in transparency, privacy compliance, and security best practices.

O

Obecně prospěšná společnost Sirius, o.p.s.

sancedetem.cz

0

Šance Dětem is a well-established non-profit organization operating a comprehensive expert web portal focused on child health, family issues, and social support in the Czech Republic. The website serves parents, professionals, and caregivers by providing educational content, contact directories, podcasts, and webinars. It is positioned as the largest expert resource of its kind in the region, supported by the parent organization Obecně prospěšná společnost Sirius, o.p.s., with a domain age of over a decade reflecting its maturity and trustworthiness. Technically, the site is built on Drupal 8 with Bootstrap styling, leveraging modern web technologies and third-party services such as Google Tag Manager, Facebook Pixel, and CookieHub for analytics and compliance. The site is mobile-optimized and accessible, with good SEO practices and a moderate performance profile. Security posture is solid with HTTPS enforced and Cloudflare DNS/CDN usage, though some security headers and incident response transparency could be improved. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and safe for general audiences, with no adult or questionable content detected.

G

G-up Delta s.r.o.

goopan.cz

0

Goopan, operated by G-up Delta s.r.o., is a well-established company specializing in the design and construction of low-energy and passive family homes primarily in the Czech Republic and Slovakia. The website presents a professional and comprehensive digital presence with detailed product catalogs, customer references, and multiple contact channels. The company emphasizes sustainable building technologies and offers both catalog and custom home solutions. Technically, the website employs modern web technologies including HTTPS, Google Tag Manager, Facebook Pixel, Smartlook, and reCAPTCHA v3, ensuring a secure and user-friendly experience. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanisms. However, the absence of WHOIS data and explicit security headers slightly reduces trustworthiness. Overall, the site is secure, professional, and trustworthy with room for improvement in security transparency and domain registration clarity.

W

World4You Internet Services GmbH

world4you.at

0

World4You Internet Services GmbH is a well-established Austrian web hosting and domain registration provider founded in 1998. The company offers a broad range of services including domain registration, web hosting, WordPress hosting, email solutions, server hosting, and website building tools. Positioned as a pioneer in the Austrian market, World4You emphasizes customer service, green energy usage, and local presence with offices in Linz and Vienna. The website reflects a professional and trustworthy business with strong customer reviews and transparent contact information. Technically, the website employs modern frameworks such as Bootstrap and integrates third-party services like Sentry for error tracking and HubSpot for marketing. It is well-optimized for mobile devices and accessibility, with fast performance and good SEO practices. The site uses HTTPS with strong SSL configuration and implements a comprehensive cookie consent mechanism, demonstrating good privacy compliance. Security posture is solid with HTTPS enforcement and no visible vulnerabilities, though explicit security headers could be improved. The absence of WHOIS registrant data is a concern, potentially indicating privacy protection or query limitations, which slightly reduces domain trustworthiness. Overall, the site presents a low-risk profile with professional operations and good security hygiene. Strategic recommendations include enhancing security headers, providing explicit incident response contacts, and clarifying WHOIS data to improve domain trust. These steps would further strengthen the company's security posture and compliance standing.

W

WONDER WEB spol. s r.o.

wonderweb.cz

0

WONDER WEB spol. s r.o. is a Czech-based advertising and digital agency providing a comprehensive suite of marketing and digital services including custom web development, e-commerce solutions, graphic design, advertising campaigns, server hosting, and legal services such as trademark registration. The company positions itself as a full-service partner for businesses seeking to enhance their digital presence and marketing effectiveness. The website is professionally designed with clear navigation and multimedia client references, targeting business clients primarily in the Czech Republic. Technically, the site uses a custom CMS and modern JavaScript libraries, integrating Google Analytics and Facebook SDK for marketing and tracking purposes. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks explicit security headers and privacy policy documentation. WHOIS data is unavailable, which limits domain trust assessment. Overall, the website is functional and business-focused but could improve transparency and security practices.

W

WONDER WEB spol. s r.o.

cookie-lista.cz

0

WONDER WEB spol. s r.o. operates cookie-lista.cz, a Czech online platform offering a customizable cookie consent banner tool compliant with EU GDPR regulations. The website targets webmasters and businesses needing to implement cookie consent mechanisms, providing a free service with optional paid removal of advertising links. The company is small-sized, founded in 2019, and maintains consistent branding and legal transparency. Technically, the site uses modern web technologies including Bootstrap and jQuery, hosted on Wonderhost.cz, with moderate performance and good mobile optimization. Security posture is adequate with cookie consent mechanisms and no exposed sensitive data, though lacks explicit security headers and documented incident response. Privacy compliance is strong with comprehensive policies and user consent options. Overall, the site is professional, trustworthy, and focused on privacy compliance tools.

U

UniCredit

unicreditgroup.eu

0

UniCredit is a major pan-European commercial bank with a strong presence in Italy, Germany, Austria, and Central and Eastern Europe. The website serves as an institutional portal providing comprehensive information about the bank's strategy, governance, investor relations, press releases, and career opportunities. The bank offers a wide range of financial services including retail, corporate, private banking, wealth management, and insurance services. The website is professionally designed, mobile-optimized, and uses modern technologies such as Adobe Experience Manager, jQuery, and Dynatrace for analytics and performance monitoring. Security best practices are observed with HTTPS, security headers, and CSRF protections. Privacy and cookie policies are present and GDPR compliant. The domain WHOIS data is unavailable due to EURid privacy policies, which is common for .eu domains, but the website content and external references strongly support legitimacy. Overall, the site reflects a mature digital presence of a large financial institution with good security posture and compliance.

S

Standard Chartered

sc.com

0

Standard Chartered is a global banking institution focused on wealth, corporate, and investment banking services primarily across Asia, Africa, and the Middle East. The website presents a professional and comprehensive digital presence with clear branding and extensive content targeting corporate, institutional, and affluent clients. The business model emphasizes cross-border capabilities combined with wealth management expertise. Technically, the site is built on WordPress with modern JavaScript frameworks like React and uses Google Tag Manager and OneTrust for analytics and consent management. The site is mobile-optimized and accessible with good SEO practices. Security posture is strong with HTTPS enforced and no visible sensitive data exposure, though security headers are not detected and no explicit incident response contacts or vulnerability disclosure mechanisms are found. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site is trustworthy and professional, though WHOIS data is unavailable, which is unusual for a major bank domain and should be monitored. Strategic recommendations include improving HTTP security headers, publishing a security.txt file, and providing explicit incident response contacts.

S

Société Générale

societegenerale.com

0

Société Générale is a leading European financial services group with over 150 years of history, offering retail banking, corporate and investment banking, and financial solutions. The website reflects a mature, enterprise-level digital presence with comprehensive content in French and English, targeting both retail and corporate clients. The company maintains a strong market position in the finance sector, supported by consistent branding and trust indicators such as ISO 27001 certification and GDPR compliance. Technically, the website is built on Drupal CMS and integrates modern analytics and consent management tools including Piano Analytics, Hotjar, Google Tag Manager, and Didomi. The site is mobile-optimized, accessible, and employs security best practices such as HTTPS enforcement and security headers. Performance is moderate, with room for optimization. Security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well implemented with clear cookie consent mechanisms and a comprehensive privacy policy. However, the WHOIS data is unavailable, which slightly reduces transparency but is common for large enterprises. Overall, the website is professional, secure, and trustworthy, with minor recommendations to enhance vulnerability disclosure and incident response visibility.

S

Santander

santander.com

0

Santander is a major global retail bank headquartered in Spain, offering a wide range of financial services including retail banking, consumer finance, investment services, and financial education. The website reflects a mature, enterprise-level organization with a strong market position and a focus on sustainability and inclusive growth. Technically, the site is built on Adobe Experience Manager with modern JavaScript libraries and tag management, providing a responsive and accessible user experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit incident response contacts and vulnerability disclosures are not found. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting Santander's reputation as a leading financial institution.

N

Northern Trust

northerntrust.com

0

Northern Trust is a well-established financial services company specializing in wealth management, asset servicing, and investment management, targeting prominent individuals, families, and institutions primarily in Europe. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its audience. The technical infrastructure leverages modern web technologies including React, Adobe Experience Manager, and multiple analytics and marketing tools, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response information are not publicly visible. Overall, the website presents a trustworthy and professional image consistent with an enterprise-level financial institution.

Nomura is a major financial services holding company headquartered in Japan, offering investment banking, asset management, and related financial services. The website www.nomura.com acts primarily as a frameset redirecting to the main corporate site at nomuraholdings.com. The digital infrastructure includes common analytics and tracking tools such as Google Analytics, Google Tag Manager, and Microsoft Clarity, indicating a moderate level of digital maturity. However, the site lacks visible privacy and cookie policies, security headers, and WHOIS domain registration data, which raises concerns about transparency and security posture. The absence of WHOIS data and direct content on the domain www.nomura.com suggests it may be an alias or redirect domain rather than a primary site. Overall, the website is safe and professional but requires improvements in security and compliance documentation.

N

NatWest

natwest.com

0

NatWest is a major UK-based financial institution offering a broad range of personal banking products including bank accounts, mortgages, loans, savings, credit cards, investments, and insurance. The website demonstrates a strong market position supported by partnerships such as with Team GB and ParalympicsGB, reflecting its commitment to community and brand trust. The digital platform is built on Adobe Experience Manager, integrating modern web technologies and providing a responsive, accessible, and well-structured user experience. Privacy and cookie compliance are robustly managed via OneTrust, and security best practices such as HTTPS and security headers are implemented effectively. However, the absence of WHOIS data and explicit security policy or incident response information represents an area for improvement. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

M

Morgan Stanley

morganstanley.com

0

Morgan Stanley is a globally recognized financial services firm providing wealth management, investment banking, sales & trading, research, and investment management services. The website reflects a mature digital presence with comprehensive content targeting individuals, families, institutions, and governments. The firm leverages advanced web technologies including Adobe Experience Manager, multiple analytics platforms, and robust consent management mechanisms. Security posture is strong with HTTPS enforcement and Content Security Policy implementation, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS data is notable but does not detract from the overall legitimacy given the professional branding and extensive social media presence. Strategic recommendations include publishing security policies and vulnerability disclosure information to enhance transparency and trust.

L

Lloyds Banking Group plc

lloydsbankinggroup.com

0

Lloyds Banking Group plc operates as the largest UK retail and commercial financial services provider, serving approximately 26 million customers. The company offers a broad range of financial services including retail banking, commercial banking, investment services, and insurance through well-known subsidiaries such as Lloyds Bank, Bank of Scotland, Halifax, and Scottish Widows. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency targeting UK retail and commercial customers. Technically, the site is built on Adobe Experience Manager and integrates modern analytics and tag management tools such as Google Tag Manager and Tealium, alongside accessibility features like the ReciteMe toolbar. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. WHOIS data is unavailable from the provided raw output, which is unusual for a corporate domain but the website content and branding strongly indicate legitimacy. Overall, the site demonstrates a high level of professionalism, accessibility, and compliance with privacy regulations.

ING Wholesale Banking operates as a global financial services provider specializing in wholesale banking solutions across more than 35 markets. The company offers a broad range of services including payments and collections, cash and liquidity management, trade finance, hedging solutions, and strategic advisory with a strong emphasis on sustainability. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to corporate clients and financial institutions. Technically, the website leverages modern web technologies such as the Astro framework, optimized image formats (WebP, AVIF), and advanced font loading strategies. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Analytics are implemented via Webtrekk, indicating moderate user tracking with privacy compliance mechanisms including cookie consent banners. From a security perspective, the site enforces HTTPS and employs secure login components. However, explicit security headers are not evident in the HTML source, and there is no public incident response or vulnerability disclosure information. The WHOIS data is missing or the domain is unregistered, which raises concerns about domain legitimacy despite the professional website content. Overall, the website scores well on content quality and technical implementation but is moderately impacted by the lack of WHOIS data and some security best practices. Strategic recommendations include enhancing security headers, publishing incident response policies, and clarifying domain registration details to improve trust and compliance.

C

Citigroup Inc.

citigroup.com

0

Citigroup Inc. is a leading global financial institution providing a wide range of banking, investment, and wealth management services to institutional and individual clients worldwide. The website reflects its enterprise-scale operations with comprehensive investor relations, press releases, and detailed business segment information. The technical infrastructure leverages modern web technologies including React and Adobe DTM, with strong privacy and cookie consent implementations via OneTrust. Security posture is robust, featuring HTTPS, security headers, and no visible vulnerabilities, aligned with industry best practices. Overall, the site demonstrates a mature digital presence consistent with a top-tier global bank, supporting trust and transparency for its users.

B

BNY

bny.com

0

BNY is a globally recognized financial services company managing over $53 trillion in assets, offering services such as asset management, wealth management, and capital markets execution. The website reflects a mature digital presence with professional design, clear navigation, and strong branding consistent with a large enterprise in the finance sector. Technically, the site leverages modern frameworks like Bootstrap and Adobe Experience Manager, integrates advanced analytics and tracking tools, and implements accessibility and cookie consent mechanisms, indicating a high level of digital maturity. Security posture is strong with HTTPS, Content Security Policy, and no visible vulnerabilities, though explicit privacy and security policies are not prominently linked, which could be improved. Overall, the site is trustworthy and professional, though the absence of WHOIS data and explicit contact details slightly reduce transparency.

BNP Paribas CIB is a globally recognized financial services firm specializing in corporate and institutional banking, offering a broad range of services including capital markets, securities services, advisory, finance, and treasury. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to corporate clients. Technically, the site is built on WordPress with modern SEO and cookie consent tools, ensuring good performance and compliance with privacy regulations. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and published policies. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate corporate entity.

B

BBVA

bbva.com

0

BBVA is a leading multinational financial services group headquartered in Spain, with a strong emphasis on digital banking and sustainability. The website serves as a comprehensive platform for news, investor relations, corporate information, and customer engagement, reflecting BBVA's position as a digital bank of the 21st century. The company offers a wide range of banking and financial services, targeting retail and corporate customers globally, with subsidiaries such as Garanti BBVA and BBVA Spark supporting its innovation and regional presence. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates Adobe Data Layer and OneTrust for analytics and privacy compliance. The site demonstrates good performance, mobile optimization, and accessibility, with clear navigation and professional design. Security measures include HTTPS enforcement, security headers, and a vulnerability disclosure program, indicating a mature security posture. The security evaluation reveals strong adherence to best practices, including GDPR compliance and incident response readiness, though the absence of WHOIS data for the domain is unusual and warrants monitoring. Overall, the website is trustworthy, professional, and aligned with BBVA's corporate identity and regulatory requirements.

B

Barclays

home.barclays

0

Barclays is a leading British universal bank offering a broad range of financial services including consumer banking, corporate and investment banking, and wealth management. The website reflects a mature, enterprise-level digital presence with comprehensive content targeting investors, clients, and the general public. The technical infrastructure is built on Adobe Experience Manager with strong use of modern web technologies and CDN services, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and domain transfer protections, though explicit security headers and incident response contacts could be improved. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility.

K

Krajská zdravotní, a.s.

kzcr.eu

0

Krajská zdravotní, a.s. is a major healthcare provider operating multiple hospitals and specialized medical services in the Ústecký region of the Czech Republic. The website serves patients, healthcare professionals, and employees with information about services, news, and organizational details. The company holds a strong regional market position as a public healthcare entity. Technically, the website is built on ASP.NET Web Forms with standard web technologies and includes modern features such as Google Tag Manager and cookie consent mechanisms. Security posture is adequate with HTTPS enforced and secure form handling, but lacks advanced security headers and incident response disclosures. Overall, the site is professional, trustworthy, and compliant with basic privacy regulations, though improvements in security transparency and contact information visibility are recommended.

The website www.komplanlitomerice.cz serves as a portal for social services coordinated in the Litoměřice region of the Czech Republic. It provides information about various social support programs targeting seniors, persons with disabilities, families, youth, and individuals facing crises such as homelessness or addiction. The site is affiliated with local government initiatives and community planning projects, positioning itself as a key informational resource for residents seeking social assistance. Technically, the site employs legacy JavaScript libraries such as jQuery 1.8.3 and Fancybox 1.3.4, alongside Google Analytics for visitor tracking. While the site is accessible and well-structured with clear navigation, it lacks modern security headers and uses outdated libraries that may expose it to vulnerabilities. No privacy or cookie policies are present, and no contact emails or phone numbers are explicitly provided, which impacts privacy compliance and user trust. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces domain trustworthiness but does not contradict the site's public service nature. Overall, the site is functional and informative but requires updates to its security posture and privacy compliance to align with best practices.

E

European Banks for Ukraine

eubanksforukraine.com

0

The website 'European Banks for Ukraine' serves as a humanitarian initiative aimed at facilitating access to banking services for Ukrainian refugees arriving in the European Union. It positions itself as a collaborative effort among European banks to support financial integration for displaced persons. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. While the site presents a professional design and relevant content, it lacks critical compliance elements such as privacy and cookie policies, and no direct contact information is provided. Security-wise, the site uses HTTPS and includes some script-based security hardening, but lacks explicit security headers and incident response contacts. The domain WHOIS data is missing or unavailable, which raises concerns about registration legitimacy and transparency. Overall, the site appears functional and relevant but would benefit from enhanced compliance and transparency measures.

The website crhov.rs represents the Central Registry, Depository, and Clearinghouse for Securities in Serbia, a key financial market infrastructure institution established in 2003. It operates under the registrar TELEKOM SRBIJA A.D., providing essential services such as registration of financial instruments, depository functions, clearing and settlement, and statistical reporting. The site targets financial market participants including investors, issuers, and legal holders, positioning itself as a trusted and reliable partner within Serbia's capital market ecosystem. Technically, the website employs legacy JavaScript libraries like jQuery 1.4.4 and jQuery UI 1.8.10, along with Google Charts for data visualization. The platform appears custom-built without a mainstream CMS, hosted likely by the national telecom provider. Performance and mobile optimization are moderate, with basic SEO and accessibility features. The site structure is clear and content quality is good, supporting a professional user experience. From a security perspective, the site lacks modern security headers and does not enable DNSSEC, which are areas for improvement. No explicit security policy or incident response information is published, and no cookie consent mechanism is present, indicating partial privacy compliance. The WHOIS data is transparent and consistent with the business, enhancing trustworthiness. No WAF or blocking mechanisms were detected, and the site content is safe for general audiences. Overall, the website demonstrates solid business credibility and functional technical implementation but would benefit from enhanced security practices and privacy compliance measures. Strategic recommendations include enabling DNSSEC, updating JavaScript libraries, implementing security headers, publishing security and incident response policies, and adding cookie consent mechanisms to improve user trust and regulatory compliance.

А

АО "Центральный депозитарий ценных бумаг"

kacd.kz

0

АО "Центральный депозитарий ценных бумаг" operates as the national central securities depository in Kazakhstan, providing accounting and custody services for government, municipal, and non-government securities. The website is primarily in Russian and targets financial market participants within Kazakhstan. The business is relatively new, founded in 2022, and the domain registration aligns with this timeline. The company appears to be an essential entity within the finance sector, focusing on securities depository services.

A

Astana International Exchange

aix.kz

0

Astana International Exchange (AIX) is a regional stock exchange established in 2016 and operating under the Astana International Financial Centre (AIFC) framework. It serves as a key financial market gateway for Kazakhstan and Central Asia, offering trading, clearing, settlement, and market data services. The exchange benefits from strong international partnerships with shareholders such as Goldman Sachs, Shanghai Stock Exchange, NASDAQ, and the Silk Road Fund, positioning it as a credible and trusted market player in the region. The website reflects a professional and well-maintained digital presence with comprehensive business information and regulatory compliance documentation. Technically, the site is built on WordPress with modern SEO and analytics tools, providing good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates a mature digital infrastructure aligned with its business goals and regulatory environment.

Н

Національний депозитарій України (НДУ)

csd.ua

0

Національний депозитарій України (НДУ) є ключовим центральним депозитарієм цінних паперів в Україні, що надає широкий спектр фінансових послуг, включаючи облік депозитарних активів, ведення реєстрів, організацію зборів акціонерів та підтримку клієнтів через спеціалізовані портали. Сайт орієнтований на емітентів, депозитарні установи, клієнтів та учасників ринку цінних паперів, демонструючи професійний підхід та стабільну позицію на ринку.

CENTRÁLNY DEPOZITÁR CENNÝCH PAPIEROV SR, a.s. (CDCP SR) operates as Slovakia's central securities depository, providing critical services for securities registration, custody, and corporate event processing. The company serves a diverse audience including financial institutions, issuers, investors, and government bodies, positioning itself as a key infrastructure entity in the Slovak financial market. The website reflects a professional and well-structured digital presence, supporting multiple languages and offering portals for LEI services and participant access. Technically, the website is built on a modern WordPress platform utilizing Elementor for page building and Yoast SEO for search optimization. It employs standard security measures such as HTTPS, Google reCAPTCHA for form protection, and cookie consent mechanisms, indicating a mature digital infrastructure. Performance and mobile responsiveness are adequate, though some accessibility features could be enhanced. From a security perspective, the site demonstrates good baseline practices but lacks explicit published security policies or incident response information. No critical vulnerabilities or suspicious activities were detected in the content or scripts. The WHOIS data aligns well with the business profile, reinforcing legitimacy and trustworthiness. Overall, the website presents a secure, compliant, and professional front for CDCP SR, with room for improvement in transparency around security policies and vulnerability disclosures. Strategic enhancements in these areas would further strengthen stakeholder confidence and regulatory compliance.

K

KDD – Centralna klirinško depotna družba d.d.

kdd.si

0

KDD – Centralna klirinško depotna družba d.d. is the central securities depository in Slovenia, established in 1995. It provides critical financial market infrastructure services including securities registration, clearing and settlement, and issuance of international identification numbers such as LEI. The company holds memberships in key industry associations like ANNA and ECSDA, reinforcing its market position and trustworthiness. The website targets financial institutions, issuers, and investors primarily within Slovenia, offering a range of electronic services and corporate action management tools. Technically, the website employs modern web technologies including jQuery, Slick Carousel, and the Foundation framework, ensuring a responsive and user-friendly experience. Hosting is managed by a Slovenian registrar consistent with the business location. The site is well-structured with good SEO and accessibility basics, though some improvements could be made in accessibility and performance optimization. From a security perspective, the site uses HTTPS with a strong SSL configuration and avoids exposing sensitive data. However, it lacks explicit security headers and does not publicly provide incident response or vulnerability disclosure information. Privacy compliance is generally good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. Overall, the website is professional, trustworthy, and well-aligned with the business's role in the Slovenian financial market. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance standing.

K

Krajowy Depozyt Papierów Wartościowych S.A.

kdpw.pl

0

Krajowy Depozyt Papierów Wartościowych S.A. (KDPW) operates as Poland's central securities depository, providing essential services such as securities registration, transaction reporting, and code assignment (LEI, ISIN, CFI, FISN). The company targets financial market participants including issuers, direct participants, pension funds, and other financial institutions. KDPW holds a key market position as a national financial infrastructure entity, offering a broad portfolio of services including innovative blockchain-based IT solutions and compensation systems. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the website employs modern JavaScript libraries such as jQuery, Bootstrap, and Swiper.js, alongside Google Analytics and Tag Manager for analytics. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the security posture is robust, with no critical vulnerabilities detected. The absence of WHOIS data is typical for .pl domains and does not detract from the site's legitimacy, which is supported by consistent branding, clear business information, and a professional online presence. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving accessibility features to further strengthen compliance and trust.

Ц

Централен депозитар за хартии од вредност АД Скопје

cdhv.mk

0

The website for Централен депозитар за хартии од вредност АД Скопје serves as the official online presence of the central securities depository in North Macedonia. It provides comprehensive information and services related to securities registration, clearing, custody, and reporting for market participants. The site targets investors, issuers, and financial institutions within the country, positioning itself as a critical infrastructure entity in the national capital market. The business is well-established with a domain age of over a decade, reflecting stability and legitimacy. Technically, the website is built on ASP.NET Web Forms with a reliance on older JavaScript libraries such as jQuery 1.11.1 and uses common plugins like Flexslider and Modernizr. Hosting is managed via Neotel, a local provider, with HTTPS enabled ensuring secure communications. The site implements a cookie consent mechanism and uses Google Analytics for visitor tracking, indicating a moderate level of digital maturity. However, some modernization opportunities exist, particularly updating JavaScript libraries and enhancing security headers. From a security perspective, the site enforces HTTPS and has basic privacy and cookie policies in place. There is no evidence of advanced security policies, incident response contacts, or vulnerability disclosure mechanisms. The use of outdated libraries and absence of security headers present moderate risks. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration data aligns well with the business claims, supporting trustworthiness. Overall, the website is professional, content-rich, and trustworthy for its intended audience. Strategic improvements in security practices and technical modernization would enhance its posture and compliance. The site is safe for general audiences with no adult or questionable content detected.

D

Depozitarul Central Unic

dcu.md

0

Depozitarul Central Unic is a central securities depository operating in Moldova, providing essential financial market infrastructure services such as securities registration, shareholder list management, and account statements for investors. The website positions the entity as a key player in Moldova's financial market, targeting investors, issuers, and market participants. The business model revolves around facilitating transparent and efficient securities transactions and regulatory compliance within the Moldovan financial ecosystem. Technically, the website employs standard modern web technologies including HTML5, CSS3, JavaScript, and Google Fonts. It is mobile optimized with a responsive design and good SEO practices. However, it lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The site is served over HTTPS, ensuring encrypted communications. From a security perspective, the site demonstrates a moderate security posture with HTTPS enabled and no visible exposed sensitive data or vulnerable scripts. However, the absence of security headers, privacy policies, and incident response contacts indicates room for improvement in security maturity and compliance. No WAF or blocking mechanisms were detected, and the site is fully accessible. Overall, the website is professional and trustworthy, with a clear focus on financial market services in Moldova. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, publishing vulnerability disclosure information, and enhancing accessibility features to improve compliance and security posture.

L

LuxCSD S.A.

luxcsd.com

0

LuxCSD S.A. operates as a licensed central securities depository under the Central Securities Depositories Regulation (CSDR), providing issuer and investor services primarily in fixed income and equity securities. The company offers custody, settlement, and asset servicing solutions, targeting custodian banks, issuers, and distributors. Affiliated with the Deutsche Börse Group, LuxCSD holds a reputable market position with STEP eligibility and multi-jurisdictional issuer services. The website reflects a professional and well-structured digital presence with good content quality and navigation. Technically, the website employs modern JavaScript libraries and analytics tools such as Matomo, alongside a cookie consent management system ensuring GDPR compliance. The infrastructure appears stable and moderately optimized for performance and mobile use, though explicit security headers and detailed hosting information are not evident from the data provided. From a security perspective, the site uses HTTPS and session cookies for secure user sessions, with a cookie consent banner indicating privacy awareness. However, the absence of visible security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security maturity. The WHOIS data is notably missing or inaccessible, which raises concerns about domain registration legitimacy despite the professional business content. Overall, LuxCSD presents a credible and professional financial services platform with solid compliance and user experience. Strategic recommendations include enhancing security header implementation, publishing explicit security and incident response policies, and verifying domain registration details to strengthen trust and reduce risk.

K

KELER Zrt.

keler.hu

0

KELER Zrt. is a leading central securities depository and clearing house in Central and Eastern Europe with over 30 years of experience. The company provides comprehensive financial market infrastructure services, including securities custody, clearing, and facilitating Target2-Securities benefits. The website reflects a professional and modern digital presence built on React and Next.js frameworks, integrated with Sense/Net CMS and Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with a cookie consent mechanism and a clear privacy policy. Overall, the website demonstrates high business credibility and technical maturity, supporting KELER's market position as a trusted financial institution.

The website iberclear.es is currently inaccessible, returning a standard HTTP 404 Not Found error page with no content, metadata, or business information. The WHOIS data for the domain is unavailable due to access restrictions imposed by Red.es, preventing extraction of registrar, creation, expiry dates, or registrant details. This lack of transparency and absence of website content severely limits any meaningful analysis of the business or its digital presence. Technically, the site lacks HTTPS, security headers, and any modern web technologies, indicating a minimal or non-existent technical infrastructure. From a security perspective, the absence of content and security policies, combined with no visible security best practices, results in a low security posture. Overall, the domain appears inactive or improperly configured, posing a high risk for trust and credibility.

E

Euronext

euronext.com

0

Euronext operates as a leading pan-European stock exchange and market infrastructure provider, offering a comprehensive suite of services including listing, trading, clearing, settlement, and market data solutions. The website reflects a mature and professional digital presence, built on Drupal 10 with modern UI components and optimized for mobile devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published incident response contacts are absent. The absence of WHOIS data is notable but does not detract from the website's legitimacy given the professional content and market position. Overall, the site supports Euronext's role as a critical financial market infrastructure entity.

C

Clearstream

clearstream.com

0

Clearstream is a leading provider of post-trade infrastructure and securities and fund services, operating as part of the Deutsche Börse Group. The company serves international and domestic capital markets with a comprehensive suite of financial services including securities custody, fund services, collateral management, and digital solutions. The website reflects a mature and professional digital presence with modern technologies such as React and Next.js, and integrates analytics and cookie consent mechanisms to comply with privacy regulations. Security posture is strong with HTTPS enforcement, secure forms, and standard security headers, though explicit security policies and incident response information are not publicly detailed. Overall, Clearstream's website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for its enterprise-level financial services business.

Ц

Централен депозитар

csd-bg.bg

0

The Central Securities Depository (Централен депозитар) operates as a key financial infrastructure entity in Bulgaria, providing essential services to issuers, members, investors, and managing special pledges and financial collateral. The website reflects a professional and consistent brand presence with clear navigation and multilingual support (Bulgarian and English). The business model centers on providing secure and reliable central securities depository services, positioning itself as a trusted national financial institution. The company maintains active communication channels including email, phone, and social media platforms, enhancing stakeholder engagement. Technically, the website is built using JavaServer Faces (JSF) with PrimeFaces framework and jQuery libraries, indicating a mature enterprise-grade technology stack. The site is mobile responsive and implements cookie consent mechanisms, though it lacks advanced SEO and accessibility features. Performance is moderate with no critical technical issues detected. Security posture is solid with HTTPS enforced and basic security headers present, but could be improved by adding more comprehensive security headers and publishing a vulnerability disclosure policy. No WAF or blocking mechanisms were detected, allowing full content access. The WHOIS data is privacy protected under GDPR, which is typical for EU domains, and the domain status is active and consistent with the business operations. No suspicious patterns or vulnerabilities were found. Overall, the website demonstrates a good balance of business credibility, technical implementation, and security compliance, suitable for its role in the financial sector. Strategic recommendations include enhancing security headers, publishing a formal privacy policy and incident response contacts, improving SEO and accessibility compliance, and considering a vulnerability disclosure program to further strengthen trust and security culture.

Euroclear is a globally recognized financial market infrastructure provider specializing in securities settlement, custody, collateral management, and related services. The company holds a leading market position with a comprehensive portfolio of services targeting financial institutions and market participants. Their website reflects a mature digital presence with detailed service descriptions and strong branding consistency. Technically, the site leverages modern JavaScript libraries, Adobe Experience Manager CMS, and integrates analytics and user feedback tools, indicating a well-maintained infrastructure. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates high professionalism and trustworthiness, supporting Euroclear's enterprise stature.

R

Registar vrijednosnih papira u Federaciji Bosne i Hercegovine d.d. Sarajevo

rvp.ba

0

The Registar vrijednosnih papira u Federaciji Bosne i Hercegovine d.d. Sarajevo operates as the official securities registry for the Federation of Bosnia and Herzegovina. The website provides comprehensive information and services related to securities registration, dividend payments, corporate actions, and shareholder data management. It serves a specialized audience including shareholders, issuers, financial institutions, and government entities, positioning itself as an authoritative source in the Bosnian financial sector. Technically, the website employs a standard ASP.NET MVC framework with common libraries such as jQuery, Bootstrap, and Modernizr. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. The design is professional and consistent, with clear navigation and relevant content. From a security perspective, the site uses HTTPS but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and functional, with room for improvement in security best practices, privacy compliance, and accessibility. Strategic enhancements in these areas would strengthen the site's security posture and user trust.

O

OeKB CSD GmbH

oekb-csd.at

0

OeKB CSD GmbH operates as a central securities depository providing critical infrastructure services for the Austrian capital market. The company offers a range of services including digital securities issuance, custody, settlement via the European TARGET2-Securities platform, asset servicing, and payment processing for matured securities. Positioned as a key player within the Austrian financial ecosystem and part of the OeKB Group, it targets capital market participants such as issuers and account holders. The website content is professional, well-structured, and primarily in German with English support, reflecting a medium-sized enterprise with a solid market presence. Technically, the website employs modern web technologies including JavaScript and jQuery, with responsive design elements suitable for mobile devices. While no explicit CMS or hosting provider is identified, the site demonstrates moderate performance and good SEO practices. However, some accessibility features could be improved. Security-wise, HTTPS is enforced, and no obvious vulnerabilities or exposed sensitive data are present. The absence of security headers and explicit security policies suggests room for enhancement in security posture. The WHOIS data is unavailable due to NIC.AT registry restrictions, limiting domain registration transparency. Despite this, the website and business information appear consistent and trustworthy. No blocking or WAF mechanisms were detected, allowing full content access. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are lacking. Overall, the site reflects a professional financial services provider with a solid digital presence but could benefit from improved security headers, cookie consent implementation, and enhanced transparency regarding incident response and vulnerability disclosure.

E

Een initiatief van samenwerkende banken

voorkomfraude.nl

0

Voorkomfraude.nl is a Dutch fraud awareness and prevention platform initiated by collaborating banks, aimed at educating the general public about recognizing and preventing various types of fraud. The website offers comprehensive information, including fraud types, educational videos, podcasts, and tools to report fraud. It holds a trusted position in the financial sector within the Netherlands, supported by its consistent branding and professional content. Technically, the website is built on WordPress with modern plugins such as Yoast SEO Premium and EWWW Image Optimizer, ensuring good SEO, accessibility, and performance. The site uses HTTPS with DNSSEC enabled, indicating a strong security foundation. Cookie consent mechanisms and privacy policies demonstrate GDPR compliance, although explicit security and incident response policies are not published. Security posture is solid with no detected vulnerabilities or exposed sensitive data. The site uses Clearsite Security plugin and Google Tag Manager for analytics and tracking, maintaining a balance between user experience and privacy compliance. No WAF or blocking mechanisms interfere with content accessibility. Overall, the site scores well on content quality, technical implementation, security, privacy compliance, and business credibility, making it a reliable resource for fraud prevention education. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure mechanisms to further enhance trust and compliance.

C

Consumer Education Hub

consumer-education.eu

0

The Consumer Education Hub is a European non-profit platform dedicated to aggregating and showcasing consumer education initiatives to help consumers navigate markets safely. It targets a broad audience including educators, teenagers, parents, and the general public. The platform is co-funded by the European Union and BEUC, positioning it as a credible resource within the European consumer education ecosystem. The website offers searchable resources and highlights key initiatives across financial literacy, product safety, and digital skills. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses privacy-respecting Matomo analytics. The site is hosted by OVH SAS, a reputable hosting provider. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though it lacks some security headers and cookie consent mechanisms required for full EU compliance. Contact is provided via a form, with no direct emails or phone numbers visible. Overall, the site is professional, trustworthy, and well-structured, serving its educational mission effectively.

A

Annertech

annertech.com

0

Annertech is a specialized digital agency focused on delivering ambitious digital experiences primarily using Drupal technology. The company targets governments, non-profits, and enterprises mainly across Ireland, positioning itself as a trusted partner in the digital transformation space. Their key services include Drupal development and enterprise digital solutions, supported by a professional and well-branded website that reflects their market positioning. Technically, the website is built on Drupal 10, leveraging modern analytics tools such as Matomo and Google Analytics, and employs Cookiebot for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. The use of Google Tag Manager and other marketing tools further supports their digital marketing efforts. From a security perspective, the website enforces HTTPS and includes standard security headers, demonstrating good security hygiene. Cookie consent mechanisms and privacy policies are in place, supporting GDPR compliance. However, the absence of explicit security policies, incident response contacts, and Terms of Service pages suggests areas for improvement in transparency and governance. Overall, the website presents a professional and trustworthy digital presence with moderate risk due to incomplete WHOIS data and missing contact information. Strategic recommendations include publishing comprehensive security and incident response policies, adding Terms of Service, and enhancing contact transparency to improve trust and compliance.

W

WSBI World Congress of Savings and Retail Banks

wsbi-congress.org

0

The WSBI World Congress of Savings and Retail Banks is a professional event organization focused on the global savings and retail banking sector. It hosts international congresses and centenary celebrations, providing a platform for banking professionals to network and share industry knowledge. The organization is positioned as a recognized entity within the finance industry, targeting banks and financial institutions worldwide. The website is hosted on a reliable infrastructure with Amazon Registrar and uses WordPress with modern plugins such as Elementor and WooCommerce, indicating a mature digital presence. Security posture is good with HTTPS enforced and domain security measures in place, though DNSSEC is not enabled. Privacy compliance is strong with clear cookie and privacy policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-maintained, supporting multilingual audiences and providing clear contact information.

I

International Swaps and Derivatives Association, Inc. (ISDA)

swapsinfo.org

0

ISDA SwapsInfo is a specialized financial data platform affiliated with the International Swaps and Derivatives Association, Inc. (ISDA). It provides transparency and detailed analytics on over-the-counter derivatives markets, focusing on interest rate and credit derivatives. The platform offers interactive charts, downloadable data, and weekly market analysis reports, targeting financial professionals, regulators, and market participants. The website content is professionally presented, consistent with ISDA's branding, and leverages authoritative data sources such as DTCC and BIS.

Česká zima is a Czech Republic-based online catalog specializing in winter accommodation and skiing in the Czech mountains. Established in 2008, it offers a platform for property owners to list apartments, chalets, and hotels with direct contact information, targeting winter tourists and skiers. The website provides additional services such as snow condition reports, ski lift information, and live webcams, positioning itself as a niche resource for winter tourism in the region. Technically, the site uses basic HTML, CSS, and JavaScript with Google AdSense for monetization. The hosting is managed by Wedos, a Czech provider, and the domain is long-standing and consistent with the business focus. Security posture is moderate with HTTPS enabled but lacking important security headers and privacy compliance mechanisms. No privacy or cookie policies were found, indicating compliance gaps. Overall, the site is functional and relevant but would benefit from improved security and privacy practices.

C

CzechTourism

czechtourism.com

0

CzechTourism is a government agency under the Ministry for Regional Development of the Czech Republic, focused on promoting tourism within the country. The website serves as an official platform to disseminate information and market the Czech Republic as a travel destination. The site uses modern web technologies such as Vue.js and integrates marketing tools like Google Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. However, the absence of visible privacy and cookie policies and lack of security headers suggest areas for improvement in compliance and security. The WHOIS data is not publicly available, likely due to privacy protection, which is justified for a government entity. Overall, the site is professional and trustworthy but could enhance its security posture and privacy transparency.

I

Počasí - předpověď počasí, aktuální informace | In-počasí

in-pocasi.eu

0

The website www.in-pocasi.cz is a Czech language weather forecasting portal providing detailed meteorological information including current weather, radar maps, numerical models, and weather news. It targets the general public interested in weather updates primarily in the Czech Republic. The business model appears to be advertising-supported, leveraging multiple ad networks and tracking services integrated with a consent management platform to comply with privacy regulations. Technically, the site uses modern web technologies such as SVG for interactive maps, JavaScript libraries for UI and analytics, and is served over HTTPS ensuring secure communication. The site is mobile optimized and accessible with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers are not clearly visible in the provided data. The absence of WHOIS registration data is a notable gap, reducing domain trustworthiness, but the website content and technology usage suggest a legitimate media service. Privacy compliance is partially met with cookie consent but lacks a clearly identified privacy policy page. Overall, the site is professional and trustworthy for its intended purpose.