Security Directory

I

Ingenico

ingenico.com

71

Ingenico is a global leader in payment solutions, offering a wide range of products and services including smart payment terminals, cloud-based payment platforms, and end-to-end terminal management. The company targets merchants and businesses across multiple sectors such as retail, transportation, hospitality, and energy. As a subsidiary of Worldline, Ingenico benefits from a strong market position and extensive industry expertise. The website reflects a mature digital presence with comprehensive multilingual support and professional content tailored to its B2B audience. Technically, the site is built on Drupal 10, integrates standard analytics and marketing tools, and demonstrates good mobile optimization and accessibility. Security posture is strong with HTTPS, security headers, and compliance with PCI DSS and ISO 27001 standards. Privacy compliance is robust, featuring detailed privacy and cookie policies with user consent mechanisms. Overall, Ingenico's website and domain registration data indicate a trustworthy, enterprise-grade business with a solid reputation in the payments industry.

I

International Union for Conservation of Nature and Natural Resources (IUCN)

iucn.org

71

IUCN is a globally recognized non-profit organization dedicated to nature conservation and sustainable development. It operates as the world's largest environmental network, providing scientific data, policy guidance, and direct conservation efforts. The website reflects a mature digital presence with comprehensive content, multilingual support, and clear navigation tailored to a diverse audience including governments, NGOs, and the public. Technically, the site is built on Drupal 10, uses modern tracking and consent management tools, and is hosted with reputable providers ensuring good performance and security. Security posture is strong with HTTPS, domain locking, and cookie consent, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the site is trustworthy, professional, and compliant with privacy regulations.

I

Institut national de l’information géographique et forestière

ign.fr

61

The Institut national de l’information géographique et forestière (IGN) is a French government entity specializing in the production and dissemination of geographic and forestry data. The website serves a diverse audience including individuals, professionals, public policy actors, educators, and students. It offers a comprehensive range of cartographic services, data access, and applications, positioning itself as the authoritative national geographic data provider in France. The business model is public service-oriented, focusing on data accessibility and support for various user needs. Technically, the website is built on Drupal 10, leveraging modern web technologies such as JavaScript and CSS, with good mobile optimization and accessibility features. The site demonstrates moderate performance and good SEO practices. Security posture is strong with HTTPS enforced and appropriate security headers, although there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with privacy regulations including GDPR. The lack of publicly available WHOIS data is typical for .fr domains and does not detract from the legitimacy of the site. The presence of official contact information, social media channels, and comprehensive policies further enhance credibility. Strategic recommendations include enhancing security transparency and formalizing vulnerability disclosure mechanisms.

A

Anses - Agence nationale de sécurité sanitaire de l’alimentation, de l’environnement et du travail

anses.fr

52

Anses is the French national agency responsible for health safety in food, environment, and work sectors. It provides scientific expertise, risk assessment, regulatory decisions, and public communication. The agency holds a strong market position as a government authority with a large organizational size and a comprehensive digital presence. The website is built on Drupal 10 with modern frontend technologies and includes multilingual support. Privacy and cookie consent mechanisms are implemented effectively. However, WHOIS data is missing, which slightly impacts domain trustworthiness. The site demonstrates good security practices but lacks explicit security policy and incident response information.

P

Pan Europe

low-impact-farming.info

47

The website www.low-impact-farming.info is an advocacy and informational platform operated by Pan Europe, a non-profit organization focused on promoting sustainable agriculture practices, specifically low impact farming and Integrated Pest Management (IPM) across Europe. The site provides educational resources, policy position papers, and multimedia content to support pesticide reduction and environmentally friendly farming methods. It targets farmers, policymakers, environmental advocates, and the general public interested in sustainable agriculture. The business model is centered on advocacy and education rather than commercial sales, positioning itself as a niche player in the European sustainable agriculture sector. Technically, the website is built on Drupal 10 CMS, leveraging modern web technologies including Google Analytics and Google Tag Manager for user tracking and AddToAny for social sharing. The site is mobile optimized with good accessibility and SEO practices, though performance is moderate. The technical infrastructure appears maintained and up to date, but lacks some advanced security headers and formal privacy/cookie policies. From a security perspective, the site uses HTTPS and anonymizes IPs in analytics, but does not implement key security headers or publish security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of privacy and cookie policies represents a compliance gap, especially under GDPR. WHOIS data is unavailable due to privacy protection, which is reasonable for this non-profit entity. Overall, the security posture is moderate but could be improved with better policy transparency and technical controls. The overall risk assessment is low to moderate. The site is legitimate and trustworthy for its advocacy purpose but should enhance privacy compliance and security best practices to strengthen user trust and regulatory adherence. Strategic recommendations include publishing privacy and cookie policies with consent mechanisms, implementing security headers, adding a security.txt file, and improving incident response visibility.

T

TPF

tpf.eu

46

TPF is a well-established global multidisciplinary engineering consultancy headquartered in Belgium, with a strong presence in over 40 countries through multiple subsidiaries. The company offers a broad range of engineering services including consultancy, design, technical asset management, and project management. Their market position is reinforced by recognitions such as BREEAM Excellent certifications and rankings in ENR's Top 50 International Design Firms. The website reflects a professional and consistent brand image targeting engineering clients and infrastructure projects worldwide. Technically, the site is built on Drupal 10 with modern JavaScript libraries and is optimized for mobile and accessibility. Security posture is good with HTTPS and no visible vulnerabilities, though explicit security headers and policies are missing. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve compliance and security transparency.

I

International Animal Rescue

internationalanimalrescue.org

67

International Animal Rescue is a well-established non-profit organization dedicated to saving and protecting animals worldwide. Their website reflects a professional and comprehensive approach to animal rescue, rehabilitation, conservation, and community engagement. The organization targets animal welfare supporters, donors, volunteers, and the general public interested in wildlife protection. Their business model relies on donations, adoptions, fundraising, and merchandise sales, positioning them as a reputable charity in the animal welfare sector. Technically, the website is built on Drupal 10 with Commerce 2, integrating modern analytics and tracking tools such as Google Analytics and Google Tag Manager. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. Security measures include HTTPS enforcement and reCAPTCHA v3 on forms, though some security headers could be improved for enhanced protection. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. However, no explicit security policies or incident response contacts are found, which could be areas for improvement. WHOIS data is privacy protected, common for non-profits, and does not raise immediate concerns. Overall, the website demonstrates a high level of professionalism, trustworthiness, and digital maturity, making it a reliable platform for supporters and stakeholders. Strategic recommendations include enhancing security headers, publishing security policies, and improving transparency around incident response to further strengthen trust and compliance.

S

Selectra

selectra.info

57

Selectra is a French comparison platform specializing in energy, internet, mobile, insurance, and banking services. It offers consumers tools and advisory services to reduce their bills by comparing providers and facilitating switching. The website is well-established with a strong market presence in France, supported by extensive customer reviews and multiple sector coverage. Technically, the site is built on Drupal 10, uses modern analytics and tracking tools, and implements good privacy and cookie consent mechanisms. Security posture is solid with HTTPS and Content Security Policy in place, though explicit security policies and incident response information are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Métropole Européenne de Lille

lillemetropole.fr

64

Métropole Européenne de Lille (MEL) is a public metropolitan government entity serving 95 communes in the Lille region of France, with a population of approximately 1.2 million residents. The website serves as an official portal providing information and services related to urban planning, waste management, transportation, culture, economic development, and environmental sustainability. The MEL positions itself as a key regional authority with a comprehensive service offering to residents, businesses, and professionals. Technically, the website is built on Drupal 10, leveraging modern web technologies and providing a responsive, accessible user experience. The site includes cookie consent mechanisms and uses Matomo for analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is trustworthy, professional, and well-aligned with the public institution it represents.

Urbanomy is a strategic energy and climate consulting subsidiary of the EDF group, founded in 2020. The company provides tailored consulting services to public and private organizations to accelerate their climate transition, leveraging strong technical expertise and international presence in Paris and London. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. Technically, the site uses Drupal 10 CMS, integrates modern analytics and marketing tools, and is hosted likely via Akamai CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and vulnerability disclosure mechanisms are absent. WHOIS data is privacy protected, typical for corporate domains, and the domain aligns well with the business identity and parent company branding. Overall, the site is trustworthy, compliant with GDPR, and serves as a credible digital asset for Urbanomy.

C

Conseil départemental de l'Orne

orne.fr

63

The Conseil départemental de l'Orne operates as the official government body for the Orne department in Normandy, France. The website serves as a comprehensive portal for residents and stakeholders, offering news, public services, administrative procedures, and cultural information. It holds a strong market position as the authoritative source for regional government information and services. The digital infrastructure is built on Drupal 10, integrating modern web technologies and privacy-conscious analytics (Matomo). The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital presence. Security measures include HTTPS enforcement, reCAPTCHA v3 on forms, and cookie consent management, though some security headers could be improved. The absence of WHOIS data is a notable anomaly but is likely due to AFNIC policies or privacy protections. Overall, the site is trustworthy, professional, and safe for general audiences.

C

Chambres de Métiers et de l'artisanat - Île-de-France

cma-idf.fr

51

The website www.cma-idf.fr represents the Chambre de Métiers et de l'Artisanat of Île-de-France, a regional public entity focused on artisan training, apprenticeship, business creation, and management support. It serves a broad audience including entrepreneurs, apprentices, and business owners in the Île-de-France region. The site is built on Drupal 10 and integrates modern analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, Hotjar, and Facebook Pixel, with appropriate cookie consent mechanisms in place. Security posture is strong with HTTPS enforced and relevant security headers present, though no explicit security policy or incident response information is published. The domain WHOIS data is not publicly available, consistent with AFNIC policies for .fr domains, and does not raise legitimacy concerns. Overall, the website is professional, content-rich, and trustworthy, providing comprehensive services and information to its target audience.

C

CMA France

cma-france.fr

56

Artisanat.fr is the official portal for the Chambres de Métiers et de l'Artisanat (CMA) in France, providing comprehensive information on artisan métiers, training, news, and personalized support services. The site serves a broad audience including artisans, apprentices, and entrepreneurs interested in the artisan sector. It is positioned as a trusted government-related resource with a large network presence across France. Technically, the site is built on Drupal 10 with modern analytics and marketing integrations, demonstrating a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers could be improved. The absence of WHOIS data is noted but does not detract from the site's legitimacy given its official nature. Overall, the site is professional, accessible, and privacy-conscious, supporting the artisan community effectively.

A

Agence Nationale pour les Chèques-Vacances (ANCV)

ancv.com

61

The Agence Nationale pour les Chèques-Vacances (ANCV) is a French government public institution dedicated to facilitating access to vacations for a broad population including employees, public agents, families, seniors, and vulnerable groups. It operates through the issuance of Chèque-Vacances vouchers, Coupon Sport, and social aid programs, while also supporting the tourism and leisure sectors via partnerships. The website reflects a mature digital presence with a modern Drupal 10 CMS, Bootstrap 5 styling, and integrated analytics via Google Tag Manager. It provides comprehensive information, including privacy and cookie policies, and actively warns users about phishing attempts impersonating the agency. Security posture is generally good with HTTPS enforced and cookie consent mechanisms, though explicit security headers and incident response information are lacking. The absence of WHOIS data for the domain is a notable anomaly that reduces trust slightly, but the overall branding and content strongly indicate an official and trustworthy government entity.

Z

Zepros

zepros.fr

55

Zepros is a well-established French B2B media group founded in 2005, specializing in delivering professional information across multiple sectors including automobile, building, trade, habitat, catering, territorial collectivities, and artisans entrepreneurs. The group operates several sector-specific websites and offers daily newsletters and professional events, positioning itself as a key information source for professionals in these industries. Technically, the website is built on Drupal 10, leveraging modern web technologies and standard marketing and analytics tools such as Google Tag Manager and Cloudflare Insights. The site is mobile-optimized and provides a good user experience with clear navigation and professional content. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks some advanced security headers and publicly available security policies or incident response contacts. The absence of WHOIS data suggests privacy protection, which is common and justified for media companies. Overall, the website is legitimate, professional, and trustworthy with moderate to good security posture.

M

Montpellier Méditerranée Métropole et ville de Montpellier

montpellier3m.fr

68

Montpellier Méditerranée Métropole and the city of Montpellier operate an official government website serving as the primary digital portal for residents, businesses, and visitors. The site provides comprehensive information on municipal institutions, public services, urban development projects, citizen participation, and local governance. It targets a broad audience including local citizens, public service users, and tourists. The business model is that of a public sector entity focused on service delivery and community engagement. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries such as Swiper.js and AddToAny for enhanced user experience and social sharing. It integrates Matomo analytics with privacy-conscious configurations. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, it lacks publicly available security policies or incident response information, which could be improved to enhance transparency and trust. The WHOIS data is unavailable due to AFNIC policies, but the domain's .fr extension and consistent official branding support its legitimacy. Overall, the website presents a low-risk profile with strong content quality and technical implementation. Strategic recommendations include publishing explicit security and incident response policies, establishing a vulnerability disclosure program, and maintaining up-to-date software to mitigate potential risks.

U

Uniformation

uniformation.fr

61

Uniformation is a well-established French non-profit organization acting as an OPCO (Opérateur de compétences) specializing in the social cohesion sector. The website clearly targets employers, employees, partners, and job seekers, offering services such as professional training financing, pedagogical engineering, HR management support, and alternance recruitment. The site demonstrates a strong market position with a comprehensive catalog of training and consulting services tailored to the social cohesion industry. Technically, the website is built on Drupal 10 with modern JavaScript libraries and analytics tools, providing a responsive and accessible user experience. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be explicitly added. The absence of WHOIS data reduces domain trust slightly, but the professional presentation and compliance with GDPR and cookie regulations support legitimacy. Overall, the site is professional, secure, and user-friendly, serving a large audience in France's education and social sectors.

B

Bouyer Leroux

bouyer-leroux.com

74

Bouyer Leroux is a prominent French manufacturer specializing in terracotta building materials including bricks for walls and partitions, tiles, and prefabricated construction solutions. The company positions itself as a leading reference in the French building materials market, targeting construction professionals, architects, and builders. Their website is professionally designed, mobile-optimized, and provides comprehensive information about their products, services, and corporate commitments such as sustainability. Technically, the site is built on Drupal 10, uses Google Tag Manager and Didomi for consent management, and employs HTTPS with good security practices. However, the WHOIS data for the domain is missing or unavailable, which raises questions about domain registration legitimacy despite the professional online presence. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policies. No direct company emails or phone numbers are publicly listed, with contact primarily via web forms. Security posture is good but could be improved by adding explicit security headers and incident response information. Overall, the website is trustworthy and professional but domain registration details should be verified for full assurance.

I

International Social Security Association

issa.int

65

The International Social Security Association (ISSA) operates a professional and authoritative website serving as a global network for social security organizations. The site offers comprehensive member services, including guidelines, training, awards, and publications, targeting social security professionals and government agencies worldwide. The website is built on Drupal 10, leveraging modern web technologies and analytics tools with privacy-conscious configurations. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, supporting ISSA's position as a leading international organization in social security.

B

Belgian Federal Public Service Policy and Support (BOSA)

bosa.be

65

The Belgian Federal Public Service Policy and Support (BOSA) website serves as an official government portal providing multilingual access to federal public service information. The site is positioned as a key government service platform, targeting Belgian citizens and government employees. It offers policy and support services, emphasizing accessibility and compliance with European data protection regulations. The website uses Drupal 10 CMS and integrates modern JavaScript libraries and Matomo analytics with user consent, reflecting a mature digital infrastructure. Security posture is moderate with room for improvement in security headers and transparency of security policies. The domain is a subdomain of belgium.be, indicating high legitimacy despite restricted WHOIS data. Overall, the site is professional, trustworthy, and compliant with GDPR, but could enhance security and transparency further.

É

École nationale supérieure d'Arts et Métiers

artsetmetiers.fr

55

École nationale supérieure d'Arts et Métiers (ENSAM) is a prestigious French engineering grande école specializing in initial and continuing education, research, and innovation in technology and industry. The institution maintains strong partnerships with industry and academic bodies, positioning itself as a leader in engineering education and industrial innovation in France. The website reflects a professional and comprehensive digital presence, targeting students, researchers, and industry collaborators. The business model focuses on education, research, and industry collaboration with services including degree programs, continuing education, and incubation support for startups. Technically, the website is built on Drupal 10 with modern web technologies including jQuery, Matomo analytics, and responsive design. The site demonstrates good SEO, accessibility, and mobile optimization. Hosting and domain registration are consistent with an academic institution, with domain age supporting legitimacy. Analytics usage respects privacy with Do Not Track enabled. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the site lacks published privacy and cookie policies, incident response contacts, and security headers, which are areas for improvement to enhance compliance and trust. Overall, the website is trustworthy, professional, and well-maintained, with recommendations to improve privacy compliance and security transparency to further strengthen its security posture and regulatory adherence.

B

Bouygues Immobilier Corporate

bouygues-immobilier-corporate.com

59

Bouygues Immobilier Corporate is a well-established real estate company with a strong presence in France and internationally. The website reflects a mature digital presence with comprehensive content about their activities, references, news, and corporate commitments. The technical infrastructure is modern, leveraging Drupal 10, Bootstrap 5, and privacy-focused analytics tools such as Matomo. The site implements GDPR-compliant cookie consent mechanisms and provides clear contact information and social media links. However, the WHOIS data for the domain is unavailable, which raises some concerns about domain registration legitimacy, though the website content and branding strongly support authenticity. Security posture is good with HTTPS and privacy SDKs, but explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for users.

VINCI is a global leader in concessions, energy services, and construction, operating in over 120 countries with a workforce of approximately 285,000 employees. The company focuses on sustainable development, energy transition, and social progress, positioning itself as a key player in infrastructure and mobility solutions. The website reflects a mature digital presence with comprehensive corporate information, investor relations, and newsroom updates, supporting transparency and stakeholder engagement. Technically, the site is built on Drupal 10, uses Matomo for privacy-conscious analytics, and includes cookie consent mechanisms, indicating good privacy compliance. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and incident response details are absent. The WHOIS data is unavailable, which slightly reduces transparency but does not detract from the site's legitimacy given the strong corporate branding and content. Overall, VINCI's website demonstrates professionalism, good technical implementation, and a strong business credibility profile.

A

Agence Nationale pour la Rénovation Urbaine

anru.fr

73

The Agence Nationale pour la Rénovation Urbaine (ANRU) is a French public agency dedicated to financing and supporting the transformation of urban neighborhoods under the national urban policy. The website serves as an authoritative resource hub offering detailed information on programs, recent projects, publications, and innovation initiatives related to urban renewal across France. It targets public sector stakeholders, journalists, startups, beneficiaries, and job candidates. Technically, the site is built on Drupal 10, employs Matomo for analytics, and uses a cookie consent mechanism compliant with GDPR. The site is well-structured, mobile-optimized, and professionally designed, reflecting its government agency status. Security posture is good with HTTPS enforced and privacy policies in place, though some HTTP security headers could be improved. WHOIS data is unavailable due to AFNIC policies for .fr domains but the domain and content strongly indicate legitimacy. Overall, the site is a reliable and professional digital presence for ANRU.

S

Statutární město Havířov

havirov-city.cz

49

Statutární město Havířov operates an official municipal website providing comprehensive information and services to its residents and visitors. The site covers a wide range of topics including city history, administration, social services, culture, education, and urban planning. It serves as a central hub for city news, public notices, and access to municipal resources. The website targets local citizens and stakeholders, positioning itself as the authoritative source for city-related information. Technically, the website is built on Drupal 10 CMS, leveraging modern web technologies such as Google Analytics for visitor tracking and Klaro for cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting appears stable with a reputable registrar and nameserver provider. From a security perspective, the site uses HTTPS with good SSL configuration and employs cookie consent mechanisms compliant with GDPR. However, no explicit security headers were detected, and no vulnerability disclosure or incident response information is publicly available. The site does not expose sensitive data and uses anonymized IP tracking in analytics, indicating a reasonable security posture. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It effectively supports the city’s communication and service delivery objectives. Strategic improvements in security headers and transparency around security policies could further enhance its security maturity and user trust.

A

Aller Media AS

allershopping.no

65

Allershopping.no is a Norwegian e-commerce platform specializing in magazine subscriptions and digital media content. Operated by Aller Media AS, the site offers a wide range of print and digital magazine products targeting Norwegian-speaking consumers. The platform is built on Drupal 10 with Commerce 2, integrating modern web technologies and third-party services such as Sourcepoint for consent management and Puzzel for chat support. The website demonstrates good digital maturity with mobile optimization, accessibility features, and clear navigation. Security posture is solid with HTTPS enforced and secure form handling, though some security headers could be improved. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR consent mechanisms in place. Overall, the site is trustworthy, professional, and well-aligned with its business objectives.

J

J'agis pour la nature, la plateforme du bénévolat nature

jagispourlanature.org

71

J'agis pour la nature is a French non-profit platform dedicated to connecting volunteers with nature protection activities. It serves as a specialized platform to facilitate environmental volunteering, positioning itself as a pioneering service in this niche. The website is built on Drupal 10 and integrates modern analytics and consent management tools, indicating a moderate level of digital maturity. However, the absence of visible privacy policies and security headers suggests room for improvement in compliance and security practices. The website content is accessible without any WAF or security challenges, and the content is safe for general audiences. Overall, the platform appears legitimate and focused on its mission, but enhancing security and privacy transparency would strengthen trust and compliance.

C

Commune de Kopstal

kopstal.lu

50

The Commune de Kopstal website serves as the official digital presence for the local government of Kopstal, Luxembourg. It provides residents and visitors with comprehensive information about municipal services, news, events, publications, and administrative procedures. The site is well-structured, professionally designed, and targets local citizens and stakeholders. The business model is typical of a government entity focused on public service delivery and community engagement. Technically, the website is built on Drupal 10, leveraging modern web technologies including Tailwind CSS and Alpine.js for frontend interactivity. It integrates Piwik PRO for analytics and Usercentrics for GDPR-compliant cookie consent management, indicating a mature digital infrastructure with attention to privacy and user experience. The site is mobile-optimized and accessible, with good SEO practices. From a security standpoint, the site enforces HTTPS and implements cookie consent mechanisms. However, there is a lack of visible security headers and no published security or incident response policies, which are areas for improvement. The absence of WHOIS data due to a failed query reduces domain registration transparency, though the official .lu domain and consistent branding support legitimacy. Overall, the website is a reliable and professional government portal with strong content and technical foundations but could enhance its security posture and transparency regarding domain registration and privacy policies.

F

Fédération Cinov

cinov.fr

48

Fédération Cinov is a well-established French federation representing 15 professional syndicats and over 4,000 member companies in the intellectual services sector, including consulting, engineering, and digital services. The organization provides a broad range of services including legal assistance, insurance, training, events, and advocacy, positioning itself as a key representative body within the BETIC branch. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its professional audience. Technically, the site is built on Drupal 10, employs modern analytics (Matomo), and integrates Google reCAPTCHA v3 for form security, indicating a good level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site is trustworthy, professional, and well-aligned with the federation's business objectives.

A

Aller Media AS

aller.no

10

Aller Media AS is a leading Norwegian media and service conglomerate with a strong digital presence and a broad portfolio of digital sites. The company focuses on delivering quality content and unique services daily to inform, entertain, and inspire its audience. Their business model revolves around digital media publishing, subscription services, and advertising, targeting a general Norwegian audience. The website is professionally designed using Drupal 10 CMS, with good mobile optimization and clear navigation, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML content. However, there is a lack of explicit security headers and no visible cookie consent mechanism, which are areas for improvement. No vulnerability disclosure or incident response information is published, which could enhance trust and compliance. The WHOIS data aligns well with the website's business claims, indicating legitimacy and consistency. Overall, the website scores well on content quality, business credibility, and technical implementation but could improve its security posture and privacy compliance. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and establishing vulnerability disclosure channels to strengthen security and compliance.

VINCI is a global leader in concessions, energy services, and construction, operating in over 120 countries with a workforce of approximately 285,000 employees. The company emphasizes sustainability, energy transition, and social progress, positioning itself as a responsible corporate citizen. The website reflects a mature digital presence with comprehensive corporate information, news updates, and engagement initiatives targeting investors, partners, job seekers, and the general public. Technically, the site is built on Drupal 10, integrates Matomo for analytics, and uses Tarteaucitron.js for cookie consent management, indicating a focus on privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, though some security headers could be enhanced. HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were detected. Security posture is solid but could be improved by publishing explicit security policies and vulnerability disclosure mechanisms. The WHOIS data is missing or inaccessible for the queried domain, which is a minor concern but likely due to privacy protection or query format. Overall, the site is trustworthy and professionally maintained. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a formal vulnerability disclosure process to further strengthen trust and compliance.

EDF Obligation d’Achat is a public service entity under EDF responsible for managing the obligation to purchase energy produced by installations at regulated tariffs in France. The website serves multiple audiences including individual producers, professionals, mandataires, and buyers, providing resources, contract simulations, and support. The site is well-branded, consistent with EDF corporate identity, and offers comprehensive information aligned with its mission to support sustainable energy production. Technically, the site is built on Drupal 10, uses modern web technologies, and is hosted via Akamai CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and a public security policy are absent. WHOIS data is not publicly available, likely due to AFNIC policies or privacy protection, which slightly reduces trust but is not uncommon for French domains. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

C

Confédération générale des Scop et des Scic

pourunautremodeledesociete.coop

39

The website pourunautremodeledesociete.coop represents the Confédération générale des Scop et des Scic, a French non-profit organization dedicated to supporting cooperative societies. It serves as a hub for information about cooperative congresses, partners, and the cooperative network across France. The site targets cooperative members, stakeholders, and the general public interested in cooperative models. The business model is non-profit and focused on advocacy, networking, and resource provision within the cooperative sector. The organization is well-established with a domain registered in 2021 and a consistent brand presence.

G

Groupement National de la Cooperation

entreprises.coop

55

Coop FR represents a large network of French cooperative enterprises, promoting the cooperative business model characterized by democratic governance and equitable profit sharing. The organization serves as a national voice for over 23,000 cooperatives employing 1.3 million people. The website provides resources, news, testimonials, and event information to support and promote the cooperative movement in France. Technically, the site is built on Drupal 10, hosted on OVH infrastructure, and uses Matomo analytics with privacy-conscious settings. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital presence. Security posture is solid with HTTPS enabled and no exposed sensitive data, though additional security headers and a formal security policy could enhance protection. Privacy compliance is supported by visible cookie consent and a privacy policy, aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-aligned with its business mission.

A

Avise

avise.org

56

Avise is a French non-profit organization dedicated to providing resources and support for the social and solidarity economy (ESS). The website serves as a key platform for social entrepreneurs, public and private stakeholders, and actors within the social economy sector, offering information, tools, and support to foster social innovation. The organization positions itself as a central resource in the French ESS ecosystem, focusing on knowledge dissemination and capacity building. Technically, the website is built on Drupal 10, leveraging modern web technologies including FontAwesome for icons and Matomo alongside Google Tag Manager for analytics. The site demonstrates good mobile optimization and a professional design, although some accessibility features could be enhanced. Performance is moderate, with room for improvement in loading speed and SEO. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with high privacy settings, indicating awareness of privacy regulations. However, no explicit privacy policy or terms of service pages were detected in the provided content, and security headers appear to be missing or unreported. No vulnerability disclosure or incident response information is available, which could be improved to enhance trust and compliance. Overall, the site appears legitimate and professionally maintained, but the absence of WHOIS data and explicit privacy/legal documentation limits full trust assessment. Strategic recommendations include publishing comprehensive privacy and terms policies, enhancing security headers, and providing clear contact and incident response information to strengthen compliance and user trust.

C

Club des Anciens Cooperateurs

clubdesancienscooperateurs.coop

52

The Club des Anciens Cooperateurs is a French non-profit organization dedicated to maintaining connections among retired members of the cooperative movement (Scop). The website serves as a community hub, offering information about the club, its activities, publications, and cooperative history. It targets retired cooperators and those interested in cooperative experiences and history. The organization appears small and focused on community engagement within the cooperative sector in France. Technically, the website is built on Drupal 10, leveraging Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and includes a cookie consent mechanism compliant with GDPR. The domain is registered with Domains.coop Limited, consistent with the cooperative branding and French origin. No blocking or WAF challenges were detected, and the site is fully accessible. From a security perspective, HTTPS is properly implemented, but there is room for improvement in security headers and publishing explicit security policies or incident response contacts. The WHOIS data is transparent and consistent, supporting the site's legitimacy. The contact email is a generic personal email, which may affect perceived professionalism. Overall, the website presents a trustworthy, well-maintained community platform with good privacy compliance and moderate security posture. Strategic improvements in security policies and contact professionalism would enhance trust and security posture further.

L

La Mutuelle des Scop et des Scic

mutuelledesscop.fr

61

La Mutuelle des Scop et des Scic is a French mutual insurance organization specializing in health and provident coverage tailored for cooperative enterprises and their members, including active and retired cooperators. The website positions itself as a niche mutual insurer emphasizing solidarity and cooperative values, offering multiple health insurance plans adapted to various cooperative sectors and individual needs. The company operates with a medium-sized footprint, founded in 2017, and maintains a consistent brand presence with clear governance and compliance with GDPR regulations. Technically, the website is built on Drupal 10, hosted by OVH, and employs modern web technologies with good mobile optimization and accessibility. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, although formal security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with privacy standards, with a moderate to good technical and security maturity level.

U

Union Regionale des SCOP Languedoc Roussillon

alterincub.coop

51

Alter'Incub is a well-established French network of incubators specializing in social and environmental innovation. Founded in 2007 and operated by the Union Regionale des SCOP Languedoc Roussillon, it supports entrepreneurs across multiple French regions with incubation services, webinars, and community resources. The website reflects a professional and consistent brand presence with clear regional offices and contact points. Technically, the site is built on Drupal 10, employs modern web standards, and includes GDPR-compliant cookie consent mechanisms. Security posture is adequate with HTTPS enabled, though additional security headers and DNSSEC could improve resilience. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a mature digital presence aligned with its cooperative and non-profit mission.

F

Fédération SCOP Communication

fdcom.coop

53

The Fédération SCOP Communication is a French cooperative federation representing 270 cooperative enterprises in the communication and culture sectors. Established in 2004, it serves as a network and support organization providing services such as RSE engagement, visibility enhancement, thematic meetings, personalized support, and representation in paritary bodies. The website reflects a professional and consistent brand image targeting cooperative communication businesses and stakeholders. Technically, the site is built on Drupal 10, employs modern analytics tools like Matomo and Google Tag Manager, and implements GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS and cookie management, though some improvements like DNSSEC and security headers are recommended. The domain registration data aligns well with the business identity, indicating high legitimacy. Overall, the site is well-structured, content-rich, and trustworthy.

F

Fédération des Coopératives d'Activité et d'Emploi

les-cae.coop

51

The Fédération des Coopératives d'Activité et d'Emploi is a French federation supporting the creation and development of cooperative business models known as CAE. The organization promotes the entrepreneur salarié and associé status, providing resources, networking, training, and advocacy for cooperative enterprises. The website is well-structured, professionally designed, and targets entrepreneurs and cooperatives in France. Technically, the site is built on Drupal 10, uses Matomo for analytics, and includes modern web technologies with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies are missing. The domain registration is consistent with the business claims and shows no suspicious patterns. Overall, the website demonstrates a mature digital presence with good business credibility and compliance with GDPR.

U

UR SCOP OUEST

les-scop-ouest.coop

53

UR SCOP OUEST is a regional cooperative union based in Western France, dedicated to supporting and promoting the Scop and Scic cooperative models. The organization provides a range of services including business creation, transmission, transformation, acceleration, training, and cooperative revision. It serves cooperative entrepreneurs and members within the Ouest region, positioning itself as a key regional player in the cooperative ecosystem. The website reflects a professional and consistent brand image with comprehensive content tailored to its audience. Technically, the website is built on Drupal 10, leveraging modern web technologies and providing good mobile optimization and accessibility. The site uses Matomo and Google Tag Manager for analytics, with a clear cookie consent mechanism in place, demonstrating a mature approach to privacy compliance. Hosting appears to be managed by insite.coop, with DNS and SSL configurations generally good, though DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and employs consent management for cookies. However, it lacks DNSSEC and explicit Content-Security-Policy headers, which are recommended for enhanced security. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business identity, indicating legitimacy and trustworthiness. Overall, the website presents a low-risk profile with strong business credibility and good privacy practices. Strategic improvements in DNS security and security headers would further strengthen its posture.

U

UR SCOP MIDI PYRENEES

scopoccitanie.coop

51

The website represents UR SCOP MIDI PYRENEES, a regional cooperative union serving the Occitanie region in France. It provides support, training, and networking services to cooperative businesses such as Scop and Scic. The site is well-structured, professionally designed, and targets cooperative entrepreneurs and members in the region. It leverages Drupal 10 CMS and integrates modern analytics and cookie consent tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent, though some security headers and explicit policies could be improved. The domain registration aligns well with the business identity, enhancing trustworthiness. Overall, the site is a credible and professional resource for cooperative businesses in Occitanie.

U

Union Regionale des SCOP Aquitaine

les-scop-nouvelle-aquitaine.coop

55

Union Régionale Nouvelle Aquitaine is a regional cooperative support organization dedicated to promoting and assisting SCOP and related cooperative enterprises in the Nouvelle-Aquitaine region of France. The organization provides a comprehensive range of services including business creation support, business transmission to employees, business takeover assistance, association transformation, training, and network animation. It targets cooperative entrepreneurs, associations, and regional stakeholders, positioning itself as a key regional leader in the cooperative sector. The website reflects a professional and consistent brand image aligned with its mission. Technically, the website is built on Drupal 10, leveraging modern web technologies and providing a responsive, accessible, and SEO-optimized user experience. The site integrates multiple analytics and marketing tools with a strong emphasis on privacy compliance, including a cookie consent mechanism and GDPR-aligned privacy policy. Hosting details are not explicitly disclosed but DNS and domain registration indicate a cooperative-focused infrastructure. From a security perspective, the site uses HTTPS with good SSL configuration and cookie consent management. However, there is room for improvement in security headers and explicit security policies or incident response disclosures. No vulnerabilities or suspicious activities were detected. The WHOIS data is consistent with the organization's identity and domain age is appropriate for its business history. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic recommendations include enhancing DNS security with DNSSEC, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

U

URSCOP ILE DE FRANCE

les-scop-idf.coop

55

The website represents URSCOP ILE DE FRANCE, a regional cooperative union established in 2010, focused on supporting and federating cooperative enterprises such as Scop and Scic in Île-de-France, Centre-Val de Loire, and overseas territories. It offers services including accompaniment for business creators, cédants, associations, and employee buyers, as well as training and networking opportunities. The site is well-positioned as a regional leader in the cooperative ecosystem with strong partnerships and a clear mission. Technically, the website is built on Drupal 10, leveraging modern analytics tools like Matomo and Google Tag Manager with privacy-conscious configurations. The site is mobile-optimized, accessible, and SEO-friendly, hosted on a cooperative-oriented infrastructure. Performance is moderate with good technical implementation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit security policy or incident response contacts are published. No vulnerabilities or suspicious content were detected. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the website is trustworthy, professional, and well-maintained, serving its cooperative audience effectively. Strategic improvements could focus on enhancing security headers, publishing security policies, and enabling DNSSEC to further strengthen trust and resilience.

U

URSCOP Grand Est

les-scop-grandest.coop

49

The website www.les-scop-grandest.coop represents URSCOP Grand Est, a regional cooperative union in France supporting SCOP, SCIC, and CAE cooperative enterprises. It provides accompaniment, training, networking, and resources to cooperative businesses in the Grand Est region. The site is well-structured, professionally designed, and targets cooperative entrepreneurs and stakeholders. Technically, it is built on Drupal 10, hosted on insite.coop, and optimized for mobile with good SEO and accessibility. Security posture is solid with HTTPS and secure forms, though improvements like DNSSEC and additional security headers are recommended. Privacy and cookie policies are present and GDPR compliant. Contact information is clearly provided, enhancing trust. No adult or questionable content is present, making it safe for general audiences.

U

URSCOP Bourgogne France-Comte

les-scop-bfc.coop

55

The website www.les-scop-bfc.coop represents the Union Régionale Bourgogne Franche Comté, a regional cooperative organization supporting the creation, takeover, transformation, and transmission of businesses under the Scop and Scic cooperative models. Established in 2010, it serves the Bourgogne-Franche-Comté region in France, providing services such as business accompaniment, training, and network facilitation. The site targets entrepreneurs, cooperative members, associations, and employees interested in cooperative business structures. The business model is focused on regional cooperative development and support, positioning itself as a key player in the cooperative ecosystem within its region. Technically, the website is built on Drupal 10, indicating a modern and maintainable CMS platform. The site is mobile-optimized, accessible, and SEO-friendly with clear navigation and professional design. Hosting appears to be managed by insite.coop, with domain registration consistent with the business entity. Analytics are implemented via Matomo and LinkedIn Insight, with moderate user tracking and basic privacy compliance mechanisms including cookie consent. From a security perspective, the site uses HTTPS with good SSL configuration but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms legitimacy and consistency with the business claims. Overall, the site demonstrates a solid security posture but could improve by enabling DNSSEC, adding security headers, and publishing formal security policies. The overall risk is low with no signs of malicious activity or suspicious content. Strategic recommendations include enhancing security policies, improving privacy compliance transparency, and implementing vulnerability disclosure mechanisms to further strengthen trust and security culture.

U

Union régionale des Scop et Scic Auvergne-Rhône-Alpes

scop.org

57

Union régionale des Scop et Scic Auvergne-Rhône-Alpes operates as a regional cooperative network supporting cooperative entrepreneurs and enterprises in the Auvergne-Rhône-Alpes region of France. The organization provides a comprehensive range of services including entrepreneurial accompaniment, training, financial support, and networking opportunities. It holds a strong market position as the leading cooperative support network in the region, supported by partnerships with regional authorities and the European Union. The website reflects a professional and consistent brand image, targeting cooperative entrepreneurs and social economy actors. Technically, the website is built on Drupal 10, leveraging modern web technologies and privacy-conscious analytics tools such as Matomo. It integrates social media and tracking scripts responsibly with a cookie consent mechanism in place. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. From a security perspective, the site enforces HTTPS and employs privacy-respecting analytics. However, it lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is common and justified for this type of organization. Overall, the security posture is solid but could be improved with additional transparency and security controls. The overall risk assessment is low, with the site demonstrating good business credibility, technical implementation, and privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

A

ARESCOP

revisioncooperative.coop

56

The website revisioncooperative.coop represents ARESCOP, a cooperative network focused on providing cooperative revision and auditing services to Scop, Scic, and Coop47 entities in France. The platform serves as an informational and contact portal, offering regional office details and testimonials to support cooperative governance. The business model is non-profit and cooperative-oriented, targeting cooperative enterprises and their members across France. Technically, the website is built on Drupal 10, leveraging modern web technologies including FontAwesome for icons and Matomo for analytics, complemented by a GDPR-compliant cookie consent mechanism (tarteaucitron). The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting details are not explicit. From a security perspective, the site enforces HTTPS and uses cookie consent tools but lacks advanced security headers and a published security policy or incident response contacts. The domain registration is consistent with the business, registered under ARESCOP in France since 2019, indicating legitimacy. No WAF or blocking mechanisms are detected. Overall, the site is professional, trustworthy, and compliant with privacy regulations, with room for improvement in security hardening and transparency regarding incident response and vulnerability disclosure.

S

SOCODEN

financer-les-scop.coop

53

The website financer-les-scop.coop serves as a financial resource platform for the cooperative movement of Scop and Scic in France, operated by SOCODEN. It offers a range of financial tools including participative loans, treasury loans, bank loan guarantees, equity financing, and real estate financing tailored to cooperative enterprises. The site is well-positioned within the French cooperative ecosystem, supported by a network of related cooperative organizations and federations. Technically, the site is built on Drupal 10, integrates modern analytics tools such as Matomo and Google Tag Manager, and employs a robust cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enabled and no exposed sensitive data, although DNSSEC is not enabled and some security headers could be improved. Overall, the site is professional, trustworthy, and provides clear contact information and social media presence, supporting its credibility and user engagement.