Security Directory

P

PPF a.s.

ppf.cz

72

PPF Group is a well-established international investment group founded in 1991 in the Czech Republic, operating in 25 countries across Europe, North America, and Asia. The company manages a diversified portfolio spanning telecommunications, media, financial services, e-commerce, real estate, biotechnology, and mobility sectors. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting investors, partners, and the public. Technically, the site uses modern frameworks such as Next.js and React, supported by DatoCMS, and integrates Google Tag Manager and reCAPTCHA Enterprise for analytics and security. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not publicly disclosed. The domain WHOIS data is privacy protected, consistent with European domain registration norms, and the website content aligns with the company's stated business profile. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

X

Xcruiter

xcruiter.no

49

Xcruiter is a Norwegian-based technology company founded in 2023 that provides an AI-powered recruitment platform designed to streamline and enhance the hiring process for businesses. Their solution focuses on lead generation, smart advertising, and automation to connect companies with quality candidates efficiently. The company targets businesses looking to improve recruitment outcomes and job seekers interested in new opportunities. The website demonstrates a professional and consistent brand presence with clear messaging and calls to action. Technically, the site is built on WordPress using the Themway theme and integrates multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, LinkedIn Insight Tag, Hotjar, and Microsoft Clarity, indicating a mature digital marketing strategy. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, reflecting awareness of GDPR requirements. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though explicit security headers and incident response policies are absent. The domain registration aligns well with the company's founding date and business claims, supporting legitimacy. Overall, the website is well-constructed, secure, and business-focused, suitable for its target audience.

The website www.loire-atlantique.fr is the official digital portal for the Département de Loire-Atlantique, a regional government entity in France. It provides comprehensive information and services related to social aids, culture, sports, environment, education, tourism, and local governance. The site targets residents and visitors of the Loire-Atlantique region, offering a broad range of public service resources and community engagement tools. The business model is that of a government information portal, focusing on public service rather than commercial revenue generation. Technically, the site is built on the Jalios JCMS platform, leveraging modern web technologies including Google Analytics and Google Tag Manager for user analytics, and Orejime for cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a professional and consistent design. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers such as Content-Security-Policy and X-Content-Type-Options. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of published security policies or incident response contacts is a gap in transparency and readiness. Overall, the site is trustworthy and professional, serving as a reliable government resource. However, the WHOIS data is missing, which limits domain legitimacy verification. This may be due to AFNIC policies or query limitations. The site should consider publishing security policies and vulnerability disclosure information to enhance trust and compliance.

Plus que pro Solution is a French business-oriented website offering a comprehensive solution aimed at small and medium enterprises (TPME) to protect their reputation, enhance their know-how, and improve overall business performance. The website positions itself as a trusted partner for TPMEs, leveraging digital tools and reputation management services. The content is professionally presented, targeting a French-speaking audience with clear business value propositions. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and SEO-optimized infrastructure. The presence of multiple analytics and marketing tools such as Google Analytics, Matomo, and Microsoft Clarity shows a mature approach to data-driven marketing and user behavior analysis. Security-wise, the site uses HTTPS and has no visible critical vulnerabilities or exposed sensitive data, but lacks some security headers and explicit privacy and cookie policies, which are important for GDPR compliance. The absence of WHOIS registration data is a concern for domain legitimacy and trust, although the website content and technical setup appear professional. Overall, the site demonstrates a solid business and technical foundation but would benefit from enhanced privacy compliance and clearer contact and security policies.

W

WS Interactive

ws-interactive.fr

55

WS Interactive is a well-established French web agency based in Toulouse, offering tailored digital solutions including website creation, mobile app development, SEO, and UX/UI design. With over 25 years of experience, the agency targets businesses seeking high-quality digital presence and marketing strategies. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital infrastructure. Technically, the site runs on WordPress with modern JavaScript libraries and employs analytics tools like Matomo and Google Tag Manager, alongside privacy-compliant cookie consent mechanisms. Security posture is solid with HTTPS and CAPTCHA protections, though explicit security headers and policies could be enhanced. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the professional presentation and compliance. Overall, WS Interactive demonstrates a strong market position in the technology sector with a focus on quality and client engagement.

P

Pays de La Loire Coopération Internationale

paysdelaloire-cooperation-internationale.org

49

Pays de La Loire Coopération Internationale operates as a regional multi-actor network dedicated to supporting international cooperation and solidarity projects within the Pays de la Loire region in France. The organization provides a comprehensive suite of services including networking, training, project support, and resource dissemination, positioning itself as a key regional player in the non-profit sector focused on international development and cooperation. The website reflects a professional and well-structured digital presence, leveraging modern web technologies and SEO best practices to engage its target audience effectively. Technically, the website is built on WordPress with a robust tech stack including Bootstrap, jQuery, and various plugins for SEO, GDPR compliance, and user engagement. The site is mobile-optimized, accessible, and performs moderately well, with room for improvement in security headers and hosting transparency. Privacy compliance is well addressed with clear policies and consent mechanisms. From a security perspective, the site enforces HTTPS and employs cookie consent management, but lacks visible security headers and publicly available incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust verification, though the website content and partner affiliations suggest legitimacy. Overall, the site presents a low-risk profile with strong business credibility and privacy compliance, suitable for its non-profit mission. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving WHOIS transparency to bolster trust and security posture.

EDF Obligation d’Achat is a public service entity under EDF responsible for managing the obligation to purchase energy produced by installations at regulated tariffs in France. The website serves multiple audiences including individual producers, professionals, mandataires, and buyers, providing resources, contract simulations, and support. The site is well-branded, consistent with EDF corporate identity, and offers comprehensive information aligned with its mission to support sustainable energy production. Technically, the site is built on Drupal 10, uses modern web technologies, and is hosted via Akamai CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and a public security policy are absent. WHOIS data is not publicly available, likely due to AFNIC policies or privacy protection, which slightly reduces trust but is not uncommon for French domains. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

F

FAMILY ACE investiční společnost, a.s.

familyace.cz

48

Family Ace is a Czech investment management company specializing in managing investment funds in which they invest their own capital, emphasizing transparency, long-term relationships, and meaningful returns. The company targets investors seeking safer equity investments and operates primarily within the Czech financial sector. Their website reflects a professional and consistent brand image, providing clear information about their services, company background, and investor resources. The company was founded in 2021 and maintains a small but focused market presence.

B

Broadcast

broadcastnow.co.uk

69

Broadcast is a UK-based media publication specializing in television and radio industry news, commentary, jobs, data, and analysis. It serves broadcast professionals and media stakeholders with comprehensive industry coverage, including ratings, events, and awards. The website demonstrates a mature digital presence with modern technologies such as Google Tag Manager, OneTrust cookie consent, and CDN delivery via Amazon Cloudfront. The content is professionally curated and targeted at industry insiders, supporting a subscription and advertising business model. Security posture is solid with HTTPS and cookie consent, though some security headers could be improved. Privacy compliance is basic with no explicit privacy policy detected in the provided content. WHOIS data for the exact queried domain is unavailable due to domain naming rules, but the website content and structure indicate a legitimate and established business. Overall, the site is well-positioned in the broadcast media sector with good technical and content quality.

Le Pot Commun is a French fintech platform operated by Unty, specializing in online collective money pooling for occasions such as birthdays, departures, and solidarity causes. The platform offers a user-friendly, secure, and free-to-use service with optional fees on certain payment methods. It holds regulatory registration as an Intermédiaire en Financement Participatif (IFP) under ORIAS, enhancing its legitimacy. Technically, the website leverages modern frameworks like React and Next.js, integrates multiple analytics and marketing tools, and enforces strong security practices including HTTPS and 3D Secure payments. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. No blocking or WAF challenges were detected, and the site demonstrates excellent design, navigation, and trust indicators. However, no public vulnerability disclosure or incident response contacts were found, which could be improved for transparency and security readiness.

U

Ulule

ulule.com

67

Ulule is a professional crowdfunding platform focused on enabling creative and sustainable projects. It offers crowdfunding services, certified training courses, and a store featuring sustainable brands. The platform targets creators, entrepreneurs, and individuals seeking to launch and finance projects, positioning itself as a top service in its niche. The website demonstrates a modern technical infrastructure using Next.js, React, and integrates analytics and error monitoring tools such as Google Tag Manager, Plausible Analytics, and Sentry. The design is professional, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is strong with HTTPS enforced and use of monitoring tools, though explicit security headers and policies are not evident in the provided content. WHOIS data is unavailable or privacy protected, which limits transparency but is common for commercial sites. No blocking or WAF challenges were detected, and the site content is safe for general audiences.

T

Tech.co

tech.co

70

Tech.co is a well-established technology news and advice platform providing the latest news, reviews, and expert guidance to help businesses and technology enthusiasts stay informed and grow securely. The website targets professionals and business owners interested in technology trends and practical advice. The platform operates primarily as a media and content publisher with monetization through advertising and affiliate marketing. Technically, Tech.co is built on WordPress with modern SEO and analytics tools, including Yoast SEO, Google Tag Manager, and OneTrust for cookie consent, reflecting a mature digital infrastructure. The site is mobile-optimized, fast-loading, and accessible, ensuring a positive user experience. Security-wise, the site enforces HTTPS, employs security headers, and integrates fraud detection scripts, demonstrating a solid security posture. However, it lacks a dedicated security policy or incident response contact, which could be improved. Overall, Tech.co presents a trustworthy, professional, and compliant online presence with strong business credibility and technical maturity.

T

The Shift Project

theshiftproject.org

62

The Shift Project is a French non-profit think tank established in 2010, dedicated to advancing the decarbonization of the economy through rigorous scientific research and policy influence. It targets professionals, leaders, and stakeholders across sectors such as energy, transport, agriculture, industry, and public administration. The organization operates with a strong volunteer network and produces publications, reports, and events to inform and engage its audience. Technically, the website is built on WordPress with a modern Flynt theme, leveraging analytics tools like Matomo, Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. The site is hosted by OVH sas, uses HTTPS, and demonstrates good mobile optimization and accessibility. While no explicit security headers were detected, the site follows good security practices with secure forms and domain registration protections. From a security perspective, the site maintains a good posture with HTTPS and domain status protections but could improve by enabling DNSSEC and implementing security headers such as CSP and HSTS. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. No incident response or vulnerability disclosure policies were found publicly. Overall, the website is professional, trustworthy, and well-positioned in its niche. It exhibits strong content quality and business credibility, with moderate technical and security scores. Strategic improvements in security headers and public security policies would enhance its posture further.

N

Nadační Fond Hyundai

nadacnifondhyundai.cz

47

Nadační Fond Hyundai is a small non-profit foundation established in 2007, focused on supporting civil society development and community projects primarily in the Czech regions of Frýdek-Místek and Nový Jičín. The foundation collaborates with Hyundai Motor Manufacturing Czech and local government entities to promote environmental protection, transparency, education, and human rights. The website provides information about the foundation's mission, grant rounds, and contact details, primarily targeting local NGOs and active citizens. Technically, the website is built with basic HTML and CSS, uses Google Tag Manager for analytics, and is hosted via WEDOS. The site lacks advanced CMS or frameworks and shows basic mobile and accessibility features. Security posture is moderate with some security headers but no visible HTTPS confirmation or advanced policies. Privacy compliance is limited, with a privacy policy PDF linked but no cookie consent or GDPR details. Overall, the site is legitimate, consistent with its stated mission, and shows moderate digital maturity.

T

Tietoevry

tietoevry.com

81

Tietoevry is a leading global software and digital engineering services company specializing in digital transformation, IT, ICT, data, and AI solutions. The company targets enterprise clients seeking to leverage technology for business advantage. Their website reflects a mature digital presence with comprehensive service offerings and a strong market position in the technology sector. The site is professionally designed, mobile-optimized, and well-structured for user experience. Technically, the website employs modern technologies including Azure Application Insights for monitoring, Google Tag Manager for analytics, and OneTrust for cookie consent management, indicating a high level of digital maturity. Hosting appears to be on Microsoft Azure, supporting scalability and performance. The site demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS, uses multiple security headers, and integrates consent mechanisms for privacy compliance. No obvious vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data raises questions about domain registration transparency, though the website content and certifications strongly support legitimacy. Overall, Tietoevry's website presents a low-risk profile with strong business credibility and security posture. Strategic recommendations include enhancing transparency around domain registration, publishing incident response procedures, and maintaining vigilant third-party script audits to sustain security and trust.

A

Active Citizens Fund

activecitizensfund.cz

10

Active Citizens Fund is a Czech Republic-based non-profit grant program focused on strengthening civil society, promoting openness, tolerance, and citizen participation in public policy. The website presents a professional and consistent brand image, targeting NGOs, vulnerable groups, and civic activists. The program is supported by EEA and Norway Grants, indicating a reputable funding source. Technically, the site is built on WordPress with common plugins for GDPR compliance and user experience enhancements. The presence of Google Tag Manager indicates moderate analytics and tracking capabilities. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data is a concern for domain transparency but does not detract significantly from the site's legitimacy given the content and social media presence. Overall, the site is well-structured, accessible, and trustworthy for its intended audience.

V

VYNCKE

vyncke.com

56

VYNCKE is a well-established Belgian company specializing in the engineering and construction of biomass boilers and energy plants that convert biomass and industrial waste into clean energy. With over 100 years of experience and a global presence spanning multiple countries, VYNCKE serves a diverse industrial and energy provider audience worldwide. Their key services include thermal energy and electricity production using sustainable solid fuels, supported by a strong customer service network. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the website is built on WordPress with Elementor, leveraging modern technologies such as Google Tag Manager, Microsoft Clarity, and reCAPTCHA v3 for security and analytics. The site is well-optimized for performance, mobile responsiveness, and SEO, with a robust cookie consent mechanism ensuring GDPR compliance. However, explicit security headers and a published security policy are absent, which could be improved. Security posture is solid with HTTPS enforced and spam protection on forms, but the absence of WHOIS domain registration data raises transparency concerns. No signs of vulnerabilities or exposed sensitive data were found. Overall, the site demonstrates a mature digital presence with minor areas for security enhancement. Strategically, VYNCKE should focus on improving domain registration transparency, publishing a security policy, and implementing additional security headers to strengthen trust and compliance. These steps will enhance their security posture and business credibility in the competitive clean energy sector.

D

Domains By Proxy, LLC (registrant proxy)

claspo.io

69

Claspo.io is a SaaS platform specializing in popup builders designed to boost sales, generate leads, and increase subscriber counts for e-commerce and marketing-focused websites. The platform offers a wide range of popup templates, integrations with popular marketing and e-commerce tools such as Shopify, WordPress, Mailchimp, and HubSpot, and features like A/B testing, analytics, and campaign scheduling. The website is professionally designed with good navigation and mobile optimization, targeting businesses seeking conversion optimization solutions. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and cookie consent mechanisms, hosted on AWS infrastructure. Security posture is adequate with HTTPS and CSRF tokens but lacks visible security headers and published security policies. The domain is privacy-protected but registered with a reputable registrar and has a reasonable age consistent with a startup. Overall, the site is trustworthy and professional but could improve transparency by publishing privacy and security policies.

A

Acronis International GmbH

acronis.com

80

Acronis International GmbH is a well-established global provider of cybersecurity and data protection solutions, specializing in backup software and services for consumers, businesses, and managed service providers (MSPs). Founded in 2003, the company has positioned itself as a leader in the technology sector, offering award-winning products that protect sensitive information across various platforms. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the website employs modern web technologies including Vue.js, Matomo analytics, and Google Tag Manager, ensuring a responsive and performant user experience. Security best practices are evident with HTTPS enforcement, robust security headers, and no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, supporting the company's commitment to data protection. The security posture is strong, though the absence of a public vulnerability disclosure policy and explicit incident response contacts suggests areas for improvement. The WHOIS data is incomplete, likely due to privacy protection, but the overall trust indicators and structured data confirm the legitimacy of the domain and business. The website is free from adult or questionable content, targeting a general professional audience. Overall, Acronis demonstrates a high level of digital maturity and security awareness, making it a trustworthy and professional platform for its users.

G

Guide des Salons Bio

guide-salons-bio.com

9

Guide des Salons Bio is an online informational platform dedicated to listing organic and environmental fairs and exhibitions primarily in France and Europe. The website targets both professionals in the organic sector and the general public interested in organic lifestyle and environmental topics. It offers event listings, organizer self-registration, and visitor planning tools. The site is built on WordPress using the Yootheme theme and UIkit framework, integrating Google Analytics and Google Tag Manager for analytics and Rank Math for SEO optimization. The website demonstrates good technical maturity with responsive design, structured data, and GDPR-compliant privacy and cookie policies. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data for the domain is a notable concern, impacting trust and business credibility. Overall, the site is professional, content-rich, and trustworthy but would benefit from clearer business contact information and domain registration transparency.

L

Lita

lita.co

10

Lita is a French-based European investment platform specializing in sustainable and impact investing. It enables individual investors to support companies committed to ecological and social transition through non-listed equity and debt investments. The platform offers diverse investment opportunities including capital investment, private debt, renewable energy projects, and real estate, with accessible entry points and tax benefits. The website is professionally designed, mobile-optimized, and uses modern web technologies such as Webflow CMS, HubSpot marketing tools, and Google Tag Manager. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit privacy and security policies are not directly found on the site. WHOIS data confirms the legitimacy and consistency of the domain registration. Overall, Lita presents a trustworthy and professional platform for sustainable investment, though improvements in privacy disclosures and contact transparency are recommended.

C

Confédération générale des Scop et des Scic

pourunautremodeledesociete.coop

39

The website pourunautremodeledesociete.coop represents the Confédération générale des Scop et des Scic, a French non-profit organization dedicated to supporting cooperative societies. It serves as a hub for information about cooperative congresses, partners, and the cooperative network across France. The site targets cooperative members, stakeholders, and the general public interested in cooperative models. The business model is non-profit and focused on advocacy, networking, and resource provision within the cooperative sector. The organization is well-established with a domain registered in 2021 and a consistent brand presence.

R

Realytics

realytics.io

71

Realytics is a technology company specializing in TV analytics and total video measurement solutions designed to measure the advertising impact of cross-media TV campaigns. Positioned as a leading provider in this niche, Realytics targets advertisers, marketing professionals, and media agencies seeking data-driven insights to optimize their video advertising strategies. The website reflects a professional B2B SaaS business model with a focus on analytics services. Technically, the site is built on WordPress using modern themes and plugins such as Divi and Elementor, with integrated marketing and analytics tools including Google Analytics and LinkedIn Insight. The site demonstrates good SEO practices and mobile optimization, though some accessibility features could be enhanced. Security posture is solid with HTTPS enforced and cookie consent implemented, but could benefit from additional security headers and a formal vulnerability disclosure policy. Overall, the domain appears legitimate though WHOIS data is privacy protected, which is common for tech companies. No critical security issues or content safety concerns were identified.

P

Pour la Solidarité

pourlasolidarite.eu

51

Pour la Solidarité is an independent European think & do tank dedicated to promoting a solidary and sustainable Europe. The organization focuses on social affairs, sustainable development, diversity, social economy, and citizen participation. It operates through research, consultancy, local and European projects, and publishes various educational and analytical resources. The website is professionally designed, multilingual, and targets public and private actors engaged in solidarity and social economy sectors across Europe. Technically, the site is built on WordPress with Elementor and WPML, uses modern web technologies, and integrates Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS enabled, but lacks explicit security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve transparency and security practices.

A

Apec

apec.fr

69

Apec is a prominent French organization specializing in employment services for executives and recruitment consulting. The website offers a comprehensive range of services including job offers, career advice, recruitment tools, and consulting support through a network of 500 consultants across France. The site targets both candidates seeking executive positions and recruiters looking for qualified profiles. The business model revolves around facilitating executive employment and providing professional consulting services, positioning Apec as a key player in the French employment market. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Google Tag Manager, and OneTrust for cookie consent, built on the Jahia CMS platform. The site demonstrates good mobile optimization, accessibility features, and SEO practices, contributing to a positive user experience and professional presentation. From a security perspective, the site enforces HTTPS, uses secure login forms, and implements cookie consent mechanisms. However, it lacks some advanced security headers and does not publicly disclose a security policy or incident response contacts. The absence of WHOIS registration details slightly impacts trust but is mitigated by the professional nature of the site and clear contact information. Overall, Apec's website is a well-structured, secure, and user-friendly platform that effectively supports its business objectives. Strategic improvements in security transparency and WHOIS data disclosure could further enhance trust and compliance.

F

France Active

franceactive.org

50

France Active is a prominent non-profit organization in France dedicated to supporting engaged entrepreneurs through advice, financing, and a broad network of partners. The website presents a professional and consistent brand image, targeting social entrepreneurs and enterprises with a focus on social impact. Technically, the site is built on WordPress with Elementor, leveraging modern tracking and analytics tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and LinkedIn Insight Tag. The site is secured with HTTPS and employs reCAPTCHA to protect forms, although explicit security headers are not fully evident. Privacy and cookie policies are not clearly identified in the provided content, indicating room for improvement in compliance transparency. Overall, the website demonstrates a solid security posture and good digital maturity, but the absence of WHOIS data limits full trust verification. Strategic recommendations include enhancing security headers, improving privacy disclosures, and ensuring comprehensive contact and incident response information is available.

U

UDES

udes.fr

46

UDES is a prominent French non-profit organization representing employers in the social and solidarity economy sector. It aggregates 22 employer groups across 17 professional branches, representing over 200,000 enterprises and nearly 2.7 million employees. The website reflects a professional and consistent brand presence, targeting employers and stakeholders in the ESS sector with services including representation, social dialogue, publications, and events. Technically, the site is built on Drupal 7 with a modern front-end stack including Bootstrap and jQuery, delivering a responsive and accessible user experience. While performance is moderate, the site benefits from HTTPS and integration with Google Tag Manager and Analytics, though some libraries like jQuery are outdated. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. WHOIS data is missing, which slightly impacts trust but the overall site professionalism mitigates concerns. Overall, UDES presents a credible and authoritative online presence for its sector, with recommendations to improve security headers, update libraries, and enhance privacy compliance to strengthen trust and resilience.

A

Avise

avise.org

56

Avise is a French non-profit organization dedicated to providing resources and support for the social and solidarity economy (ESS). The website serves as a key platform for social entrepreneurs, public and private stakeholders, and actors within the social economy sector, offering information, tools, and support to foster social innovation. The organization positions itself as a central resource in the French ESS ecosystem, focusing on knowledge dissemination and capacity building. Technically, the website is built on Drupal 10, leveraging modern web technologies including FontAwesome for icons and Matomo alongside Google Tag Manager for analytics. The site demonstrates good mobile optimization and a professional design, although some accessibility features could be enhanced. Performance is moderate, with room for improvement in loading speed and SEO. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism with high privacy settings, indicating awareness of privacy regulations. However, no explicit privacy policy or terms of service pages were detected in the provided content, and security headers appear to be missing or unreported. No vulnerability disclosure or incident response information is available, which could be improved to enhance trust and compliance. Overall, the site appears legitimate and professionally maintained, but the absence of WHOIS data and explicit privacy/legal documentation limits full trust assessment. Strategic recommendations include publishing comprehensive privacy and terms policies, enhancing security headers, and providing clear contact and incident response information to strengthen compliance and user trust.

L

Les Canaux

ess2024.org

57

ESS 2024 is a non-profit program managed by Les Canaux, designed to leverage the Paris 2024 Olympic Games as a catalyst for sustainable economic development focused on social and circular economy enterprises. The program acts as an intermediary connecting public and private order givers with small and medium-sized enterprises committed to social impact, ensuring that economic benefits from the Games extend to local territories and socially responsible businesses. Supported by major stakeholders including Paris 2024 and SOLIDEO, ESS 2024 has gained recognition from the OECD as a leading European initiative in this sector. Technically, the website is built on WordPress using WPBakery Page Builder, with integrations of Google Analytics, Google Tag Manager, and accessibility tools like UserWay. The hosting provider is OVH sas, a reputable French hosting company. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Security posture is solid with HTTPS enforced and domain protections in place, but could be improved by enabling DNSSEC and adding security headers. From a security and compliance perspective, the site includes a cookie consent mechanism and a privacy policy consistent with GDPR requirements. However, no explicit security policy, incident response contacts, or vulnerability disclosure mechanisms are found. The WHOIS data is transparent and consistent with the business timeline and claims, enhancing trustworthiness. Overall, ESS 2024 presents a professional, trustworthy, and well-maintained digital presence aligned with its mission to promote social economy enterprises in the context of the Paris 2024 Olympic Games. Strategic improvements in security headers and disclosure policies could further strengthen its security posture.

S

Salon des maires et des Collectivités locales

salondesmaires.com

54

Salon des Maires et des Collectivités locales operates a professional event website targeting French local government officials and public sector stakeholders. The site promotes a major event with over 62,000 visitors and 1,450 exhibitors, positioning itself as a leading platform for local authorities in France. The business model centers on event organization, exhibitions, and networking services for the public sector. Technically, the website is built on WordPress using the Divi theme and incorporates modern SEO and analytics tools such as Yoast SEO and Google Analytics. The site demonstrates good design quality, mobile optimization, and user experience, although accessibility features are basic. Security posture is adequate with HTTPS and cookie consent mechanisms in place, but lacks advanced security headers and explicit privacy policies. The absence of WHOIS data reduces domain registration transparency, though the website content and branding suggest legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced privacy disclosures and security practices.

F

Fédération SCOP Communication

fdcom.coop

53

The Fédération SCOP Communication is a French cooperative federation representing 270 cooperative enterprises in the communication and culture sectors. Established in 2004, it serves as a network and support organization providing services such as RSE engagement, visibility enhancement, thematic meetings, personalized support, and representation in paritary bodies. The website reflects a professional and consistent brand image targeting cooperative communication businesses and stakeholders. Technically, the site is built on Drupal 10, employs modern analytics tools like Matomo and Google Tag Manager, and implements GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS and cookie management, though some improvements like DNSSEC and security headers are recommended. The domain registration data aligns well with the business identity, indicating high legitimacy. Overall, the site is well-structured, content-rich, and trustworthy.

U

UR SCOP MIDI PYRENEES

scopoccitanie.coop

51

The website represents UR SCOP MIDI PYRENEES, a regional cooperative union serving the Occitanie region in France. It provides support, training, and networking services to cooperative businesses such as Scop and Scic. The site is well-structured, professionally designed, and targets cooperative entrepreneurs and members in the region. It leverages Drupal 10 CMS and integrates modern analytics and cookie consent tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent, though some security headers and explicit policies could be improved. The domain registration aligns well with the business identity, enhancing trustworthiness. Overall, the site is a credible and professional resource for cooperative businesses in Occitanie.

U

URSCOP ILE DE FRANCE

les-scop-idf.coop

55

The website represents URSCOP ILE DE FRANCE, a regional cooperative union established in 2010, focused on supporting and federating cooperative enterprises such as Scop and Scic in Île-de-France, Centre-Val de Loire, and overseas territories. It offers services including accompaniment for business creators, cédants, associations, and employee buyers, as well as training and networking opportunities. The site is well-positioned as a regional leader in the cooperative ecosystem with strong partnerships and a clear mission. Technically, the website is built on Drupal 10, leveraging modern analytics tools like Matomo and Google Tag Manager with privacy-conscious configurations. The site is mobile-optimized, accessible, and SEO-friendly, hosted on a cooperative-oriented infrastructure. Performance is moderate with good technical implementation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit security policy or incident response contacts are published. No vulnerabilities or suspicious content were detected. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the website is trustworthy, professional, and well-maintained, serving its cooperative audience effectively. Strategic improvements could focus on enhancing security headers, publishing security policies, and enabling DNSSEC to further strengthen trust and resilience.

U

Union régionale des Scop et Scic Auvergne-Rhône-Alpes

scop.org

57

Union régionale des Scop et Scic Auvergne-Rhône-Alpes operates as a regional cooperative network supporting cooperative entrepreneurs and enterprises in the Auvergne-Rhône-Alpes region of France. The organization provides a comprehensive range of services including entrepreneurial accompaniment, training, financial support, and networking opportunities. It holds a strong market position as the leading cooperative support network in the region, supported by partnerships with regional authorities and the European Union. The website reflects a professional and consistent brand image, targeting cooperative entrepreneurs and social economy actors. Technically, the website is built on Drupal 10, leveraging modern web technologies and privacy-conscious analytics tools such as Matomo. It integrates social media and tracking scripts responsibly with a cookie consent mechanism in place. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. From a security perspective, the site enforces HTTPS and employs privacy-respecting analytics. However, it lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is common and justified for this type of organization. Overall, the security posture is solid but could be improved with additional transparency and security controls. The overall risk assessment is low, with the site demonstrating good business credibility, technical implementation, and privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

S

SOCODEN

financer-les-scop.coop

53

The website financer-les-scop.coop serves as a financial resource platform for the cooperative movement of Scop and Scic in France, operated by SOCODEN. It offers a range of financial tools including participative loans, treasury loans, bank loan guarantees, equity financing, and real estate financing tailored to cooperative enterprises. The site is well-positioned within the French cooperative ecosystem, supported by a network of related cooperative organizations and federations. Technically, the site is built on Drupal 10, integrates modern analytics tools such as Matomo and Google Tag Manager, and employs a robust cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enabled and no exposed sensitive data, although DNSSEC is not enabled and some security headers could be improved. Overall, the site is professional, trustworthy, and provides clear contact information and social media presence, supporting its credibility and user engagement.

C

Confédération générale des Scop et des Scic

jetransmetsamessalaries.fr

57

The website 'Je transmet à mes salariés' is a professionally maintained platform operated by the Confédération générale des Scop et des Scic, focusing on facilitating the transmission of businesses to employees in France. It provides comprehensive information, resources, and testimonials to support cooperative business transitions, targeting entrepreneurs, ceding business owners, employees, and accounting experts. The site leverages Drupal 10 CMS and integrates modern analytics and marketing tools such as Google Tag Manager, Matomo, and LinkedIn Insight, ensuring a robust technical infrastructure with good mobile optimization and accessibility. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, reflecting a good privacy posture. However, it lacks some advanced security headers and explicit incident response contacts, which could be improved. The absence of WHOIS registrant data is likely due to privacy protection policies common with .fr domains and does not detract from the site's legitimacy. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance with GDPR requirements. Strategically, the platform serves a niche cooperative business market in France, supported by a network of partner cooperative organizations and regional unions. It maintains a consistent brand presence across social media and offers valuable content such as e-books and video testimonials, enhancing user engagement and trust.

S

Accueil | Start-Scop le site des start-up coopératives

start-scop.fr

48

The website www.start-scop.fr serves as a dedicated platform promoting and supporting start-up cooperatives (Scop/Scic) in France. It targets young entrepreneurs seeking social utility and a sense of belonging through cooperative business models. The site offers guidance on creating, financing, and accompanying cooperative startups, showcasing successful cooperative entrepreneurs and providing news and resources. Technically, the site is built on Drupal 10 CMS, integrates Matomo and Google Analytics for tracking with privacy considerations, and uses modern web technologies including YouTube APIs. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though it lacks explicit security headers and formal privacy or security policies. The domain WHOIS data is not publicly available, typical for .fr domains or privacy-protected registrations, but the website content and activity indicate legitimacy. Overall, the site is professional, well-structured, and serves a niche cooperative entrepreneurship community effectively.

C

CGSCOP

les-scic.coop

52

The website www.les-scic.coop represents the Confédération générale des Scop et des Scic (CGSCOP), a French cooperative confederation established in 2011. It serves as a central hub for promoting and supporting Sociétés Coopératives d’Intérêt Collectif (Scic), providing resources, documentation, and networking opportunities for entrepreneurs, associations, and public entities interested in cooperative business models. The site is well-structured, professionally designed, and offers comprehensive content relevant to its target audience. Technically, the site is built on Drupal 10, leveraging modern web technologies and analytics tools such as Matomo and Google Tag Manager, with a strong emphasis on privacy compliance through cookie consent management. The site is mobile-optimized and accessible, with good SEO practices implemented. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though DNSSEC is not enabled and some security headers could be improved. From a security perspective, the site shows maturity with no signs of exposed sensitive data or malicious content. Privacy policies and cookie management are clearly presented and GDPR compliant. Contact information is transparent, including phone, address, and a contact form. No incident response or vulnerability disclosure policies were found, which could be areas for future enhancement. Overall, the website is trustworthy, professionally maintained, and aligned with the cooperative movement's values. Strategic recommendations include enabling DNSSEC, enhancing security headers, and adding explicit terms of service and vulnerability disclosure information to further strengthen trust and compliance.

K

Kolektor

kolektorsisteh.si

10

Kolektor Sisteh is a leading Slovenian technology company specializing in automation, electrical energy supply, and water management solutions. With over 30 years of experience and more than 5000 projects completed domestically and internationally, it operates as part of the larger Kolektor corporate group. The website reflects a professional and consistent brand image, targeting industrial and energy sector clients with a focus on innovative technological solutions. Technically, the site uses modern web technologies including Google Tag Manager, reCAPTCHA, and jQuery, with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS and CAPTCHA protections, though it lacks explicit security headers and incident response information. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, indicating GDPR awareness. Overall, the site is trustworthy and well-maintained, with room for improvement in security transparency and contact information visibility.

B

BiO'Pôle de Léa

biopoledelea.com

9

BiO'Pôle de Léa is a French ecological event website established in 2016, focusing on promoting environmentally conscious events unique in France. The site targets French-speaking audiences interested in ecological design and energy sectors. Technically, the website is built on WordPress using the The7 theme, with SEO optimization via Yoast and analytics through Google Tag Manager. Cookie consent is managed by CookieYes, indicating some privacy compliance efforts. Security posture is moderate with HTTPS enabled and domain status protections, but lacks DNSSEC and security headers. No privacy policy or terms of service were detected, which are areas for improvement. Overall, the site presents a professional and consistent brand image with good content quality and user experience.

L

LEA NATURE

recrutement-leanature.com

59

Léa Nature is a well-established French company specializing in organic products, operating a dedicated recruitment website to attract talent across multiple disciplines such as commercial, R&D, marketing, supply chain, production, and support functions. The website serves as a professional portal for job seekers interested in joining the group, showcasing company culture, job offers, and career opportunities. The site is built on WordPress, leveraging modern web technologies and plugins to ensure good performance, SEO, and GDPR compliance. The presence of Google Tag Manager, Hotjar, and Facebook/LinkedIn tracking pixels indicates a mature digital marketing and analytics setup. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit incident response disclosures. Overall, the site is professional, trustworthy, and well-aligned with the company's business objectives.

C

Compagnie Léa Nature

compagnie-leanature.com

60

Compagnie Léa Nature is a prominent French manufacturer specializing in organic and natural products across food, health, beauty, and home care sectors. Established in 1993, the company operates as a collective of family-owned businesses united by a commitment to bio-responsibility and sustainability. Their market position is strong as the leading French manufacturer in their niche, supported by a diverse portfolio of brands and active philanthropic engagement in environmental and social causes. The website reflects a professional and comprehensive digital presence, optimized for performance, accessibility, and SEO, leveraging WordPress and modern web technologies. Security measures include HTTPS, GDPR-compliant cookie management, and anti-bot protections, although some security headers could be enhanced. No critical vulnerabilities or suspicious activities were detected. Overall, the site demonstrates a mature security posture and compliance with privacy regulations, supporting the company's credibility and trustworthiness.

F

Fondation Inserm

fondation-inserm.org

58

Fondation Inserm is a French non-profit foundation established in 2023 to support the medical research missions of Inserm by developing private funding from donors including individuals and companies. The foundation focuses on advancing health and biomedical research, promoting scientific knowledge dissemination, and supporting research teams through funding innovative programs, acquiring advanced equipment, and recruiting research talents. The website is professionally designed using WordPress and Elementor, with good mobile optimization and accessibility features. It includes a GDPR-compliant cookie consent mechanism and integrates Google Tag Manager for analytics. Security posture is good with HTTPS enforced and domain registration consistent with the organization's identity, though security headers and explicit privacy policies are not detected in the provided content. No direct contact emails or phone numbers are found, but social media presence is established on Instagram, LinkedIn, and Facebook. Overall, the site presents a trustworthy and professional image aligned with its mission as a healthcare non-profit foundation.

I

Institut français NL

institutfrancais.nl

45

Institut français NL is a medium-sized non-profit organization dedicated to fostering Franco-Dutch cooperation in culture, education, research, and the French language. The organization offers a variety of programs including artist residencies, language courses, scholarships, and professional mobility initiatives. The website reflects a well-established institution with a clear mission and a broad network of partners across the Netherlands. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted by OVH with DNSSEC enabled, indicating a secure and stable infrastructure. Security posture is good with HTTPS enforced and use of hCaptcha for form protection, though additional security headers and policies could enhance the overall security framework. Privacy compliance is strong with clear policies and cookie consent mechanisms in place. Overall, the website is professional, trustworthy, and well-positioned to serve its target audience effectively.

S

Spirála Ostrava, z.ú.

spiralaostrava.cz

60

Spirála Ostrava, z.ú. is a Czech non-profit organization dedicated to supporting and providing opportunities for people with mental illnesses and handicaps. Their services include social rehabilitation, sheltered employment such as catering, sewing workshops, and green maintenance, as well as educational initiatives like the CareJam center. The organization is regionally focused within the Moravskoslezský kraj and collaborates with various governmental and private partners. The website reflects a well-structured, content-rich platform with clear navigation and professional design, targeting clients, partners, and the local community. Technically, the site is built on the Webnode CMS platform, uses HTTPS, and integrates common analytics and marketing tools, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data limits domain registration trust analysis, but the website content and external references support legitimacy. Overall, the site is safe, compliant with GDPR, and professionally maintained.

C

Canopée

canopee.ong

59

Canopée is a French non-profit organization dedicated to protecting forests through expert investigations, advocacy, and citizen mobilization. The website positions itself as a credible and active player in environmental protection with a clear mission and multiple ongoing campaigns. Technically, the site is built on WordPress with modern analytics and consent management tools, showing good digital maturity and compliance with privacy regulations. Security posture is solid with HTTPS and cookie consent, though some security headers could be improved. The domain WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the site is trustworthy, professional, and well-maintained.

W

WebHouse, s.r.o.

mlady-vedec.eu

41

Mladý vedec is a Slovak-based e-commerce retailer specializing in scientific and technical toys, educational kits, and related products aimed at children, students, and educators. The website offers a broad range of categories including physics, biology, astronomy, robotics, and chemistry, positioning itself as a niche educational toy provider in Slovakia. The business model focuses on online sales with a clear target audience interested in educational and science-related products. The site is branded consistently and provides clear contact information, enhancing trustworthiness.

E

Edumania

edumania.sk

58

Edumania is a Slovakian e-commerce retailer specializing in educational toys, kits, and games designed for curious children who enjoy learning through play. The website is professionally designed, leveraging the Shoptet e-commerce platform, and offers a well-structured catalog with clear navigation and product categorization by area, type, and age. The business targets parents and educators seeking quality educational products in Slovakia. Technically, the site uses modern web technologies including jQuery, Google Analytics, Facebook SDK, and slick carousel for UI components, hosted on Shoptet's CDN infrastructure. The site is mobile-optimized and includes accessibility features, though some improvements could be made.

D

dacia

dacia.ma

71

The website www.dacia.ma serves as the official Moroccan portal for the Dacia automotive brand, part of the Renault Group. It provides comprehensive information on vehicle models, pricing, financing options, after-sales services, and dealer locations. The site targets consumers in Morocco interested in purchasing new or used Dacia vehicles, offering a user-friendly interface with vehicle configurators and test drive booking features. Technically, the site leverages modern web technologies including React, Google Tag Manager, and Google Analytics, ensuring a responsive and well-structured user experience. Security measures such as HTTPS and security headers are implemented, though explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS data for the domain is a notable anomaly, reducing trust scores despite the professional presentation and strong brand alignment. Overall, the site is well-designed and functional, with room for improvement in transparency and direct contact information to enhance trust and compliance.