Security Directory

B

Bpifrance Création

prediagentreprise.fr

64

Bpifrance Création is a French government-backed institution providing resources and tools to support entrepreneurs in creating or taking over businesses. The website offers informational content and a prediagnostic tool for business transmission and takeover, currently under redevelopment. The site targets French entrepreneurs and provides access to the Pass Créa platform for project construction. Technically, the site is built on Drupal 10 with modern JavaScript libraries and includes a chatbot for user assistance. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy and cookie policies are present and GDPR compliant, though explicit security and incident response policies are not found. Overall, the website is professional, trustworthy, and well-structured, serving as a reliable resource for its audience.

I

InPost sp. z o.o.

inpost.pl

71

InPost sp. z o.o. operates a comprehensive parcel delivery and logistics platform primarily serving individual customers and businesses in Poland. The company is a market leader in parcel lockers (Paczkomat®) and courier services, offering a wide range of shipping options including international shipments and fulfillment services. The website reflects a mature digital presence with a professional design, clear navigation, and mobile optimization. Technically, the site uses Drupal CMS, integrates Google Tag Manager and Didomi for consent management, and employs modern JavaScript frameworks. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The WHOIS data confirms domain legitimacy and long-term operation since 2006. Overall, the website is trustworthy, compliant with GDPR, and provides a positive user experience.

The U.S. Securities and Exchange Commission (SEC) operates the website www.sec.gov as the official federal government portal for securities regulation, investor protection, and market oversight. The site provides comprehensive resources including filings search, rulemaking activities, enforcement news, and educational materials targeted at investors, businesses, and market participants. The SEC is a large, enterprise-level government agency with a long-standing history dating back to 1934, reflected in the authoritative and professional content presented on the site. Technically, the website is built on the Drupal CMS platform, leveraging the U.S. Web Design System (USWDS) for accessibility and responsive design. It integrates modern analytics and tracking tools such as Google Tag Manager and YouTube APIs, ensuring a rich user experience with fast performance and excellent mobile optimization. The site is hosted likely on government infrastructure or via Akamai CDN, ensuring reliability and security. From a security perspective, the site enforces HTTPS and demonstrates good security practices including secure forms and no visible vulnerabilities. While explicit security headers were not fully confirmed in the provided content, the overall posture is strong, consistent with a government entity. Privacy and cookie policies were not explicitly found in the provided HTML snippet, which slightly impacts privacy compliance scoring. Overall, the SEC website is a highly credible, trustworthy, and professionally maintained government resource. It effectively serves its mission to protect investors and maintain market integrity. Strategic recommendations include publishing explicit privacy and cookie policies prominently, ensuring all security headers are set, and maintaining vigilance on third-party scripts to uphold security standards.

B

Bpifrance

bpifrance-creation.fr

62

Bpifrance Création is a French government-affiliated platform dedicated to supporting entrepreneurs in creating, managing, developing, and transmitting their businesses. The website offers comprehensive resources including financing tools, legal and fiscal guides, expert videos, and event information. It targets entrepreneurs and small business owners primarily in France, positioning itself as a key national resource in the entrepreneurship ecosystem. Technically, the site is built on Drupal CMS with modern frameworks like Bootstrap and Vuetify, ensuring good mobile optimization and user experience. Security posture is solid with HTTPS and secure authentication mechanisms, though some security headers and policies could be improved. Privacy compliance is partially addressed with cookie consent but lacks a clearly accessible privacy policy page. Overall, the site is professional, trustworthy, and content-rich, serving its audience effectively.

G

Groupe JVS

groupe-jvs.fr

48

Groupe JVS is a French software publishing group specializing in IT solutions for public sector organizations, particularly local and territorial collectivities. With over 40 years of experience, the group operates through five subsidiaries offering tailored software and digital services to facilitate the digital transformation of public services. Their market position is solid within the French public sector, supported by a network of 14 regional agencies and a portfolio of innovative solutions aimed at improving citizen engagement and administrative efficiency. Technically, the website is built on Drupal CMS and integrates modern analytics and marketing tools such as Matomo and HubSpot. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some improvements in accessibility and security headers could be made. The presence of cookie consent mechanisms and a comprehensive privacy policy indicates a mature approach to privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent tools, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is a notable concern, reducing the overall trust score despite the professional appearance and business legitimacy of the site. Overall, Groupe JVS presents a professional and credible digital presence with room for improvement in security transparency and WHOIS data availability. Strategic recommendations include enhancing security headers, publishing a security policy, and monitoring domain registration details to ensure ongoing trustworthiness.

A

Atout France

atout-france.fr

57

Atout France is the official French government agency dedicated to developing and promoting tourism both domestically and internationally. The website presents a comprehensive range of services including market analysis, sustainable tourism initiatives, innovation support, professional training, and event organization. It targets tourism professionals and stakeholders aiming to enhance France's tourism sector. Technically, the site is built on Drupal CMS, employs modern web technologies, and integrates privacy and analytics tools such as Google Tag Manager and Axeptio for cookie consent. The design is professional, mobile-optimized, and accessible, reflecting the French government's digital standards. Security posture is strong with HTTPS enforced and secure form handling, though explicit security headers could be more visible. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable due to AFNIC policies, but the official branding and content strongly indicate legitimacy. Overall, the site is a trustworthy, well-maintained government resource for tourism stakeholders.

C

Citopia

citopia.fr

52

Citopia is a French company specializing in digital solutions tailored for local governments and municipalities, focusing on citizen relationship management and digital transformation. The company offers a suite of products including citizen request management, communication tools, portals, mobile applications, and appointment management, positioning itself as a niche provider within the government technology sector. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the website is built on Drupal CMS, uses Matomo for analytics, and integrates a cookie consent management platform (tarteaucitron.io). The site demonstrates good technical implementation with modern web standards, responsive design, and SEO optimization. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses consent mechanisms for cookies, but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is privacy-protected, which is common and justified for this business type. Overall, the security posture is good but could be improved with additional headers and documented policies. The overall risk assessment is low, with a trustworthy and professional online presence. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

L

Laëtis

laetis.fr

44

Laëtis is a French digital agency specializing in creating interactive and user-friendly digital solutions tailored to sectors such as tourism, local development, agriculture, environment, and e-commerce. The company targets clients focused on efficiency and sustainable territorial development, offering custom web and online collaborative applications. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in French. Technically, the website is built on Drupal CMS with modern JavaScript libraries including jQuery, RequireJS, and Modernizr. It employs HTTPS with good SSL configuration and includes a cookie consent mechanism compliant with GDPR. However, no explicit security headers were detected, and no detailed security or incident response policies are published. From a security perspective, the site shows a moderate security posture with HTTPS and cookie consent but lacks visible advanced security headers and incident response information. The absence of WHOIS data limits domain trust assessment, though the site content and structure suggest a legitimate business. No vulnerabilities or exposed sensitive data were identified in the provided content. Overall, Laëtis presents a professional and trustworthy digital presence with room for improvement in security transparency and WHOIS data availability. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain registration details to strengthen trust and compliance.

A

Assistance publique - Hôpitaux de Paris (AP-HP)

aphp.fr

66

Assistance publique - Hôpitaux de Paris (AP-HP) is the largest public healthcare institution in Europe, operating 38 hospitals and serving millions of patients annually. The website provides comprehensive information on patient care, research, education, and innovation, targeting patients, healthcare professionals, researchers, and partners. The digital infrastructure is built on Drupal CMS with modern web technologies, ensuring good performance, accessibility, and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response details are not publicly available. WHOIS data is missing, which is unusual but likely due to AFNIC policies or privacy protection, not indicating malicious intent. Overall, the website is professional, trustworthy, and compliant with GDPR.

É

École nationale des ponts et chaussées

enpc.fr

55

École nationale des ponts et chaussées is a prestigious French grande école specializing in engineering education, research, and professional training with a strong focus on ecological and digital transitions. The institution offers a wide range of programs including engineering degrees, masters, doctoral studies, and continuing education, supported by multiple research laboratories and international partnerships. The website reflects a mature digital presence with comprehensive content targeting students, researchers, and professionals. Technically, the site is built on Drupal CMS with modern JavaScript libraries and privacy-respecting analytics (Matomo). Security posture is strong with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, although some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

A

Altice Europe

altice.net

64

Altice Europe was a major telecommunications company with a long-standing domain registration since 2003. The website currently serves as an archive following the company's delisting and cessation of operations. It primarily directs investors to Altice France and Altice International for ongoing information. The technical infrastructure is based on Drupal CMS with legacy JavaScript libraries, showing moderate digital maturity. Security posture is basic with HTTPS enforced but lacking DNSSEC and security headers. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the website is functional but minimal, with limited business and security disclosures.

V

Ville de Rungis

rungis.fr

60

The website rungis.fr is the official online presence of the Ville de Rungis, a municipal government entity in France. It provides comprehensive information about local government services, news, events, and administrative procedures targeted primarily at residents and visitors. The site is well-structured, professionally designed, and offers multilingual support with a focus on French. It integrates modern web technologies including Drupal CMS and Matomo analytics for visitor tracking. Privacy and cookie policies are clearly presented with GDPR compliance mechanisms in place. Technically, the site is built on a robust Drupal platform with responsive design and accessibility features, ensuring good performance and user experience across devices. Security posture is solid with HTTPS enforced and domain registration consistent with the official nature of the site. However, explicit security headers and incident response information are not prominently available, representing an area for improvement. Overall, rungis.fr demonstrates a mature digital infrastructure suitable for a government website, with strong business credibility and trust indicators. The site is safe for general audiences, free from adult or questionable content, and maintains transparency through social media and contact information. Strategic recommendations include enhancing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and compliance.

A

ACOME

acome.com

62

ACOME is a French industrial group specializing in high-tech cables for automotive, telecommunications, smart buildings, smart cities, railways, and electricity transmission sectors. The company positions itself as a technological leader with a strong international presence and a commitment to innovation and responsible growth. Their website reflects a professional and comprehensive digital presence, leveraging Drupal CMS and modern web technologies, including analytics and cookie consent tools. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit security policies are not published. The absence of WHOIS registration data is a notable concern but does not detract significantly from the overall legitimacy given the professional content and business focus. Strategic recommendations include enhancing security transparency and verifying domain registration details.

D

Driving Urban Transitions (DUT) Partnership

dutpartnership.eu

69

The Driving Urban Transitions (DUT) Partnership website serves as a professional platform for a European partnership focused on funding and coordinating research and innovation projects aimed at sustainable urban transitions. The site targets European cities, policymakers, researchers, and stakeholders interested in climate-neutral and resilient urban futures. It provides comprehensive information on projects, funding opportunities, events, and community engagement. Technically, the site is built on Drupal CMS with modern frameworks like Bootstrap and integrates consent management and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the website is trustworthy, well-branded, and compliant with GDPR, making it a credible resource in its sector.

L

L'Union sociale pour l'habitat

union-habitat.org

53

L'Union sociale pour l'habitat is a prominent French non-profit organization dedicated to supporting social housing entities (Hlm) and contributing to national housing policy development. The website serves as a comprehensive resource hub offering thematic content, publications, event information, and professional support to stakeholders in the social housing sector. The organization maintains a strong market position as a key actor in France's social housing ecosystem, with a large-scale presence and multiple affiliated entities. Technically, the website is built on Drupal CMS, employs modern web technologies such as lazy loading and Matomo analytics, and is optimized for mobile and accessibility. Security posture is strong with HTTPS enforcement and security headers, though explicit security and privacy policies are not prominently published. The absence of WHOIS data limits domain trust verification but does not detract significantly from the site's legitimacy given its professional presentation and content. Overall, the site is well-designed, content-rich, and trustworthy for its target audience.

E

ENGIE

engie.com

72

ENGIE is a major global energy company focused on accelerating the transition to a carbon-neutral economy. The company offers a broad range of services including renewable energy production, energy flexibility solutions, infrastructure management, and energy supply tailored to cities, industries, tertiary sectors, and individual consumers. The website content is professionally presented in French, reflecting ENGIE's strong market position in the energy sector, particularly in France and internationally. Technically, the site is built on Drupal CMS with modern web technologies such as Bootstrap, Google Tag Manager, and Matomo analytics, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers are not detected and no security.txt file is published. The absence of WHOIS data for the domain is unusual but does not detract significantly from the site's legitimacy given the strong branding and external references. Overall, ENGIE's website demonstrates a mature digital presence aligned with its business objectives and compliance requirements.

U

U7+ Alliance of world universities

u7alliance.org

68

The U7+ Alliance of world universities is a global coalition of university presidents committed to addressing pressing global challenges in coordination with G7 governments and beyond. The organization operates as a non-profit alliance focused on policy advocacy, collaborative summits, working groups, and student initiatives to foster global education and research collaboration. The website reflects a professional and consistent brand image targeting university leaders, academics, policymakers, and students worldwide. Technically, the website is built on Drupal CMS with modern libraries such as jQuery and Superfish for navigation, and uses Matomo Cloud for privacy-focused analytics. The site is mobile-optimized, accessible, and well-structured with clear navigation and SEO best practices. Cookie consent is managed via Tarteaucitron.js, ensuring GDPR compliance. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms but lacks explicit security policy pages or incident response contacts. No vulnerabilities or exposed sensitive data were detected. WHOIS data is privacy-protected, which is justified for this type of non-profit organization. Overall, the site demonstrates a strong security posture with room for improvement in transparency and security documentation. The overall risk assessment is low, with the site presenting a trustworthy and professional front for the U7+ Alliance. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

C

Centre Hospitalier Universitaire de Nîmes

chu-nimes.fr

56

The Centre Hospitalier Universitaire de Nîmes (CHU de Nîmes) is a major public university hospital serving the Gard region and neighboring departments in France. It provides comprehensive healthcare services including emergency care, consultations, hospitalizations, medical research, and professional training. The institution is large, with nearly 7,400 staff including medical and non-medical personnel, and operates across multiple sites. The website reflects a mature digital presence with a professional design, clear navigation, and accessibility features, targeting patients, healthcare professionals, researchers, and students. Technically, the website is built on the Drupal CMS platform, hosted by OVH, and incorporates modern web technologies such as Bootstrap and Swiper.js. It includes a cookie consent mechanism compliant with GDPR and uses Google Analytics for audience measurement. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data confirms the domain's legitimacy with a long registration history and consistent registration details. Overall, the website demonstrates a strong security posture and compliance with privacy regulations, supporting the trustworthiness of the institution. Recommendations include enhancing security headers, publishing security policies, and adding a vulnerability disclosure mechanism to further improve security transparency.

I

Ifremer

ifremer.fr

60

Ifremer is the French national institute dedicated to oceanographic research, focusing on marine ecosystem protection, sustainable resource management, and marine data sharing. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with a government research entity. Technically, the site uses Drupal CMS with modern JavaScript libraries and SVG graphics, optimized for mobile and accessibility. Security posture is strong with HTTPS, security headers, and no evident vulnerabilities, though explicit security policies and incident response information are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy and professional, serving a broad audience including scientists, policymakers, and the public.

Enedis is a French public service company responsible for operating, modernizing, and maintaining the electricity distribution network across France. The company provides 24/7 services including network operation, installation connections, and meter reading. It holds a leading position in the French energy sector as the national distribution network manager. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization, built on Drupal CMS with modern web technologies. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with comprehensive privacy and cookie policies including consent mechanisms. Overall, the website and business presence indicate a trustworthy and legitimate entity with a focus on public service and energy distribution.

L

L214

politique-animaux.fr

59

The website 'Politique & animaux' is an advocacy and informational platform operated by the French non-profit organization L214, focusing on political actions related to animal welfare in France. It provides evaluations of political personalities, campaigns at municipal, national, and European levels, and public opinion polling data. The platform targets French citizens interested in animal rights and political accountability. Technically, the site is built on Drupal CMS with modern JavaScript libraries and integrates Google Tag Manager for analytics. It is mobile-optimized and uses HTTPS for secure communications. Security posture is good with no evident vulnerabilities, though explicit security headers could be improved. Privacy compliance is moderate, with consent mechanisms present but no explicit privacy or cookie policy pages found. WHOIS data is unavailable, which slightly impacts trust but the association with L214 and the professional content support legitimacy. Overall, the site is well-designed, content-rich, and trustworthy for its audience.

D

Département de la Charente-Maritime

charente-maritime.fr

65

The website la.charente-maritime.fr serves as the official online presence for the Département de la Charente-Maritime, a governmental entity in France. It provides extensive information about departmental services, elected officials, public projects, social services, tourism, and cultural activities. The site targets residents, visitors, and stakeholders within the Charente-Maritime region, offering a broad range of public sector services and information. The business model is that of a public sector government service provider, with a large scope and audience. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies such as Google Fonts, Google Maps API, and Matomo Analytics for privacy-conscious user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The presence of cookie consent mechanisms indicates attention to privacy compliance, though an explicit privacy policy page was not detected in the provided content. From a security perspective, the site enforces HTTPS and uses modern JavaScript libraries, but lacks visible security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which is unusual but may be due to AFNIC registry policies or privacy protections. Overall, the site appears trustworthy and professional, consistent with an official government entity. The overall risk is low, but improvements are recommended in publishing comprehensive privacy and security policies, implementing security headers, and providing clear contact information for security incidents to enhance trust and compliance.

T

Tipiak

tipiak.fr

45

Tipiak is a French food brand specializing in products such as taboulé, quinoa, couscous, and boulgour, supported by a rich recipe platform with over 300 recipes. The website serves as both a product showcase and a culinary inspiration hub targeting general consumers interested in cooking. Technically, the site is built on Drupal CMS, uses Google Tag Manager for analytics, and implements EU cookie compliance mechanisms, indicating a moderate level of digital maturity. The site is mobile-optimized and accessible with good SEO practices. Security posture is adequate with cookie consent and privacy policies in place, but lacks explicit security headers and published incident response information. The absence of WHOIS data for the domain reduces trustworthiness, though the website content and external links suggest a legitimate business. Overall, the site is professional and trustworthy but would benefit from enhanced security transparency and domain registration verification.

I

InVivo

invivo-group.com

66

InVivo is a major French agricultural cooperative group with a strong European presence, focused on driving the agricultural and food transition towards sustainability and resilience. The company operates across multiple sectors including agriculture, international commodity trading, agro-food production, and retail, serving farmers, cooperatives, and consumers. The website reflects a mature digital presence built on Drupal CMS, with good mobile optimization and SEO practices. Social media integration is robust, supporting brand engagement. Security posture is generally good with HTTPS and cookie consent implemented, but lacks explicit security headers and published security policies. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, though the professional website content and branding mitigate some risk. Overall, the site is trustworthy and professional but would benefit from enhanced transparency on privacy and security policies.

B

Breek

breek.fr

51

Breek is a French technology consultancy specializing in web strategy, functional specifications, and development services primarily using Drupal and iOS platforms. Established in 2003, the company serves a professional clientele including major brands such as LVMH, Apple, and BNP Paribas, positioning itself as a niche expert in web development and AMOA services. The website reflects a professional and consistent brand image with a clear focus on technology and consulting services. Technically, the site is built on Drupal CMS with modern JavaScript libraries and frameworks, offering good mobile optimization and SEO practices. Analytics are implemented via Piwik PRO, indicating moderate user tracking. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and published security policies suggests room for improvement. Privacy compliance is partial, lacking a cookie consent mechanism and detailed GDPR indicators. Overall, the website is trustworthy and professional, with a strong business credibility score and no signs of malicious or adult content.

S

SIL Global

sil.org

63

SIL Global is a well-established, faith-based nonprofit organization dedicated to language development and community empowerment worldwide. Their website reflects a professional and comprehensive digital presence, offering extensive resources, training, and services in linguistic research, literacy, translation, and language technology. The organization targets diverse global communities and language professionals, emphasizing equal access to education and socio-economic opportunities regardless of language barriers. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and uses standard web technologies including jQuery and Font Awesome. It is mobile-optimized and accessible, with embedded multimedia content enhancing user engagement. Security posture is solid with HTTPS enforced and secure form handling, though the absence of certain security headers and explicit cookie consent mechanisms are areas for improvement. The lack of WHOIS data limits domain registration trust verification, but the presence of recognized nonprofit certifications and consistent branding supports legitimacy. Overall, the site scores well on content quality, technical implementation, and business credibility, with moderate privacy compliance.

Axess Groupe is a French technology company specializing in cloud sovereign hosting and IT infrastructure services. They provide secure, performant, and compliant cloud hosting solutions tailored for enterprises, including healthcare data hosting certified under HDS and ISO 27001 standards. The company targets a broad range of clients from SMEs to large public institutions within France, emphasizing data sovereignty and security. Their website demonstrates a mature digital presence with comprehensive content, professional design, and strong GDPR compliance. Technically, the site uses Drupal CMS with modern analytics and marketing tools, ensuring good performance and accessibility. Security posture is strong with certifications and secure hosting practices, though some improvements in security headers and incident response transparency are recommended. The absence of WHOIS registration data slightly impacts domain trust but does not overshadow the overall professionalism and legitimacy of the business. Strategic recommendations include enhancing security disclosures and verifying domain registration details to improve trust further.

P

Proparco

proparco.fr

61

Proparco is a French development finance institution affiliated with the Agence Française de Développement (AFD) group. It focuses on financing and supporting private sector enterprises and financial institutions across Africa, Asia, Latin America, Eurasia, and the Middle East, aiming to contribute to the Sustainable Development Goals (SDGs). The website presents a professional and comprehensive overview of its mission, services, and impact, targeting businesses, investors, and development stakeholders. The content is rich, well-structured, and available in French and English, reflecting a mature digital presence. Technically, the website is built on Drupal CMS with integration of French government design system DSFR, and uses modern JavaScript libraries and consent management tools. It is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security headers could be better documented. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates a high level of professionalism, trustworthiness, and operational maturity. The lack of WHOIS data is noted but likely due to privacy protection common for government-affiliated domains. The site is not blocked by any WAF or security challenge, allowing full content access and analysis.

E

Expertise France

expertisefrance.fr

62

Expertise France is a French public agency specializing in international technical cooperation, operating as a subsidiary of the Agence française de développement. The agency holds a strong market position as the second largest technical cooperation entity in Europe, delivering projects across governance, security, climate, health, education, and cultural sectors in over 140 countries. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, it leverages Drupal CMS, the French government design system (DSFR), and integrates modern analytics and consent management tools, ensuring compliance with privacy regulations. Security posture is robust with HTTPS enforcement and consent mechanisms, though some security headers could be explicitly confirmed. Overall, the site demonstrates high professionalism and trustworthiness, though WHOIS data is unavailable, which slightly impacts domain legitimacy assessment.

F

Fonds Français pour l’Environnement Mondial (FFEM)

ffem.fr

58

The Fonds Français pour l’Environnement Mondial (FFEM) is a French government-established fund focused on financing innovative environmental projects in developing countries. With a history dating back to 1994, FFEM supports projects that preserve biodiversity, combat climate change, and promote sustainable resource management. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. Technically, it is built on Drupal CMS with modern frameworks and includes accessibility and SEO best practices. Security posture is strong with HTTPS and consent management, though explicit security policies and incident response contacts are absent. Overall, the site demonstrates high trustworthiness and aligns well with its governmental and non-profit mission.

A

Agence Française de Développement

afd.fr

61

The Agence Française de Développement (AFD) is a prominent French public development bank dedicated to financing and supporting sustainable development projects worldwide. The website reflects a mature, well-established organization with a clear mission to promote social and environmental transitions. The site targets a diverse audience including governments, investors, civil society, and enterprises. Technically, the website is built on Drupal CMS with modern frameworks and analytics tools, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS and consent management, though explicit security headers should be verified. The absence of WHOIS data is due to AFNIC privacy policies, which is typical for French government domains. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

B

Banque des Territoires

banquedesterritoires.fr

65

Banque des Territoires is a major French public financial institution affiliated with Groupe Caisse des Dépôts, focused on supporting territorial actors in project development and financing. The website reflects a professional and comprehensive digital presence with clear navigation, modern technologies, and strong GDPR compliance. The technical infrastructure is based on Drupal CMS with integration of consent management and analytics tools, indicating a mature digital setup. Security posture is good with HTTPS, consent mechanisms, and no visible vulnerabilities, though explicit security policies and incident response contacts are not found. The absence of WHOIS data reduces trust slightly but the website's affiliation and content quality support legitimacy. Overall, the site is well-positioned to serve its public sector audience with relevant financial and territorial services.

I

Ifremer

monlopindemer.fr

58

Ifremer is a French public research institute specializing in marine science and technology. The analyzed webpage presents the 'Mon lopin de mer' educational project aimed at raising awareness about ocean ecosystems and encouraging preservation actions among students and the public. The website is professionally designed, well-structured, and mobile-optimized, reflecting a mature digital presence. Technically, it uses Drupal CMS with modern web standards and security best practices including HTTPS and security headers. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is evident with clear privacy and cookie policies and consent mechanisms. Business credibility is high due to official government branding, partnerships, and certifications. WHOIS data is unavailable, likely due to privacy or registry response, but this does not detract from the site's legitimacy given its governmental nature. Overall, the site is trustworthy, secure, and serves an important educational mission.

S

Service Public d’Information en Santé

sante.fr

63

Santé.fr is the official French public health information portal managed under the Ministry of Health. Established in 2016, it serves as a comprehensive and reliable source of health information for the general public and health professionals. The website offers extensive editorial content, a large directory of health professionals and establishments, and personalized health advice services. It is positioned as a leading government-backed health information platform in France. Technically, the site is built on Drupal CMS with modern frontend technologies including Vue.js and FontAwesome. It implements strong privacy and cookie consent mechanisms using tarteaucitron.js and supports mobile and accessibility standards well. The site is served over HTTPS with no detected blocking or WAF interference, indicating good operational maturity. From a security perspective, the site enforces HTTPS and secure login via OpenID Connect but lacks explicit HTTP security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and cookie management. Overall, Santé.fr presents a trustworthy, professional, and secure public health information service with excellent content quality and user experience. The domain WHOIS data is not publicly available, consistent with government domain privacy practices, and the site aligns well with its stated mission and branding.

A

April

april.org

55

April is a well-established French non-profit association dedicated to promoting and defending free software and open standards since 1996. It serves a broad francophone audience including individuals, professionals, and institutions. The website reflects an active organization with frequent news, events, and educational content. Technically, the site is built on Drupal CMS, uses jQuery and Matomo analytics, and is moderately optimized for mobile and SEO. Security posture is adequate with HTTPS and domain transfer protection but lacks DNSSEC and explicit security headers. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve transparency and security practices.

G

Gérontopôle Autonomie Longévité des Pays de la Loire

gerontopole-paysdelaloire.fr

57

The Gérontopôle Autonomie Longévité des Pays de la Loire is a regional non-profit organization dedicated to improving the quality of life for elderly people in the Pays de la Loire region of France. It acts as a network of stakeholders focused on aging well, offering services such as training, research, economic development in the silver economy, and support for territorial policies. The website is professionally designed using Drupal CMS and integrates modern technologies including Google Analytics, Google Tag Manager, and reCAPTCHA for security. Privacy and cookie consent mechanisms are well implemented, reflecting GDPR compliance. However, the absence of WHOIS data raises concerns about domain registration status, which should be verified to ensure legitimacy. Security posture is generally good with HTTPS and secure forms, but could be improved by adding security headers and publishing incident response policies. Overall, the site presents a trustworthy and professional digital presence for a specialized healthcare non-profit.

I

IDDRI

iddri.org

52

IDDRI is an independent French think tank specializing in sustainable development research and policy analysis. It operates as a multi-stakeholder dialogue platform and collaborates with prominent institutions such as Sciences Po. The website is professionally designed, content-rich, and targets policymakers, researchers, and stakeholders interested in environmental and sustainable development issues. Technically, the site is built on Drupal CMS and integrates multiple analytics tools including Matomo, Google Analytics, and Hotjar, with a strong emphasis on privacy compliance and cookie consent mechanisms. Security posture is solid with HTTPS enforced, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a mature digital presence aligned with its mission and audience.

F

Ferrero Hazelnut Company

ferrerohazelnutcompany.com

69

Ferrero Hazelnut Company is a division of the Ferrero Group focused on the entire hazelnut value chain, from cultivation to processing, emphasizing sustainability and quality. The company operates globally with agribusiness development programs and a commitment to responsible sourcing. The website reflects a professional corporate presence with detailed information about their mission, programs, and sustainability efforts. Technically, the site is built on Drupal CMS, uses modern web technologies, and integrates Google Tag Manager for analytics. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers are not detected and privacy compliance could be improved. WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not negate the apparent legitimacy given the strong brand association. Overall, the site is trustworthy, professional, and well-maintained, serving as an effective corporate communication platform.

Kinder Finland is a regional website representing the Kinder brand, a well-known confectionery brand owned by Ferrero. The site targets parents and families with children, offering product information, brand storytelling, sustainability initiatives, and interactive applications such as Applaydu. The website is professionally designed with consistent branding and good content quality, supporting the brand's market position in the retail confectionery sector. Technically, the site is built on Drupal CMS with modern JavaScript libraries and is mobile optimized, though some accessibility and security header improvements are recommended. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but explicit security headers and privacy policy pages are lacking. The WHOIS data for the domain is missing, which reduces trust slightly, but the website content and linked Ferrero domains strongly indicate legitimacy. Overall, the site is a credible and professional digital presence for Kinder in Finland.

N

Nutella®

nutella.com

66

Nutella® is a globally recognized brand specializing in hazelnut spread products. The website serves as the official international portal for Nutella®, providing product information, recipe inspiration, sustainability commitments, and brand storytelling. The site targets a general audience interested in Nutella® products and related content. Technically, the website is built on Drupal CMS with modern JavaScript libraries such as Swiper.js for sliders and integrates Google Tag Manager for analytics. The site is mobile-optimized and offers a professional user experience with clear navigation and rich multimedia content. Security-wise, the site uses HTTPS and does not expose sensitive data, but lacks explicit security headers and detailed privacy or cookie policies. WHOIS data is unavailable or privacy protected, but the domain is active and consistent with a legitimate brand presence. Overall, the website demonstrates a mature digital presence with room for improvement in privacy compliance and security transparency.

F

Ferrero Group

ferrero.com

71

Ferrero Group is a globally recognized Italian family-owned confectionery company founded in 1946, with a strong presence in over 170 countries and a portfolio of more than 35 iconic brands including Nutella®, Kinder®, Tic Tac®, and Ferrero Rocher®. The company emphasizes quality, tradition, and sustainability, supported by a workforce of approximately 47,000 employees. The website reflects a mature digital presence with comprehensive content, multimedia integration, and multi-language support, targeting a broad consumer and business audience. Technically, the site is built on Drupal CMS, employs modern web technologies such as Google Tag Manager and lazy loading, and demonstrates good mobile optimization and accessibility standards. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response contacts are not evident. Privacy and cookie policies are present with consent mechanisms, indicating GDPR compliance. The absence of WHOIS data is notable but likely due to privacy protection or query limitations, not detracting from the site's legitimacy. Overall, the site is professional, trustworthy, and well-maintained.

F

Ferrero Foodservice

ferrerofoodservice.com

66

Ferrero Foodservice is a professional B2B website representing the Ferrero Group's foodservice brands such as Nutella®, Kinder®, Tic Tac®, and Ferrero Rocher. The site targets restaurant owners, distributors, and other professional sectors, offering product information, recipes, and tools to support business operations. The website demonstrates a high level of digital maturity with a modern Drupal CMS infrastructure, responsive design, and integration of analytics and marketing tools. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response contacts are absent. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good GDPR compliance. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy, which contrasts with the professional and trustworthy website content. Overall, the site is professional, secure, and user-friendly but would benefit from improved transparency in domain registration and security disclosures.

F

FERRERO France

ferrero.fr

73

Ferrero France is a subsidiary of the globally recognized Ferrero Group, a family-owned Italian confectionery company founded in 1946. The company operates in the manufacturing and retail sectors, specializing in sweet food products with iconic brands such as Nutella®, Kinder®, Tic Tac®, and Ferrero Rocher®. The website reflects a mature, enterprise-level business with a strong emphasis on quality, sustainability, and corporate social responsibility. The digital presence is well-structured, multilingual, and professionally designed, targeting a broad general audience including consumers, partners, and job seekers. Technically, the website is built on Drupal CMS and incorporates modern web technologies such as Google Tag Manager for analytics, AddToAny for social sharing, and UserWay for accessibility enhancements. The site is mobile-optimized and includes SEO best practices, though accessibility compliance is moderate at 57%. Security posture is strong with HTTPS enforced and multiple security headers present, alongside a published vulnerability disclosure policy. However, WHOIS data for the domain is unavailable, which is unusual for a major brand and warrants monitoring. Overall, the website demonstrates a high level of digital maturity and security awareness, with comprehensive privacy and cookie policies aligned with GDPR requirements. The absence of explicit contact emails and phone numbers on the public site suggests a preference for contact via forms or social media channels. The site is safe for general audiences with no adult or questionable content detected.

A

AFM-Téléthon

afm-telethon.fr

65

AFM-Téléthon is a prominent French non-profit organization dedicated to combating rare diseases through fundraising, research support, and patient assistance. The website reflects a mature digital presence with comprehensive content targeting families affected by rare diseases, donors, researchers, and healthcare professionals. It offers donation mechanisms, educational resources, and extensive information about its activities and subsidiaries. Technically, the site is built on Drupal CMS, employs modern analytics and consent management tools, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and headers could be enhanced. The absence of WHOIS data is unusual but does not detract significantly from the site's legitimacy given the strong branding and external references. Overall, the site is professional, trustworthy, and well-aligned with its mission.

D

Del Monte Foods

delmontefoods.com

68

Del Monte Foods is a well-established food manufacturing and retail company with a rich history spanning over 135 years. The company offers a portfolio of well-known brands focused on wholesome and quality food products, targeting general consumers and grocery buyers primarily in the United States. Their business model centers on manufacturing and brand management with a strong emphasis on sustainability and corporate responsibility. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that supports their market position. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies including jQuery, Google Analytics, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is mobile optimized and includes accessibility features such as the UserWay widget. Performance is moderate, with good SEO and meta tag implementation. However, some security headers are not explicitly present, and there is no visible cookie consent mechanism, which could be improved for compliance. From a security perspective, the site enforces HTTPS and uses secure analytics scripts, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is unavailable, which reduces trustworthiness from a domain registration perspective, though the website content and branding strongly indicate legitimacy. Overall, the security posture is good but could benefit from enhanced header policies and privacy compliance features. The overall risk assessment is low, with recommendations to improve privacy compliance by adding cookie consent, publish security policies, and enhance security headers. These steps will strengthen trust and regulatory adherence while maintaining a professional and secure online presence.

R

Région Nouvelle-Aquitaine

nouvelle-aquitaine.fr

61

Région Nouvelle-Aquitaine is the official regional government entity responsible for managing and supporting various public services and initiatives in the Nouvelle-Aquitaine region of France. The website serves as a comprehensive portal for citizens, providing information on economic development, employment, youth programs, territorial planning, and ecological transition. It maintains a strong market position as a government authority with a large audience base. Technically, the site is built on Drupal CMS, employs modern JavaScript libraries, and integrates Google Tag Manager for analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, though WHOIS data is unavailable, likely due to registry server response issues rather than malicious intent.

E

EFFIA

effia.com

65

EFFIA is a prominent parking service provider operating primarily in France and Belgium, offering parking space reservations and subscription plans across more than 500 locations. The company targets drivers and commuters seeking convenient and cost-effective parking solutions near city centers and train stations. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content to its audience. Technically, the site is built on Drupal CMS and integrates modern tools such as Google Maps API, Didomi for consent management, and analytics platforms like Piano Analytics and Google Tag Manager. Security posture is solid with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with visible cookie consent mechanisms and a comprehensive privacy policy. However, the absence of WHOIS registration data for the domain www.effia.com raises some concerns about domain legitimacy, though the website content and business presence appear credible. Overall, the site scores well in content quality, technical implementation, and security, but could improve business credibility by providing more transparent domain registration and direct contact information.

V

VTT Technical Research Centre of Finland Ltd.

vttresearch.com

75

VTT Technical Research Centre of Finland Ltd. is a leading European research and innovation organization focused on sustainable growth and applied science. The company offers a wide range of R&D services across multiple industries including energy, healthcare, manufacturing, and ICT. Their website demonstrates a high level of professionalism, with comprehensive service descriptions, structured data, and a strong brand presence. Technically, the site is built on Drupal CMS with modern analytics and cookie consent tools, optimized for accessibility and mobile use. Security posture is good with HTTPS and consent mechanisms, though lacking explicit security headers and published security policies. WHOIS data is missing, which raises some concerns about domain registration transparency, but the overall business credibility and content quality remain strong.

N

National Institute of Industrial Property

inpi.fr

67

The National Institute of Industrial Property (INPI) is the official French government agency responsible for intellectual property and business formalities. The website serves as a comprehensive portal for entrepreneurs, IP professionals, and innovators to access services such as business registration, intellectual property rights management, financing solutions, and training programs. The site is well-branded, professionally designed, and provides clear navigation and relevant content tailored to its audience. Technically, the site is built on Drupal CMS, uses Matomo for analytics, and integrates cookie consent and translation tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not published. Overall, the site is trustworthy and authoritative, with minor gaps in transparency around security and data protection officer contact details.