Security Directory

A

Api Restauration

api-restauration.com

65

Api Restauration is a French catering company emphasizing responsible cooking, culinary excellence, and corporate social responsibility. The website showcases their commitment to ethical practices, nutrition, training, and sustainable development within the hospitality sector. Their market position is that of an established large company with a strong focus on culinary talent and apprenticeship programs. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses privacy-conscious analytics tools such as Matomo alongside Google Analytics. The site is well-structured, mobile-optimized, and compliant with GDPR regulations, featuring a comprehensive cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Overall, the site projects professionalism and trustworthiness with consistent branding and clear business focus.

D

Département de l'Yonne

yonne.fr

49

The website www.yonne.fr serves as the official digital portal for the Département de l'Yonne, a regional government entity in France. It provides residents and visitors with access to public services, administrative procedures, news, events, and digital publications. The site is well-positioned as a trusted government resource with a clear focus on serving the local population. Technically, the site is built on WordPress, leveraging popular plugins such as Yoast SEO and LayerSlider, and integrates Matomo for analytics, indicating a modern and privacy-conscious infrastructure. Security measures include HTTPS enforcement, security headers, and the use of Google reCAPTCHA to protect forms. However, the absence of WHOIS data limits external verification of domain registration details, though the website's content and branding strongly support its legitimacy. Overall, the site demonstrates a strong security posture and compliance with GDPR, with comprehensive privacy and cookie policies in place.

B

Berger-Levrault

berger-levrault.fr

71

Berger-Levrault is a reputable international software publisher headquartered in France, specializing in software solutions for public administrations, healthcare, education, and industry sectors. The company positions itself as a trusted provider with a focus on reliability and compliance. The website reflects a mature digital presence with multi-language support and professional branding. Technically, the site is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Matomo, and Google Tag Manager, complemented by a robust consent management system via Didomi, ensuring GDPR compliance. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not publicly visible. Overall, the website is professional, secure, and trustworthy, supporting the company's market position effectively.

C

Citopia

citopia.fr

52

Citopia is a French company specializing in digital solutions tailored for local governments and municipalities, focusing on citizen relationship management and digital transformation. The company offers a suite of products including citizen request management, communication tools, portals, mobile applications, and appointment management, positioning itself as a niche provider within the government technology sector. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the website is built on Drupal CMS, uses Matomo for analytics, and integrates a cookie consent management platform (tarteaucitron.io). The site demonstrates good technical implementation with modern web standards, responsive design, and SEO optimization. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses consent mechanisms for cookies, but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is privacy-protected, which is common and justified for this business type. Overall, the security posture is good but could be improved with additional headers and documented policies. The overall risk assessment is low, with a trustworthy and professional online presence. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

P

Phishen Impossible Initiative

phishen-impossible.at

52

Phishen Impossible is a well-established Austrian initiative focused on educating the public about phishing and cybercrime prevention. Supported by government entities such as the Austrian Federal Ministry of the Interior and major corporations like Österreichische Post and A1 Telekom Austria, it provides comprehensive educational content including videos, phishing rules, news updates, quizzes, and contact resources. The website is professionally designed, mobile-optimized, and offers clear navigation in German, targeting a broad audience of internet users in Austria. Technically, the site uses modern web technologies including jQuery and Matomo analytics, hosted on PSA Services infrastructure. Security posture is strong with HTTPS enforced and a cookie consent mechanism in place, although explicit security headers and incident response contacts are not present. Privacy compliance is well addressed with a detailed privacy policy and cookie management. Overall, the site is trustworthy, safe, and serves as a valuable resource for phishing awareness.

AW Solutions operates a French public procurement dematerialization platform aggregating over 70,000 annual calls for tenders and related services. The platform targets public sector buyers and suppliers, offering functionalities such as buyer profiles, electronic signature, and AI-powered sourcing. The business is positioned as an important player in the government sector digital services market in France, supported by legal experts and related entities such as awsolutions.fr and aws-france.com. Technically, the website uses a modern but basic tech stack including jQuery, Bootstrap, Google Analytics, and Matomo, with moderate performance and basic mobile optimization. Security posture is adequate but could be improved by adding security headers and cookie consent mechanisms. WHOIS data is not publicly available due to TLD limitations and privacy protection, but the domain is active and appears legitimate based on content and business model. Overall, the website is professional and trustworthy with room for technical and security enhancements.

H

hobex Payment Systems

hobex.at

66

hobex Payment Systems is a medium-sized Austrian company specializing in payment processing solutions, targeting businesses that require reliable payment systems. The website is built on WordPress using the Divi theme and integrates Matomo and LinkedIn Insight for analytics and marketing purposes. The technical infrastructure appears modern and moderately optimized for performance and mobile use. Security posture is moderate due to lack of visible security headers and unknown SSL configuration. Privacy compliance is minimal with no explicit privacy or cookie policies detected. The absence of WHOIS data limits domain trust analysis but the website content and structure suggest a legitimate business. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and cookie policies, and improving transparency with contact and incident response information.

Der Grüne Zoo Wuppertal is a well-established zoological garden located in Wuppertal, Germany, offering a wide range of animal exhibits, educational programs, and conservation initiatives. The zoo operates as a public entity supported by the city and a dedicated zoo association, positioning itself as a key regional player in animal welfare and environmental education. The website reflects a professional and comprehensive digital presence, targeting families, school groups, and animal enthusiasts with rich multimedia content and clear navigation.

Z

Zoo Krefeld

zookrefeld.de

47

Zoo Krefeld is a well-established zoological garden in Germany offering a wide range of animal exhibits, educational programs, events, and visitor services such as ticket sales, a zoo shop, and gastronomy. The website reflects a strong community and partner network, including sponsorships and affiliations with recognized zoo associations. Technically, the site is built on TYPO3 CMS with modern web technologies, providing a responsive and accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

Z

ZOOM Erlebniswelt Gelsenkirchen

zoom-erlebniswelt.de

51

ZOOM Erlebniswelt Gelsenkirchen is a well-established regional zoo located in Germany's Ruhrgebiet, offering immersive animal habitats themed around Alaska, Africa, and Asia. The website effectively communicates the zoo's offerings including ticket sales, educational programs, events, and partnership opportunities. The business targets families, tourists, and educational groups, positioning itself as a family-friendly attraction with a strong focus on conservation and visitor experience. Technically, the website is built on WordPress using the Uncode theme framework, hosted on Hetzner servers. It employs modern web technologies including JavaScript libraries like jQuery and Owl Carousel, and integrates Matomo for privacy-conscious analytics. The site is mobile optimized and accessible, with good SEO practices and a clear navigation structure. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. The WHOIS data aligns with the website's business claims, indicating a legitimate and consistent domain registration. Overall, the website demonstrates a strong digital presence with good content quality, technical implementation, and privacy compliance. Strategic recommendations include enhancing security headers, publishing a formal security policy, and maintaining regular security audits to further strengthen the security posture.

A

Aquazoo Löbbecke Museum

aquazoo-duesseldorf.de

41

Aquazoo Löbbecke Museum is a prominent public institution in Düsseldorf combining a zoo, aquarium, and natural history museum. It serves as a major leisure and educational destination, offering exhibitions, events, and conservation programs. The website reflects a professional and user-friendly digital presence with strong branding and clear navigation. Technically, it employs modern frameworks like Bootstrap and Swiper, uses Matomo analytics configured for privacy, and supports multiple languages via GTranslate. Security posture is good with HTTPS and privacy-conscious analytics, but lacks explicit privacy and cookie policies as well as incident response information. Overall, the site is trustworthy and well-maintained, serving a broad audience including families and nature enthusiasts.

T

Tierpark Bochum gGmbH

tierpark-bochum.de

48

Tierpark Bochum gGmbH operates a well-established zoological park and environmental education center located in Bochum, Germany. The website provides comprehensive information about the park's animal exhibits, educational programs, events, and conservation efforts. The organization targets families, schools, and tourists, positioning itself as a regional leader in non-profit zoological and educational services. The site is professionally designed with consistent branding and high-quality content in German, emphasizing accessibility and inclusion. Technically, the website is built on TYPO3 CMS, uses Matomo for privacy-conscious analytics, and includes modern web technologies and accessibility widgets. Security posture is strong with HTTPS, cookie consent, and disabling of tracking cookies in analytics. However, there is no public incident response or vulnerability disclosure information. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact and business information.

N

Netim

netim.com

76

Netim is a well-established ICANN-accredited domain registrar founded in 2004, offering a broad portfolio of over 1,300 TLDs including ccTLDs. The company provides domain registration, transfer services, email hosting, SSL certificates, and reseller and affiliate programs targeting individuals, SMEs, agencies, and corporations globally. The website demonstrates a professional and user-friendly design with clear navigation and relevant content tailored to its audience. Technically, the site uses modern frameworks such as Bootstrap and integrates analytics tools like Matomo and Cloudflare Insights, ensuring moderate performance and good mobile optimization. Security features include HTTPS, 2FA, login alerts, and DNSSEC support, although explicit security headers are not detected. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, but lacks a visible cookie consent mechanism. WHOIS data for the domain is missing or inaccessible, which is unusual and warrants further verification, though the overall legitimacy is supported by the company's market presence and trust signals. Overall, Netim presents a credible and secure platform for domain and hosting services with room for minor improvements in security headers and privacy mechanisms.

P

Port de La Grande Motte (34)

portdelagrandemotte.fr

54

Port de La Grande Motte is the official maritime port authority website serving the La Grande Motte region in France. It provides comprehensive information and services related to port operations, maritime regulations, events, and local tourism. The website targets boaters, tourists, and local residents, positioning itself as a trusted source for port-related information. The business model is focused on public service and maritime transportation facilitation. Technically, the website is built on WordPress CMS with modern plugins such as Advanced Custom Fields Pro and Rank Math SEO. It employs jQuery and integrates Google Translate for multilingual support. The site demonstrates good digital maturity with accessibility features, SEO optimization, and moderate performance. Analytics are handled via Matomo with privacy-conscious settings. From a security perspective, the site enforces HTTPS, includes essential security headers, and avoids exposing sensitive data. However, it lacks a dedicated security policy or vulnerability disclosure page, which could enhance its security posture. The WHOIS data is not publicly available, likely due to privacy protection, but the website's official nature and content consistency support its legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic recommendations include publishing a security policy, adding vulnerability disclosure mechanisms, and enhancing incident response visibility to further strengthen trust and compliance.

T

Tourisme en Occitanie

grands-sites-occitanie.fr

61

Tourisme en Occitanie is a regional tourism promotion website dedicated to showcasing the key destinations and attractions within the Occitanie region of France. It serves as an official portal providing comprehensive travel information, destination guides, and event promotion to attract tourists. The website targets travelers interested in cultural, outdoor, and leisure activities in the region. Technically, the site is built on WordPress using Elementor, with integrations for Google Tag Manager and Matomo Analytics, indicating a mature digital infrastructure. The site is well-optimized for SEO, mobile-friendly, and accessible, providing a professional user experience. Security-wise, the website enforces HTTPS and includes several security headers, although the Content-Security-Policy could be more comprehensive. Privacy compliance is strong, with clear cookie consent mechanisms and a detailed privacy policy aligned with GDPR requirements. However, the absence of WHOIS data for the domain reduces trust slightly, as domain registration details are not publicly available. Overall, the site presents a low-risk profile with good security and privacy practices but would benefit from enhanced transparency in domain registration and contact information.

T

Tourisme en Occitanie

tourisme-occitanie.com

61

Tourisme en Occitanie operates as the official regional tourism portal for the Occitanie region in France, providing comprehensive travel information, destination guides, and event promotion to tourists and travelers. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization, positioning it as a trusted source for regional tourism. Technically, the site is built on WordPress with Elementor and integrates modern analytics and marketing tools such as Google Tag Manager and Matomo, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, alongside a robust cookie consent mechanism ensuring GDPR compliance. However, the absence of WHOIS domain registration data and lack of explicit contact or security policies present areas for improvement in business credibility and transparency. Overall, the site is safe, trustworthy, and well-positioned to serve its audience effectively.

M

Sign in - Matomo

monmatomo.com

53

The website monmatomo.com serves as a login portal for the Matomo analytics platform, an open-source, privacy-focused web analytics solution. The platform is hosted by Scaleway SAS, a French hosting provider, and the domain registration aligns with this hosting arrangement. The site primarily offers analytics services targeting website owners and administrators who require detailed visitor tracking and data analysis capabilities. The business model appears to be centered around providing analytics software either as a service or self-hosted solution, with a focus on privacy and data control. The platform is relatively new, with the domain registered in late 2022, indicating a growing or recently launched service. Technically, the site uses standard web technologies including JavaScript, PHP, and HTML5, with the Matomo platform as the core framework. The site enforces HTTPS, ensuring secure data transmission. However, the site lacks visible security headers and explicit privacy or cookie policies on the login page, which are important for compliance and user trust. The site’s performance and mobile optimization are basic but functional, suitable for its purpose as a login portal. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, support for two-factor authentication, and client-side DoNotTrack detection. However, the absence of security headers and public security policies reduces the overall security posture. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is consistent and transparent, with no privacy protection, which supports legitimacy. Overall, the site is functional and trustworthy as a login portal for an analytics platform but would benefit from enhanced privacy disclosures, security headers, and contact information to improve compliance and user confidence. Strategic recommendations include enabling DNSSEC, publishing comprehensive privacy and security policies, and implementing security headers to strengthen the security posture.

D

Démarches Simplifiées / Direction interministérielle du numérique (DINUM)

demarches-simplifiees.fr

74

Démarches Simplifiées is a French government digital platform designed to facilitate online administrative procedures for citizens and public administration agents. It serves as a centralized service to submit and manage administrative files, significantly reducing processing times and improving user experience. The platform is backed by the Direction interministérielle du numérique (DINUM), ensuring strong governmental support and legitimacy. The website features professional design, clear navigation, and comprehensive content tailored to its target audience of general public users and government agents. Technically, the website employs modern web technologies including Ruby on Rails, StimulusJS, and Vite for asset management. It integrates privacy-respecting analytics via Matomo and error tracking through Sentry, reflecting a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices and performance characteristics. From a security perspective, the platform enforces HTTPS, uses CSRF tokens, and publishes a security policy and vulnerability disclosure guidelines. However, explicit security headers are not evident in the HTML content, and there is no visible cookie consent mechanism despite the presence of a cookie policy page. Incident response contact details are not explicitly provided. Overall, the security posture is strong but could be enhanced by adding recommended headers and improving privacy compliance mechanisms. The overall risk assessment is low, with high trust indicators stemming from government affiliation, open source transparency, and consistent branding. Strategic recommendations include implementing cookie consent banners, publishing incident response contacts, adding security headers, and considering a security.txt file to facilitate vulnerability reporting.

C

Office de Tourisme Cap d'Agde Méditerranée, Hérault, Occitanie

capdagde.com

57

The website www.capdagde.com serves as the official tourism office portal for the Cap d'Agde Mediterranean region in Hérault, Occitanie, France. It provides comprehensive information on local tourism services including accommodation, activities, events, and gastronomy, targeting tourists and visitors to the region. The site is built on WordPress and integrates Matomo analytics for visitor tracking. The technical infrastructure is modern with responsive design and good SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, which should be further investigated. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and clearer contact information to improve trust and security.

M

Mairie de Villeveyrac

villeveyrac.fr

54

The website www.villeveyrac.fr serves as the official digital presence of the Mairie de Villeveyrac, a local government entity in France. It provides residents and visitors with access to municipal news, upcoming events, public services, and citizen participation tools. The site is well-structured with multilingual support and integrates community-focused services such as urban planning, police municipal information, and youth services. The business model is centered on public service delivery and community engagement, positioning it as a key local government resource. Technically, the website employs modern web technologies including JavaScript frameworks, Matomo analytics for user tracking, and responsive design principles ensuring good mobile optimization. The site is built on the illiwap platform, which is specialized for municipal digital services. Performance is moderate with good SEO and accessibility basics, though some improvements could be made in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses secure input validation for phone numbers. However, it lacks explicit security headers, a cookie consent mechanism, and a vulnerability disclosure policy, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is not publicly available, likely due to privacy protection, which is common and justified for this type of entity. Overall, the website is trustworthy, professional, and serves its intended audience effectively. Strategic recommendations include enhancing privacy compliance with cookie consent, implementing security headers, and publishing a vulnerability disclosure policy to strengthen security posture and user trust.

The website www.ville-marseillan.fr serves as the official digital portal for the municipal government of Marseillan, France. It provides residents and visitors with access to municipal news, public service notifications, beach weather updates, and live webcam feeds. The site targets local citizens and tourists, offering essential government services and information. The business model is that of a government entity providing public information and services online. Technically, the site is built on WordPress CMS with a custom theme and uses modern web technologies including jQuery and Matomo for analytics. It incorporates accessibility features and multilingual support via Google Translate. The site is well-optimized for SEO and mobile devices, with good performance and structured data markup enhancing search visibility. From a security perspective, the site enforces HTTPS, includes standard security headers, and does not expose sensitive data. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. However, there is no explicit security policy or incident response information published, which could be improved. Overall, the website demonstrates a solid security posture and professional digital presence appropriate for a municipal government. The lack of WHOIS data is likely due to privacy protection, which is reasonable for this type of entity. Strategic recommendations include publishing a dedicated security policy, enhancing incident response transparency, and maintaining regular security audits to ensure ongoing protection.

V

Vacances Scolaires

vacances-scolaires.com

64

Vacances Scolaires is a specialized informational website dedicated to providing official French school holiday calendars for multiple years (2025-2027), covering metropolitan zones A, B, C, Corse, and overseas territories. The site targets parents, students, and educators seeking authoritative and up-to-date holiday schedules, offering downloadable PDFs and iCal files for easy integration into personal calendars. The business model relies primarily on advertising revenue and affiliate marketing partnerships. Technically, the site employs modern web technologies including Bootstrap 5, jQuery, FontAwesome, and Google Fonts, hosted on a reputable French hosting provider (o2switch). It integrates Google Adsense for monetization and Matomo for analytics, with a cookie consent mechanism ensuring GDPR compliance. Security posture is generally good with HTTPS enforced and basic protections, though minor backend PHP warnings and lack of explicit security headers suggest areas for improvement. The domain is newly registered in late 2023, consistent with the site's focus on future school years, and WHOIS data shows no suspicious patterns. Overall, the website is professional, trustworthy, and well-optimized for its niche audience.

A

AD Normandie

adnormandie.fr

47

AD Normandie is a regional economic development agency serving the Normandy region in France. The agency acts as a single point of contact for economic development and provides tailored support and aid to local businesses. The website reflects a professional government entity with a clear mission to assist companies in project formalization and implantation within Normandy. The digital infrastructure is built on a modern WordPress platform with SEO and analytics tools, indicating a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is trustworthy, well-branded, and compliant with GDPR requirements. No critical vulnerabilities or suspicious elements were detected.

D

Descartes Développement & Innovation

descartes-devinnov.com

45

Descartes Développement & Innovation (DDI) is a French organization focused on fostering innovation in sustainable urban development within the Paris-Est region. It operates as a technopole, providing information, promotion, networking, and project engineering services, alongside managing a fablab and an incubator. The website reflects a professional and modern digital presence built on WordPress with WooCommerce and Elementor, indicating a mature technical infrastructure. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though the absence of a public privacy policy and terms of service pages suggests room for compliance improvement. The lack of WHOIS data reduces domain trustworthiness, but the active social media presence and quality content support legitimacy. Overall, the site is well-positioned in its niche but should enhance transparency and compliance documentation.

C

CHI Créteil

chicreteil.fr

11

The Centre Hospitalier Intercommunal de Créteil (CHI Créteil) is a large public healthcare institution serving the Créteil region in France. The website provides comprehensive information about the hospital's services, specialties, patient resources, and professional opportunities. It is well-positioned as a regional healthcare provider with a strong focus on accessibility, patient care, and medical expertise. The site also highlights research and teaching activities, indicating an integrated healthcare and academic mission. Technically, the website is built on WordPress with modern web technologies including jQuery, Slick Carousel, and Google Fonts. It uses Matomo analytics configured with privacy by design, and a robust cookie consent mechanism via Tarteaucitron, reflecting a mature approach to privacy compliance. The site is mobile-optimized and accessible, with clear navigation and professional design. From a security perspective, the site enforces HTTPS and employs cookie consent controls. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly present and should be implemented to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted. Overall, the website is trustworthy, professional, and compliant with GDPR and cookie regulations. The lack of WHOIS data is typical for .fr domains and does not detract from legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular updates to plugins and CMS to mitigate vulnerabilities.

A

Assistance publique - Hôpitaux de Paris (AP-HP)

aphp.fr

66

Assistance publique - Hôpitaux de Paris (AP-HP) is the largest public healthcare institution in Europe, operating 38 hospitals and serving millions of patients annually. The website provides comprehensive information on patient care, research, education, and innovation, targeting patients, healthcare professionals, researchers, and partners. The digital infrastructure is built on Drupal CMS with modern web technologies, ensuring good performance, accessibility, and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response details are not publicly available. WHOIS data is missing, which is unusual but likely due to AFNIC policies or privacy protection, not indicating malicious intent. Overall, the website is professional, trustworthy, and compliant with GDPR.

Tourisme Hérault operates an official regional tourism website promoting the Hérault region in Southern France. The site offers rich multimedia content, multilingual support, and detailed information about natural and cultural attractions, targeting tourists and holidaymakers. The business model focuses on tourism promotion and visitor engagement through surveys, videos, and inspirational content. Technically, the website is built on WordPress with Elementor and integrates modern analytics and tracking tools such as Google Tag Manager and Matomo. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers are not detected and no explicit incident response contacts are provided. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, the site is trustworthy and well-maintained but would benefit from improved transparency in domain registration and contact information.

C

Chambres de Métiers et de l'Artisanat (CMA)

unmetierdeouf.fr

65

Un Métier de Ouf is a French educational platform launched in 2020, dedicated to promoting artisan trades such as mechanics, carpentry, cooking, and aesthetics. It targets young people and apprentices seeking career guidance in artisan professions. The website is affiliated with CMA France, a reputable organization supporting artisan trades. The platform offers video content and career resources to engage its audience and facilitate discovery of trades. Technically, the site is built using modern React and Next.js frameworks, hosted by OVH, and integrates analytics tools like Matomo, TikTok, and Facebook pixels. Privacy and cookie consent mechanisms are implemented, reflecting good compliance practices. Security posture is solid with HTTPS and no exposed vulnerabilities, though security headers and incident response policies could be improved. Overall, the site presents a professional, trustworthy, and user-friendly experience with clear branding and consistent content quality.

Aides-entreprises.fr is a French government-affiliated platform managed by CMA France, providing a comprehensive database of over 2400 public financial aids for businesses. The website serves as a key resource for French businesses seeking financial support, offering advanced search tools, newsletters, and a mobile application to enhance accessibility and user engagement. The platform is well-positioned as a trusted reference in the French business aid ecosystem, supported by numerous partnerships with governmental and regional agencies. Technically, the site leverages AngularJS and Ionic frameworks, integrates Google Maps API, and uses Matomo for analytics, indicating a modern and moderately performant infrastructure. Security practices include HTTPS enforcement and GDPR-compliant cookie consent, though some security headers could be improved. Overall, the site demonstrates a good security posture with no critical vulnerabilities detected. The domain's WHOIS data confirms a long-standing and consistent registration, reinforcing the platform's legitimacy. Strategic recommendations include enhancing security headers, publishing a formal security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

Smulders is a well-established multidisciplinary construction company specializing in the engineering, production, delivery, and assembly of heavy, technically complex steel structures, with a strong focus on offshore wind farm integration. Operating primarily in Belgium and neighboring countries, it serves industrial and energy sectors as a comprehensive EPC contractor. The company benefits from a large workforce and a reputable market position supported by its parent company, Eiffage. The website reflects a professional corporate identity with clear messaging and comprehensive service descriptions. Technically, the site uses modern web technologies including Google Tag Manager and Matomo Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some advanced security headers and explicit security policies are absent. Overall, the site is trustworthy, compliant with GDPR, and provides a positive user experience.

U

UPSA

upsa.com

47

UPSA is a well-established French pharmaceutical company founded in 1935, specializing in self-medication products, medical devices, and nutritional supplements. It operates one of the largest pharmaceutical industrial sites in Europe and holds a strong market position as the leading manufacturer of paracetamol-based medicines in France. The website reflects a mature digital presence with multilingual support, professional design, and comprehensive content targeting patients, pharmacists, and healthcare professionals. Technically, the site is built on WordPress with modern frameworks and analytics tools, optimized for performance and mobile devices. Security posture is strong with HTTPS, bot protection, and secure forms, though explicit security headers and incident response information could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. However, the WHOIS data is missing or privacy protected, which is unusual for a company of this stature and warrants further verification. Overall, UPSA's website demonstrates a high level of professionalism, trustworthiness, and digital maturity.

V

VdZ - Verband der Zoologischen Gärten e.V.

vdz-zoos.org

51

The Verband der Zoologischen Gärten (VdZ) is a reputable non-profit association representing 71 scientifically managed zoos across Germany, Austria, Switzerland, and Spain. The organization focuses on species conservation, animal welfare, education, scientific research, and advocacy. The website reflects a professional and consistent brand presence with comprehensive content targeting zoo visitors, conservationists, researchers, and policymakers. Technically, the site is built on TYPO3 CMS with modern frontend technologies and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements could be made by enabling DNSSEC and adding security headers. No critical vulnerabilities or suspicious patterns were detected. Overall, the domain registration data aligns well with the organization's profile, supporting legitimacy and trustworthiness.

K

Krajowy Integrator Płatności S.A.

tpay.com

70

Tpay is a well-established Polish payment service provider specializing in online payments and fast bank transfers, serving primarily e-commerce businesses in Poland. The company is legally registered as Krajowy Integrator Płatności S.A., founded in 2009, and operates with a strong market position supported by a partnership with Bank Pekao and PCI DSS level 1 certification. Their website reflects a mature digital presence with comprehensive service offerings including payment gateways, marketplace settlements, and integration modules for popular e-commerce platforms. Technically, the site uses modern analytics, tracking, and accessibility tools, hosted on OVH with Cloudflare DNS and CDN services, ensuring good performance and security. Security posture is strong with HTTPS, cookie consent, and bank-grade standards, though DNSSEC is not enabled and explicit security headers are not evident. Privacy compliance is basic but includes a cookie policy with consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

M

Mairie de LINDRY

mairie-lindry.fr

55

The website for Mairie de Lindry serves as the official digital presence for the local government of Lindry, France. It provides residents and visitors with municipal news, administrative information, community services, and practical resources. The site is well-structured and targets local citizens seeking information about municipal operations, family services, and community life. The business model is public service oriented, focusing on transparency and accessibility of local government information. Technically, the site is built using modern web technologies including React and Gatsby, ensuring a performant and responsive user experience. It integrates third-party tools such as Leaflet for maps and Matomo for analytics, alongside a robust cookie consent mechanism (tarteaucitron) that respects user privacy and GDPR compliance. Hosting and DNS infrastructure appear stable and professional, with no signs of technical debt or outdated components. From a security perspective, the site enforces HTTPS and respects Do Not Track signals, with cookie consent implemented in high privacy mode. However, it lacks explicit security headers and a published security policy or incident response contact, which are recommended for enhanced security posture. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively serves its purpose as a municipal information portal with good technical and security hygiene. Strategic improvements could focus on enhancing security headers, publishing security policies, and expanding transparency around incident response.

C

Commune d'Escolives-Sainte-Camille

escolivesstecamille.fr

58

The website escolivesstecamille.fr serves as the official digital presence of the commune of Escolives-Sainte-Camille, a small municipality in France. It provides comprehensive information about local governance, cultural heritage, community services, and tourism. The site targets residents and visitors, offering event updates, municipal contacts, and historical insights. The business model is typical of a local government entity focused on public service and community engagement. Technically, the site is built using modern web technologies including React and Gatsby, ensuring fast performance and good mobile optimization. It integrates privacy-respecting analytics (Matomo) and a robust cookie consent mechanism (Tarteaucitron) aligned with GDPR requirements. The site is hosted with secure HTTPS and uses reputable DNS providers. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent with high privacy settings. However, it lacks explicit published security policies, incident response contacts, and vulnerability disclosure information, which are recommended for enhanced transparency and trust. Overall, escolivesstecamille.fr is a well-maintained, trustworthy municipal website with strong content quality and technical implementation. Strategic improvements in security documentation and incident response readiness would further strengthen its posture.

C

Commune d'Escamps

escamps.fr

55

The website escamps.fr serves as the official digital presence for the Commune d'Escamps, a small local government entity in France. It provides residents and visitors with comprehensive information about municipal services, local news, events, community associations, and tourism. The site is well-positioned as a trusted source for local administrative and community information, targeting residents and stakeholders within the commune. Technically, the site is built using modern web technologies including React and Gatsby, ensuring good performance, mobile optimization, and accessibility. Privacy is respected through the use of a cookie consent mechanism and Matomo analytics configured for high privacy. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and fulfills its role effectively as a municipal information portal.

M

Mairie de Charbuy

charbuy.fr

61

The website charbuy.fr serves as the official digital presence of the Mairie de Charbuy, a small municipal government entity in France. It provides comprehensive information about local governance, community services, educational institutions, associative life, and administrative procedures. The site targets residents and visitors seeking municipal information and services. Technically, the site is built on a modern React/Gatsby framework, hosted by Scaleway, and incorporates privacy-conscious tools such as Matomo analytics and tarteaucitron for cookie consent. The website demonstrates good mobile optimization, accessibility, and SEO practices. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and published incident response policies. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, reflecting a mature digital infrastructure for a local government entity.

O

Otipass

otipass.com

57

Otipass is a French company specializing in the digitization of territorial and cultural passes, including tourist and multiservice passes. The company positions itself as a market leader in France with a strong presence in public procurement catalogs and a network of city clients. The website is built on Joomla CMS using modern frameworks and includes integrations with analytics and marketing tools such as Matomo and Google Tag Manager. Security posture is good with HTTPS and cookie consent mechanisms, though explicit privacy policies and terms of service are not clearly found. WHOIS data is missing, which raises concerns about domain registration legitimacy, but the website content and client testimonials support a credible business presence. Overall, the site is professional, well-branded, and targets local governments and tourism sectors.

O

Oprodent s.r.o.

oprodent.sk

48

Oprodent s.r.o. is a Slovak-based company specializing in providing professional e-learning courses focused on radiation protection for dental practitioners. The company offers two main courses: a basic 16-hour training and an 8-hour update training, both compliant with Slovak radiation protection legislation. Their market position is niche, targeting dental professionals who require mandatory certification for ionizing radiation use. The website reflects a small but professional business with clear branding and transparent contact and business information. Technically, the website employs a modern but straightforward technology stack including jQuery, Google reCAPTCHA v3 for bot protection, and Matomo for analytics, hosted on Websupport infrastructure. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with no critical technical debt observed. From a security perspective, the site uses HTTPS with DNSSEC enabled, integrates reCAPTCHA for form security, and implements cookie consent mechanisms aligned with GDPR. However, it lacks explicit security headers and a public vulnerability disclosure policy. No critical vulnerabilities or security incidents are evident, but improvements in security headers and incident response transparency are recommended. Overall, the website is trustworthy, professionally maintained, and compliant with relevant privacy regulations. The risk profile is low, with recommendations focusing on enhancing security headers and formalizing incident response channels to further strengthen the security posture.

E

EUROSTYLE, spol. s r.o.

footwork.sk

61

FootWork, operated by EUROSTYLE, spol. s r.o., is a well-established Slovak retail footwear business founded in 1993. The company offers a broad range of footwear, leather goods, hosiery, and care products from both Slovak and international brands. It operates multiple physical stores in Bratislava and Pezinok and maintains an e-commerce platform to serve a wider audience. The website is professionally designed with clear navigation and mobile optimization, supporting a positive user experience. The business targets general consumers seeking quality footwear at competitive prices.

R

Rtone

rtone.fr

61

Rtone is a French product development studio specializing in end-to-end product lifecycle services, from conception to development and management. The company targets businesses and product developers seeking specialized product development expertise. The website is built on WordPress and employs modern digital tools such as Cookiebot for consent management, Matomo and Hotjar for analytics, and Google Tag Manager for marketing integration. The domain is mature, registered since 2007 with OVH, indicating a stable business presence. Technically, the site uses a standard WordPress CMS with Yoast SEO for optimization and includes several third-party scripts for analytics and marketing. Performance is moderate with good mobile optimization and basic accessibility features. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers are not explicitly detected and could be improved. From a security and compliance perspective, the site lacks explicit privacy policy and terms of service pages, and no direct contact information is found on the homepage, which slightly reduces privacy compliance and business credibility scores. No WAF or blocking mechanisms are detected, and no suspicious WHOIS patterns are present, supporting the legitimacy of the domain and business. Overall, Rtone presents a professional and trustworthy online presence with room for improvement in transparency and security best practices. Strategic enhancements in published policies and security headers would strengthen compliance and trust.

L

La C'ART

lacart.fr

44

La C'ART is a cultural subscription service offering access to 15 museums and art centers in the Lille metropolitan area, targeting residents and visitors interested in arts and culture. The website is well-branded, professionally designed, and provides comprehensive information about the pass, events, and partner institutions. Technically, the site uses modern web technologies including Bootstrap, jQuery, and integrates analytics tools like Matomo and Facebook Pixel. It is mobile-optimized and includes accessibility features, although some security headers could be improved. The security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but lacks explicit security policies or vulnerability disclosure information. WHOIS data is missing, which reduces domain trust from a registration perspective, but the website content and external references indicate legitimacy. Overall, the site is a reliable and professional platform for cultural engagement in Lille.

U

Université de Technologie Belfort-Montbéliard

utbm.fr

56

Université de Technologie Belfort-Montbéliard (UTBM) is a recognized French public higher education institution specializing in engineering, master, and doctoral programs. It maintains accreditations such as CTI and the EUR-ACE label, emphasizing quality education and research. The website targets students, researchers, companies, and alumni, offering comprehensive academic and continuing education services. The institution has a solid market position within the French and international education sectors, supported by active social media presence and international partnerships. Technically, the website is built on WordPress with modern plugins and frameworks including Bootstrap, jQuery, and WPBakery. It employs GDPR-compliant cookie consent mechanisms and supports multilingual content via Weglot. Performance and mobile optimization are good, with accessibility features implemented. Analytics are primarily handled via Matomo, with Google Analytics configured but inactive. Security posture is good with HTTPS enforced and no exposed sensitive data. However, the absence of a published security policy and incident response contacts is a gap. The WHOIS data is unavailable, which slightly reduces trustworthiness but is mitigated by the institution's established reputation and accreditation. Overall, UTBM's website is professional, secure, and compliant, serving its educational mission effectively. Strategic improvements include publishing security policies and incident response information to enhance transparency and trust.

U

Université Bourgogne-Franche-Comté

ubfc.fr

43

Université Bourgogne-Franche-Comté (UBFC) is a prominent French higher education and research consortium offering a broad range of academic programs, research initiatives, and graduate schools. The institution targets students, researchers, academic staff, and enterprises, positioning itself as a key player in national education and research. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on WordPress with Elementor and integrates modern analytics and marketing tools such as Matomo and Facebook Pixel. Security posture is strong with HTTPS and reCAPTCHA, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, supporting trust and regulatory adherence. Overall, UBFC's website demonstrates professionalism, credibility, and a solid digital infrastructure.

P

PanneauPocket

panneaupocket.com

52

PanneauPocket is a French-based company providing a leading mobile application designed for local governments such as municipalities and intercommunal entities (EPCI) to communicate real-time information and alerts to residents. Established in 2017, the company has positioned itself as the number one mobile alert and information app in France, serving over 13,500 local entities including gendarmeries and covering approximately 8 million residents. Their key services include push notifications, RSS feeds, legal postings, directories, and event calendars, all aimed at enhancing local communication efficiency and citizen engagement. Technically, the website is built on WordPress with Elementor and leverages modern web technologies including Bootstrap, jQuery, and various JavaScript libraries for UI and analytics. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. Analytics tools such as Matomo and Microsoft Clarity are used for user behavior tracking, complemented by Google reCAPTCHA for form security. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers like Content-Security-Policy and X-Frame-Options which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected. The WHOIS data for the domain is unavailable, which slightly reduces trust but is mitigated by strong business signals such as media coverage, partnerships with official organizations, and transparent contact information. Overall, PanneauPocket presents a professional, trustworthy, and well-maintained digital presence with a strong market position in the French local government communication sector. Strategic improvements in security headers and publishing a dedicated security policy would further enhance their security posture and trustworthiness.

H

Haute-Garonne Ingénierie - Agence Technique Départementale (HGI-ATD)

atd31.fr

62

Haute-Garonne Ingénierie - Agence Technique Départementale (HGI-ATD) is a regional government technical agency serving the Haute-Garonne department in France. The organization provides a range of services including technical engineering support, legal and financial advisory, training for local elected officials, and information dissemination. The website targets local government officials and public sector entities, positioning itself as a trusted regional partner. The business model is public service oriented, focusing on supporting territorial communities with expertise and resources. Technically, the website is built on the Ametys CMS platform and employs modern JavaScript libraries such as jQuery and Slick Carousel. It uses Matomo analytics configured for privacy by design and implements a comprehensive cookie consent mechanism via tarteaucitron.js. The site is mobile optimized and demonstrates good SEO and accessibility practices, although some improvements in accessibility could be made. From a security perspective, the website enforces HTTPS and uses privacy-respecting analytics. However, it lacks visible security headers and does not publicly provide a dedicated security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is not publicly available due to AFNIC policies, but the domain and website content appear legitimate and consistent with a government entity. Overall, the website presents a professional and trustworthy digital presence for a regional government agency. Strategic recommendations include publishing a security policy, adding security headers, and providing incident response information to enhance transparency and security posture.

V

Ville d'Auxerre

auxerre.fr

59

The website auxerre.fr serves as the official digital portal for the city of Auxerre, France, providing residents and visitors with comprehensive access to administrative procedures, local news, cultural events, and public services. It positions itself as a trusted municipal resource with a clear focus on community engagement and information dissemination. The site is well-structured, featuring clear navigation menus and a responsive design suitable for desktop and mobile users. Technically, the site leverages established technologies such as jQuery and Matomo analytics, hosted by OVH, a reputable provider. The presence of a cookie consent mechanism and use of privacy-conscious analytics indicate a commitment to user privacy. However, the site lacks visible advanced security headers and formal security policies, which could be enhanced to improve its security posture. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. No signs of WAF blocking or security challenges were detected, allowing full content accessibility. The domain registration data aligns well with the website's official municipal nature, reinforcing its legitimacy. Overall, the site demonstrates a solid foundation in content quality, technical implementation, and business credibility, with room for improvement in security policy transparency and header implementation.

V

Ville de Lille

lille.fr

58

The website www.lille.fr is the official digital presence of the Ville de Lille, the municipal government of Lille, France. It serves as a comprehensive portal for residents, visitors, and professionals to access city news, cultural events, administrative services, and citizen participation resources. The site is well-branded with consistent official imagery and provides extensive content relevant to its audience. Technically, the site uses standard web technologies including jQuery 1.11.0, Matomo analytics, and Facebook Pixel for tracking. While the site is mobile-optimized and offers good user experience, the use of an outdated jQuery version presents a security risk that should be addressed. Security headers are not visibly implemented, and WHOIS data is not publicly available due to AFNIC policies for .fr domains, which is typical but reduces transparency. Privacy compliance is strong with a clear cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site is trustworthy and professional, serving its public sector role effectively.

M

Mulhouse

mulhouse.fr

58

Mulhouse.fr is the official municipal website of the city of Mulhouse, France, providing comprehensive information and services to residents and visitors. The site covers a wide range of topics including employment, municipal administration, urban development projects, culture, education, health, and social services. It serves as a central hub for local government communication and citizen engagement, featuring news, interactive maps, and access to various public resources. Technically, the website is built on WordPress CMS with a modern tech stack including Bootstrap for responsive design, jQuery, Swiper.js for interactive elements, and Matomo Analytics configured with privacy by design principles. The site demonstrates good mobile optimization, accessibility, and SEO practices, supported by Yoast SEO plugin and structured data in JSON-LD format. From a security perspective, the site enforces HTTPS and uses a cookie consent management tool (tarteaucitron) to comply with privacy regulations. However, no explicit security headers were detected, and there is no visible security policy or incident response information published. The WHOIS data is unavailable, likely due to registry restrictions or privacy protection, which limits domain registration trust verification but does not detract from the site's legitimacy given its official nature. Overall, Mulhouse.fr presents a professional, trustworthy, and user-friendly platform for municipal services and information. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen security posture and transparency.

C

Communauté de communes du Haut-Poitou

cc-hautpoitou.fr

48

The website cc-hautpoitou.fr represents the Communauté de communes du Haut-Poitou, a French local government entity established in 2017 serving 27 communes. The site provides information on community services including youth, social services, culture, sports, economy, and territorial planning. It targets residents and stakeholders of the Haut-Poitou region and operates as a public intercommunal cooperation body. The website is built on WordPress using the Enfold theme and several plugins such as Contact Form 7 and Matomo analytics, indicating a moderate level of digital maturity. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers could improve protection. No critical vulnerabilities or suspicious content were detected. Privacy compliance is strong with a comprehensive privacy policy and GDPR-aligned cookie consent. Overall, the site is trustworthy and professionally maintained, reflecting the legitimacy of the public institution it represents.