Security Directory

C

Communauté d'Agglomération Pays Basque

communaute-paysbasque.fr

63

The website www.communaute-paysbasque.fr serves as the official portal for the Communauté d'Agglomération Pays Basque, a regional government entity in France. It provides comprehensive information and services related to public utilities, environmental initiatives, transport, waste management, housing, agriculture, culture, and social services tailored for residents, businesses, and associations within the Pays Basque region. The site is multilingual, primarily in French, with Basque and Gascon language options, reflecting the local cultural context. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including jQuery, Matomo analytics with privacy by design, and a robust cookie consent mechanism via tarteaucitron.js. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience. Performance is moderate, with room for optimization. From a security standpoint, the site enforces HTTPS and uses privacy-focused analytics. However, explicit security headers are not clearly detected, and no public security policy or incident response contacts are provided. The absence of WHOIS registration data for the domain reduces trust from a domain legitimacy perspective, though the content and domain suffix strongly indicate a legitimate government site. Overall, the website is professional, trustworthy, and privacy-conscious, serving its public sector mission effectively. Strategic improvements in transparency around security policies, incident response, and domain registration details would enhance trust and compliance further.

M

Métropole Rouen Normandie

metropole-rouen-normandie.fr

60

Métropole Rouen Normandie operates as the official metropolitan government entity for the Rouen Normandie region in France, providing citizens and professionals with comprehensive information on local governance, public services, administrative procedures, news, and events. The website serves as a central hub for community engagement, business support, and access to metropolitan resources. It holds a strong market position as the authoritative source for metropolitan information and services. Technically, the website is built on Drupal 11, leveraging modern web technologies such as Bootstrap for responsive design and Matomo for privacy-focused analytics. The site demonstrates good digital maturity with mobile optimization, accessibility features, and a cookie consent mechanism compliant with GDPR requirements. Performance is moderate, with lazy loading implemented for images to enhance user experience. From a security perspective, the site enforces HTTPS and employs privacy-conscious analytics. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response contact suggests room for improvement in transparency and readiness. WHOIS data is unavailable, which limits domain registration trust verification, but the website's official nature and consistent branding mitigate concerns. Overall, the site presents a professional, trustworthy, and user-friendly platform that effectively serves its governmental role. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen security posture and stakeholder trust.

V

Ville de Saint-Germain-en-Laye

saintgermainenlaye.fr

73

The website www.saintgermainenlaye.fr is the official municipal portal for the city of Saint-Germain-en-Laye, France. It serves as a comprehensive information hub for residents and visitors, offering news, event agendas, e-services, urban planning details, and contact resources. The site is well-branded with official logos and consistent messaging, targeting local citizens and stakeholders. The business model is that of a government entity providing public services and digital access to municipal resources. Technically, the site is built on TYPO3 CMS with Bootstrap framework, incorporating modern web technologies such as Matomo analytics for privacy-respecting tracking and Facil-iti for accessibility enhancements. The site is mobile-optimized and includes SEO and accessibility best practices, though some security headers are not explicitly detected. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR. No critical vulnerabilities or exposed sensitive data were found. However, the absence of explicit security policies or incident response contacts is noted. The WHOIS data is unavailable, which slightly reduces trust signals but is mitigated by the official nature and content quality of the site. Overall, the site presents a low-risk profile with strong content quality and good technical implementation. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to sustain trust and compliance.

G

Grand Poitiers Communauté urbaine

grandpoitiers.fr

63

Grand Poitiers Communauté urbaine operates as the official urban community government portal for the Grand Poitiers area in France. The website provides comprehensive information and services related to administrative procedures, waste management, transport, culture, sports, urban planning, employment, and environmental initiatives. It targets residents, local businesses, and visitors, positioning itself as a key public service provider in the region. The business model is focused on public service delivery and community engagement rather than commercial revenue generation. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs modern web technologies including jQuery, Parsley.js for form validation, and tarteaucitron.js for cookie consent management. The site uses Matomo analytics configured to respect Do Not Track settings, reflecting a privacy-conscious approach. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, but lacks visible security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS data limits domain registration trust analysis, but the domain is managed by AFNIC, the French registry, supporting legitimacy. Overall, the website demonstrates a strong commitment to privacy and user experience, with room for improvement in security policy transparency and contact information availability. The risk profile is low, with no indications of malicious activity or content safety concerns.

R

Resallience

resallience.com

70

Resallience is a specialized consulting and engineering firm focused on climate change adaptation and resilience, operating as part of the VINCI group. The company offers innovative technical solutions, integrated engineering, and economic models tailored to climate challenges, serving a diverse international client base including public institutions, finance, infrastructure operators, and industrial sectors. Their market position is strong within the climate adaptation niche, with over 100 projects across more than 90 countries since 2019. Technically, the website is built on WordPress with modern SEO and performance optimizations, including cookie consent management and analytics tools. Security posture is good with HTTPS and privacy compliance, though explicit security policies and incident response contacts are absent. The domain WHOIS data is missing, which raises transparency concerns but the website content and branding strongly indicate legitimacy. Overall, the site is professional, well-structured, and trustworthy, with room for improvement in security disclosures and domain registration transparency.

S

Setec

setec.fr

62

Setec is a French multidisciplinary engineering group specializing in complex and innovative construction projects worldwide. The company targets professional clients in sectors such as energy, transport, and telecommunications. Their website reflects a mature digital presence built on WordPress, enhanced with SEO tools and privacy-conscious analytics via Matomo. The site is well-structured, mobile-optimized, and includes a cookie consent mechanism, demonstrating compliance with privacy regulations. However, explicit privacy policy and terms of service pages were not detected in the provided content, which could be improved for better compliance and transparency. The absence of WHOIS data limits domain trust assessment, but the professional presentation and content quality support the company's legitimacy.

C

Conseil départemental de l'Orne

orne.fr

63

The Conseil départemental de l'Orne operates as the official government body for the Orne department in Normandy, France. The website serves as a comprehensive portal for residents and stakeholders, offering news, public services, administrative procedures, and cultural information. It holds a strong market position as the authoritative source for regional government information and services. The digital infrastructure is built on Drupal 10, integrating modern web technologies and privacy-conscious analytics (Matomo). The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital presence. Security measures include HTTPS enforcement, reCAPTCHA v3 on forms, and cookie consent management, though some security headers could be improved. The absence of WHOIS data is a notable anomaly but is likely due to AFNIC policies or privacy protections. Overall, the site is trustworthy, professional, and safe for general audiences.

V

Ville d'Argentan

argentan.fr

10

The website argentan.fr serves as the official digital presence for the city of Argentan, France, providing municipal information, citizen services, event updates, and tourism resources. It targets residents and visitors, positioning itself as a trusted government portal with a medium-sized operational scope. The site leverages a modern WordPress CMS infrastructure with popular plugins and frameworks such as Elementor, Bootstrap, and Leaflet.js, indicating a mature and maintainable technical foundation. Security measures include HTTPS enforcement, Google reCAPTCHA integration, and GDPR-compliant cookie consent management, though there is room for improvement in implementing comprehensive security headers. Overall, the site demonstrates a good balance of usability, compliance, and security for a government entity.

P

Portobello Communication

portobello-communication.fr

62

Portobello Communication is a small, established communication agency based in Laval, Mayenne, France, operating since 2009. The company offers a broad range of marketing and communication services including brand strategy, web design, video production, graphic design, and social media marketing. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site runs on WordPress with modern plugins such as Yoast SEO and WP Rocket, and integrates Matomo for analytics, indicating a focus on performance and privacy. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response information are absent. Overall, the site is trustworthy and well-positioned in its local market segment.

M

Mairie de Mérenvielle

mairie-merenvielle.fr

54

The website www.mairie-merenvielle.fr serves as the official online presence for the municipal government of Mérenvielle, France. It provides residents and visitors with comprehensive information about local government services, administrative procedures, urban planning, community events, and contact options. The site targets local citizens and stakeholders interested in municipal affairs and community engagement. The business model is public service-oriented, focusing on information dissemination and citizen interaction. Technically, the site is built on the Ametys CMS platform, leveraging modern web technologies such as Bootstrap, jQuery, and FontAwesome. It incorporates GDPR-compliant cookie consent mechanisms via tarteaucitron and uses Matomo for privacy-focused analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers could be improved. From a security perspective, the site enforces HTTPS and uses CAPTCHA on forms to mitigate spam. However, it lacks some advanced HTTP security headers like CSP and X-Frame-Options, which could enhance protection against common web attacks. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the official contact information and content quality support its authenticity. Overall, the website presents a trustworthy and professional municipal portal with solid privacy compliance and user experience. Strategic improvements in security headers and domain registration transparency would further strengthen its security posture and trustworthiness.

M

Mairie de Lasserre-Pradère

mairie-lasserrepradere.fr

49

The website www.mairie-lasserrepradere.fr serves as the official online presence for the municipal government of Lasserre-Pradère, France. It provides residents and visitors with comprehensive information about local administration, community services, urban planning, social programs, and municipal news. The site targets local citizens and stakeholders, offering essential public service information and facilitating administrative procedures. The business model is centered on public service and community engagement, positioning the site as a trusted local government resource. Technically, the website is built on the Ametys CMS platform, utilizing jQuery and the tarteaucitron cookie consent framework to ensure GDPR compliance. It integrates Matomo analytics configured for privacy by design, reflecting a mature approach to user data protection. The site is mobile-optimized, accessible, and well-structured, with good SEO practices and clear navigation. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. However, no explicit security headers were detected in the provided data, suggesting room for improvement in hardening the site against common web threats. No vulnerabilities or exposed sensitive data were found. The absence of WHOIS data indicates privacy protection for the domain registration, which is appropriate for a municipal website. Overall, the website demonstrates a solid security posture, good privacy compliance, and professional presentation. It is a reliable and trustworthy source of municipal information with minimal risk exposure. Strategic recommendations include enhancing security headers, adding incident response information, and maintaining regular CMS updates to sustain security and compliance.

M

Mairie de Léguevin

ville-leguevin.fr

51

The website www.ville-leguevin.fr serves as the official online presence for the municipal government of Léguevin, France. It provides residents and visitors with access to local government information, administrative services, cultural activities, and community engagement resources. The site is positioned as a trusted source for municipal news and services, targeting local citizens and stakeholders. Technically, the site is built on WordPress, leveraging modern plugins such as Yoast SEO for search optimization and Matomo for privacy-conscious analytics. The site demonstrates good mobile responsiveness, accessibility, and user experience, with a clear navigation structure and professional design. Security-wise, the site uses HTTPS and implements a cookie consent mechanism with granular user control, but lacks some advanced security headers and a published security or privacy policy. The absence of WHOIS data is a notable anomaly, potentially indicating a recent registration or a WHOIS server issue, which slightly impacts trust. Overall, the site is functional, professional, and safe for general audiences, with room for improvement in privacy transparency and security hardening.

M

Mairie de La Salvetat Saint-Gilles

lasalvetat31.fr

58

The website www.lasalvetat31.fr serves as the official digital presence of the municipal government of La Salvetat Saint-Gilles, France. It provides residents and visitors with comprehensive local information, including news, administrative procedures, municipal services, cultural events, and social support resources. The site targets local citizens and stakeholders, positioning itself as a key communication channel for the municipality. The business model is typical of government entities, focusing on public service rather than commercial revenue. Technically, the website is built on WordPress, leveraging popular plugins such as Yoast SEO for search optimization and Matomo for privacy-conscious analytics. The site demonstrates good mobile responsiveness, accessibility features, and SEO practices. Performance is moderate, with caching and lazy loading implemented via WP Rocket. Cookie consent is managed through Tarteaucitron, ensuring compliance with European privacy regulations. From a security perspective, the site enforces HTTPS and employs privacy-friendly analytics that do not set cookies by default. However, the absence of explicit security headers and lack of published privacy policy or terms of service pages represent areas for improvement. The WHOIS data for the domain is unavailable, which is unusual for an official municipal domain and slightly reduces trustworthiness. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website is a well-structured, professional municipal portal with a strong focus on user experience and privacy. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and resolving WHOIS data inconsistencies to improve trust and compliance.

V

Ville de Plaisance du Touch

plaisancedutouch.fr

59

The website www.plaisancedutouch.fr serves as the official digital presence of the municipal government of Plaisance du Touch, France. It provides residents and visitors with comprehensive information about local governance, public services, community news, and administrative procedures. The site targets local citizens and stakeholders, offering a user-friendly platform to access municipal resources and engage with the community. The business model is centered on public service delivery and community engagement, positioning itself as a trusted local government authority. Technically, the website is built on the WordPress CMS platform, leveraging popular plugins such as Yoast SEO for search optimization and Matomo for privacy-respecting analytics. The infrastructure includes modern JavaScript libraries and frameworks like jQuery and Bootstrap, ensuring responsive design and accessibility. The site demonstrates good mobile optimization and accessibility features, enhancing user experience across devices. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism compliant with GDPR principles. While some advanced security headers are not explicitly detected, the overall security posture is solid with no evident vulnerabilities or exposed sensitive data. The absence of WHOIS data slightly reduces domain transparency but does not detract significantly from the site's legitimacy given its official nature. Overall, the site presents a professional, trustworthy, and well-maintained digital platform for municipal services. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving WHOIS transparency to further strengthen trust and compliance.

A

Audiotec

audiotec.fr

49

Audiotec is a well-established French company specializing in audiovisual equipment rental, sales, integration, and event services. Founded in 1988, it has a strong market position as a leading supplier for both professionals and individuals in France. The company offers a comprehensive range of services including sound, video, lighting, and stage structure solutions, supported by a competent technical team and a dedicated design office. Their website reflects a professional and consistent brand image with clear service offerings and customer engagement channels. Technically, the website is built on WordPress with WooCommerce and uses modern technologies such as Google Tag Manager, Matomo, Microsoft Clarity, and reCAPTCHA for analytics and security. Hosting is provided by PLANETHOSTER, a reputable provider. The site is mobile-optimized, accessible, and SEO-friendly, ensuring good user experience and discoverability. From a security perspective, the site enforces HTTPS, uses secure login forms with nonce tokens, and integrates reCAPTCHA v3 to mitigate automated abuse. However, it lacks explicit security headers and a dedicated security policy or incident response page. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Audiotec's digital presence is robust, trustworthy, and professionally managed. The domain registration data aligns with the business history, reinforcing legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and security posture.

P

Pesticide Action Network Europe (PAN Europe)

pan-europe.info

50

Pesticide Action Network Europe (PAN Europe) is a well-established non-profit organization dedicated to pesticide regulation advocacy, environmental protection, and public health in Europe. Their website reflects a professional and consistent brand focused on campaigns, legal actions, and policy influence related to pesticides. The organization targets policymakers, NGOs, researchers, and the general public interested in sustainable agriculture and environmental health. The business model is primarily grant and donation funded, with a medium-sized operational scale based in Belgium. Technically, the website is built on Drupal 7 with Bootstrap and jQuery frameworks, integrating Matomo and Google Tag Manager for analytics. The site is mobile optimized and has good SEO and accessibility basics, though some modernization is advisable due to the aging CMS version. Performance is moderate, and the site uses HTTPS with no visible security headers, indicating room for security improvements. Security posture is generally good with HTTPS and secure forms, but the absence of security headers and lack of published security policies or incident response information are gaps. WHOIS data is unavailable or blocked, which reduces domain registration trustworthiness, though the website content and EU funding acknowledgments support legitimacy. Privacy compliance is partial, with a comprehensive privacy policy but no cookie consent mechanism detected. Overall, the website is trustworthy and professional but would benefit from technical updates, enhanced security practices, and improved privacy compliance to strengthen its digital maturity and risk posture.

H

Huwise

opendatasoft.com

61

Huwise is a technology company specializing in providing a SaaS data product marketplace solution designed to centralize, govern, and distribute data assets for business teams, IT leaders, and data professionals. The company positions itself as a leading solution in the data product marketplace space, with recognition from Gartner and a strong customer base of over 350 clients across sectors such as energy, transport, banking, and government. Their platform offers a comprehensive suite of features including AI-enhanced search, metadata management, data lineage, and integration capabilities, aimed at accelerating data consumption and AI project success. Technically, the website is built on a modern WordPress CMS with Bootstrap 5, jQuery, and various JavaScript libraries for enhanced user experience and performance. The site is mobile-optimized, SEO-friendly, and integrates analytics via Matomo and marketing tools like Google Tag Manager. Privacy and cookie policies are well implemented with GDPR compliance, supported by a consent mechanism via Axeptio. From a security perspective, the site enforces HTTPS and uses cookie consent tools, but lacks visible HTTP security headers and a published security.txt file. No direct contact emails or phone numbers are publicly listed, which may limit immediate contact options. The absence of WHOIS data for the domain is a notable anomaly that reduces trustworthiness, although the professional website and customer testimonials provide mitigating trust signals. Overall, Huwise demonstrates a mature digital presence with strong business credibility and technical implementation. However, improvements in security header implementation, incident response transparency, and WHOIS registration clarity are recommended to enhance trust and compliance.

T

tolk.ai - Generative AI powered Chatbot and Livechat solutions

tolk.ai

65

tolk.ai is a French technology company specializing in generative AI-powered chatbots and livechat solutions for customer relations. Their platform offers no-code deployment, integration with various web services, and analytics capabilities to enhance customer experience and operational efficiency. The company targets businesses seeking advanced AI automation for pre- and post-sales customer support. The website demonstrates a professional digital presence with good SEO, structured data, and moderate use of analytics and marketing tools. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and cookie consent mechanisms are absent. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is justified for this business type. Overall, tolk.ai presents as a credible and modern SaaS provider in the AI customer service space.

L

La Salamandre

salamandre.net

61

La Salamandre is an independent, non-profit French media publisher dedicated to nature education and appreciation. They produce three nature magazines targeting different age groups, alongside rich digital content including articles, podcasts, videos, and educational activities. Their market position is strong within the French-speaking nature enthusiast community, with a clear focus on family and educational content. Technically, the website is built on WordPress with modern libraries and frameworks, optimized for mobile and SEO, and integrates privacy-compliant analytics and consent management. Security posture is good with HTTPS and secure login mechanisms, though some HTTP security headers could be improved. Overall, the site is professional, trustworthy, and content-rich, supporting a sustainable business model based on subscriptions and product sales.

Č

Česko-německý fond budoucnosti

fondbudoucnosti.cz

35

Česko-německý fond budoucnosti is a well-established non-profit organization dedicated to fostering Czech-German relations through project funding and cultural initiatives. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. The organization targets individuals and groups involved in Czech-German cooperation, providing support and promoting mutual understanding. Technically, the site is built on WordPress with modern plugins and analytics tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. The absence of WHOIS data limits domain trust analysis but the overall professional presentation and social media presence support legitimacy.

L

La Salamandre

salamandre.org

60

La Salamandre is an independent, non-profit media publisher dedicated to fostering a love of nature through its three nature magazines targeted at different age groups, educational content, books, films, podcasts, and videos. The organization positions itself as a niche leader in nature education and environmental awareness in France, with a strong focus on family and children audiences. The website reflects a mature, well-branded, and content-rich platform with consistent messaging and trust signals such as eco-responsible printing and environmental projects. Technically, the site is built on WordPress with a modern tech stack including Bootstrap and jQuery, and employs privacy-conscious analytics (Matomo) and cookie consent management (Cookiebot). Security posture is good with HTTPS enforced, though additional security headers could improve defenses. Privacy compliance is strong with clear policies and consent mechanisms. No WHOIS data was retrievable, likely due to privacy protection, which is justified for this type of organization. Overall, the site is professional, trustworthy, and well-optimized for its audience.

C

CMA France

cma-france.fr

56

Artisanat.fr is the official portal for the Chambres de Métiers et de l'Artisanat (CMA) in France, providing comprehensive information on artisan métiers, training, news, and personalized support services. The site serves a broad audience including artisans, apprentices, and entrepreneurs interested in the artisan sector. It is positioned as a trusted government-related resource with a large network presence across France. Technically, the site is built on Drupal 10 with modern analytics and marketing integrations, demonstrating a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers could be improved. The absence of WHOIS data is noted but does not detract from the site's legitimacy given its official nature. Overall, the site is professional, accessible, and privacy-conscious, supporting the artisan community effectively.

V

Ville de Rungis

rungis.fr

60

The website rungis.fr is the official online presence of the Ville de Rungis, a municipal government entity in France. It provides comprehensive information about local government services, news, events, and administrative procedures targeted primarily at residents and visitors. The site is well-structured, professionally designed, and offers multilingual support with a focus on French. It integrates modern web technologies including Drupal CMS and Matomo analytics for visitor tracking. Privacy and cookie policies are clearly presented with GDPR compliance mechanisms in place. Technically, the site is built on a robust Drupal platform with responsive design and accessibility features, ensuring good performance and user experience across devices. Security posture is solid with HTTPS enforced and domain registration consistent with the official nature of the site. However, explicit security headers and incident response information are not prominently available, representing an area for improvement. Overall, rungis.fr demonstrates a mature digital infrastructure suitable for a government website, with strong business credibility and trust indicators. The site is safe for general audiences, free from adult or questionable content, and maintains transparency through social media and contact information. Strategic recommendations include enhancing security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and compliance.

E

Engerio

engerio.sk

48

Engerio is a Slovak-based advertising platform specializing in native advertising formats across top Slovak media websites. Founded in 2020, it offers innovative ad formats such as pre-click ads, carousel ads, and video ads, targeting advertisers seeking quality traffic from over 120 Slovak media sources. The platform positions itself as the second largest reach in Slovak internet advertising, providing campaign performance analytics and a managed service model where clients submit links and Engerio handles campaign setup and optimization. Technically, the website is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and analytics tools like Matomo and Google Tag Manager. The site is well-optimized for mobile and offers a professional user experience with clear navigation and rich content including client testimonials and partner logos. Security-wise, the site uses HTTPS and has a good SSL configuration but lacks explicit security headers and visible privacy or cookie policies, which are compliance gaps. No direct contact emails or phone numbers are publicly listed, relying instead on a contact form. Overall, Engerio presents a credible and professional business presence with room for improvement in privacy compliance and security best practices.

C

CAB

biopaysdelaloire.fr

10

CAB (Coordination Agrobiologique des Pays de la Loire) is a regional non-profit organization dedicated to supporting and developing organic agriculture in the Pays de la Loire region of France. The organization provides technical assistance to organic farms, develops organic production sectors, and supports local authorities in their organic initiatives. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content focused on organic agriculture and related activities. Technically, the site is built on WordPress with Elementor, uses modern JavaScript libraries like Swiper.js, and integrates Matomo for analytics, indicating a moderate to advanced digital infrastructure. Security-wise, the site enforces HTTPS, implements standard security headers, and provides cookie consent mechanisms, demonstrating good security hygiene. However, there is no explicit security policy or vulnerability disclosure page, which could be improved. Overall, the site is trustworthy, well-maintained, and compliant with GDPR, though WHOIS data is privacy-protected, limiting domain registration transparency.

R

Réseau GAB - FRAB

agrobio-bretagne.org

53

Réseau GAB - FRAB is a well-established regional network dedicated to promoting and supporting organic agriculture in Brittany, France. With nearly 40 years of experience, it serves as a key reference for organic farmers, offering technical advice, training, advocacy, and development of organic farming sectors. The website reflects a professional and consistent brand presence, targeting organic farmers, local communities, and stakeholders in the organic agriculture sector. Technically, the site is built on WordPress with modern libraries and includes privacy and cookie compliance mechanisms. Security posture is good with HTTPS and no obvious vulnerabilities, though some security headers could be improved. WHOIS data is unavailable, which slightly reduces trust but the overall site content and structure support legitimacy.

S

Synesty GmbH

synesty.com

11

Synesty GmbH operates a mature and well-established no-code/low-code integration platform focused on enabling businesses, especially in e-commerce, to automate and connect various digital systems and APIs without programming. The company has a strong market presence in Germany with a medium-sized business profile, founded in 2009, and offers a SaaS middleware solution with extensive add-ons and templates. The website is professionally designed, content-rich, and targets multiple user personas including e-commerce managers, developers, agencies, and CEOs. Technically, the site uses modern frameworks like Astro and privacy-conscious analytics (Matomo with cookies disabled), ensuring good performance and mobile optimization. Security posture is solid with HTTPS and domain locks, though DNSSEC is not enabled and some security policies are not publicly disclosed. Privacy compliance is good with a comprehensive privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Overall, the website and business demonstrate high professionalism and trustworthiness with room for improvement in transparency and security documentation.

M

Montpellier Méditerranée Métropole et ville de Montpellier

montpellier3m.fr

68

Montpellier Méditerranée Métropole and the city of Montpellier operate an official government website serving as the primary digital portal for residents, businesses, and visitors. The site provides comprehensive information on municipal institutions, public services, urban development projects, citizen participation, and local governance. It targets a broad audience including local citizens, public service users, and tourists. The business model is that of a public sector entity focused on service delivery and community engagement. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries such as Swiper.js and AddToAny for enhanced user experience and social sharing. It integrates Matomo analytics with privacy-conscious configurations. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, it lacks publicly available security policies or incident response information, which could be improved to enhance transparency and trust. The WHOIS data is unavailable due to AFNIC policies, but the domain's .fr extension and consistent official branding support its legitimacy. Overall, the website presents a low-risk profile with strong content quality and technical implementation. Strategic recommendations include publishing explicit security and incident response policies, establishing a vulnerability disclosure program, and maintaining up-to-date software to mitigate potential risks.

C

CRESS

cress-na.org

44

CRESS Nouvelle-Aquitaine is a regional non-profit organization dedicated to the development of the Social and Solidarity Economy (ESS) in the Nouvelle-Aquitaine region of France. The website serves as an informational and engagement platform targeting regional stakeholders interested in economic transition and social economy initiatives. The organization positions itself as a key regional actor supporting a just economic transition through ESS development. Technically, the website is built on WordPress using the Divi theme, incorporating modern web fonts, Matomo analytics for user tracking, and Google reCAPTCHA for form security. The site demonstrates good mobile optimization and SEO practices but lacks explicit privacy and cookie policies, which impacts privacy compliance. Security posture is moderate with the presence of reCAPTCHA but absence of visible security headers and unknown SSL configuration. WHOIS data is unavailable or malformed, limiting domain trust verification. Overall, the website is professional and relevant to its audience but would benefit from enhanced privacy disclosures and security hardening.

A

APICIL Santé Prévoyance

apicil.com

69

APICIL is a well-established French social protection group founded in 1938, providing complementary health insurance, provident schemes, savings, and retirement services primarily targeting enterprises and individuals in France. The website mon.apicil.com serves as a client portal and information hub, reflecting the company's strong market position as the third largest social protection group in France. The site is professionally designed, mobile-optimized, and compliant with GDPR regulations, including a comprehensive cookie consent mechanism. Technically, the site is built on WordPress with modern analytics and marketing integrations such as Matomo and Google Tag Manager, ensuring good digital maturity. Security posture is solid with HTTPS enforced and secure authentication cookies, though some security headers are not visibly implemented and no explicit security or incident response policies are published. Overall, the site presents a trustworthy and professional front for APICIL's services, with recommendations to enhance security headers and publish formal security policies to further strengthen trust and compliance.

C

Centre pour la Communication Scientifique Directe (CCSD)

hal.science

66

HAL (Hyper Articles en Ligne) is a French open archive platform dedicated to the deposit and dissemination of scientific publications. It is supported by major French research organizations including CNRS, INRIA, and INRAE, and serves the academic and research community by providing a sustainable, public infrastructure for open science. The platform offers services such as long-term preservation, institutional portals, and integration with research identifiers like ORCID. Technically, HAL uses a modern JavaScript stack with libraries such as jQuery, Select2, MathJax, and Matomo for privacy-conscious analytics. The website is well-designed, mobile-optimized, and accessible, with clear navigation and professional content. Security posture is strong with HTTPS enforced and privacy policies in place, though explicit security headers could be improved. The domain registration is consistent with the organization's identity and history, indicating high legitimacy. Overall, HAL is a trustworthy, well-maintained platform with a strong focus on open science and research dissemination.

V

Ville d'Orléans

orleans.fr

52

The Ville d'Orléans website serves as the official digital presence of the city government, providing residents and visitors with comprehensive access to municipal services, local news, events, and administrative resources. The site is well-branded with consistent city logos and offers a broad range of services including civil status, education, social services, urban planning, and public safety. The target audience primarily includes local citizens and stakeholders interested in city governance and community activities. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies such as Matomo for analytics and Google Fonts for typography. The site demonstrates good mobile optimization, accessibility features, and SEO practices, contributing to a positive user experience. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and employs secure forms, but lacks visible security headers and explicit cookie consent mechanisms, which are recommended for enhanced protection and GDPR compliance. The absence of WHOIS data limits domain registration transparency, though the site’s content and official branding strongly support its legitimacy. Overall, the website is a professional, trustworthy government portal with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas will strengthen user trust and regulatory adherence.

B

Bon Plan Bio

bonplanbio.fr

38

Bon Plan Bio is a French regional non-profit project providing an interactive map to locate local organic products and producers across several French regions. The website serves consumers seeking bio local products and supports organic farmers by promoting their points of sale. The project is supported by multiple regional organic agriculture groups, enhancing its credibility and regional reach. Technically, the site is built on WordPress using common plugins for sliders, cookie consent, and popups, hosted by OVH, a reputable provider. The site is mobile-optimized and uses Matomo analytics for privacy-friendly tracking. Security posture is good with HTTPS enforced and GDPR-compliant cookie consent, though it lacks explicit security headers and published security policies. Overall, the site is professional, trustworthy, and well-aligned with its mission.

C

Centre national du livre

partir-en-livre.fr

58

Partir en Livre is a French government-backed cultural initiative organized by the Ministry of Culture and the Centre national du livre. It promotes free youth literature events across France, targeting children, families, and cultural actors. The website is professionally designed using Drupal 9, featuring rich content, event information, and resources for organizers. It integrates Matomo analytics and provides cookie consent mechanisms compliant with GDPR. However, no direct contact emails or phone numbers are publicly listed, relying on contact forms instead. The absence of WHOIS data is notable but likely due to registry policies rather than malicious intent. Overall, the site demonstrates a mature digital presence with good content quality and user experience.

E

Eleven

eleven-strategy.fr

48

Eleven is a European consulting firm specializing in AI and data strategy, positioning itself as a leading player in this niche market. The website reflects a mature business with a domain registered since 2013, consistent with its market claims. The company targets European organizations seeking expert guidance in AI and data-driven transformation. Technically, the website is built on WordPress with modern SEO practices and uses Matomo for analytics, indicating a focus on privacy. Security posture is good with HTTPS enabled, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, supporting regulatory adherence. Overall, the site presents a professional and trustworthy digital presence.

I

International Social Security Association

issa.int

65

The International Social Security Association (ISSA) operates a professional and authoritative website serving as a global network for social security organizations. The site offers comprehensive member services, including guidelines, training, awards, and publications, targeting social security professionals and government agencies worldwide. The website is built on Drupal 10, leveraging modern web technologies and analytics tools with privacy-conscious configurations. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, supporting ISSA's position as a leading international organization in social security.

B

Belgian Federal Public Service Policy and Support (BOSA)

bosa.be

65

The Belgian Federal Public Service Policy and Support (BOSA) website serves as an official government portal providing multilingual access to federal public service information. The site is positioned as a key government service platform, targeting Belgian citizens and government employees. It offers policy and support services, emphasizing accessibility and compliance with European data protection regulations. The website uses Drupal 10 CMS and integrates modern JavaScript libraries and Matomo analytics with user consent, reflecting a mature digital infrastructure. Security posture is moderate with room for improvement in security headers and transparency of security policies. The domain is a subdomain of belgium.be, indicating high legitimacy despite restricted WHOIS data. Overall, the site is professional, trustworthy, and compliant with GDPR, but could enhance security and transparency further.

O

Office national de l'emploi

onem.be

65

The Office national de l'emploi (ONEM) is a Belgian public institution responsible for managing the unemployment insurance system and employment-related measures, including career interruption and credit-time schemes. The website serves primarily French-speaking citizens and employers, providing comprehensive information, online services, and updates related to unemployment regulations and benefits. It holds a strong national position as a government agency with a clear public service mandate. Technically, the website employs modern web technologies such as Bootstrap and FontAwesome, with privacy-conscious analytics via Matomo. The site is mobile-optimized, accessible, and well-structured, offering a good user experience. Security is robust with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The security posture is solid for a government site, with good privacy compliance and trust indicators including official social media channels and certifications. The WHOIS data is restricted due to .be domain policies but is consistent with a legitimate government entity. Overall, the site presents low risk with strong business credibility and technical maturity. Strategic recommendations include enhancing security headers, publishing a formal security policy and incident response information, and implementing a vulnerability disclosure program to further strengthen trust and compliance.

D

De Rijksdienst voor Arbeidsvoorziening

rva.be

70

De Rijksdienst voor Arbeidsvoorziening (RVA) is the official Belgian government agency responsible for administering social security benefits related to unemployment insurance, career interruption, and time credit. The website serves both citizens and employers, providing comprehensive information, online application services, and up-to-date news and statistics. The RVA holds a strong market position as a trusted public institution with a large operational scale within Belgium. The site is professionally designed with consistent branding and clear navigation, targeting Dutch-speaking users primarily.

C

CEA

leti-cea.com

10

The website represents CEA-Leti, a prominent French government-funded research center specializing in micro and nanotechnologies. It serves a broad audience including researchers, institutions, companies, and the general public. The site provides comprehensive information on applied research, industrial innovation, education, and partnerships. The business model focuses on collaborative R&D and technology transfer to industry. The organization holds a strong market position within European technological research. Technically, the site is built on Microsoft SharePoint, uses modern analytics (Matomo), and integrates security features like Google reCAPTCHA. The security posture is solid with HTTPS and no visible vulnerabilities, though security headers and explicit cookie consent are lacking. WHOIS data for the domain www.leti-cea.com is missing, which slightly reduces trust but the site’s affiliation with the official CEA domain and consistent branding supports legitimacy. Overall, the site is professional, informative, and trustworthy with room for improvement in privacy compliance and security headers.

W

World Media Partners, s.r.o.

ceskainspirace.cz

58

Česká inspirace is a Czech regional cultural and tourism portal operated by World Media Partners, s.r.o. The website provides news, event calendars, multimedia galleries, and virtual tours focused on several Czech cities. It targets a general audience interested in cultural events and city inspiration within the Czech Republic. The business model centers on content provision and regional promotion, positioning itself as a trusted media platform in its niche. Technically, the website employs a modern JavaScript stack including jQuery, Leaflet.js for maps, and analytics tools such as Google Analytics and Matomo. It uses HTTPS with a good SSL configuration and integrates Google reCAPTCHA Enterprise for bot protection. The site is mobile optimized and has a clear navigation structure, although some accessibility features are basic. From a security perspective, the site enforces HTTPS and uses anti-bot measures but lacks visible security headers and explicit cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is not publicly available, indicating privacy protection, which slightly reduces transparency but is common for media portals. Overall, the website is professionally designed and functional with moderate security and privacy compliance. Strategic improvements in privacy transparency, security headers, and incident response policies would enhance trust and compliance.

S

Stad Oostende

oostende.be

78

Stad Oostende operates as the official municipal government website for the city of Oostende, Belgium. It provides residents and visitors with news, public service information, digital appointment scheduling, and citizen engagement tools such as the O-punt reporting platform. The website is well-positioned as a trusted source of local government information and services, targeting a broad audience including local citizens and tourists. The business model is typical for a government entity, focusing on service delivery rather than commercial revenue. Technically, the website is built on the Icordis CMS platform by LCP nv, utilizing modern JavaScript libraries such as jQuery and Masonry for layout, along with accessibility tools like ReadSpeaker. It employs Matomo analytics for privacy-conscious user tracking and includes cookie consent mechanisms compliant with GDPR. The site demonstrates good mobile optimization and accessibility features, ensuring usability for a wide audience. From a security perspective, the site enforces HTTPS and uses secure forms with anti-forgery tokens. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and trust. No critical vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be improved with additional documentation and security headers. The overall risk assessment is low, with the site showing strong legitimacy, consistent WHOIS data, and no signs of malicious activity. Strategic recommendations include publishing security and incident response policies, implementing vulnerability disclosure, and enhancing security headers to further strengthen the security posture and user trust.

I

Inforca

inforca.mc

48

Inforca is a Monaco-based Enterprise Services Network (ESN) specializing in digital transformation services for businesses in Monaco and France. The company positions itself as a leading digital solutions provider in the Monaco market, offering expertise and realizations tailored to its target audience. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site leverages modern technologies including Alpine.js, Tailwind CSS, and the Ibexa CMS platform, with privacy-focused analytics via Matomo and a robust cookie consent mechanism using Tarte Au Citron. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a mature digital presence aligned with business goals and compliance requirements.

Fondation VINCI pour la Cité is a well-established non-profit organization affiliated with the VINCI Group, focused on supporting social and professional insertion initiatives primarily in France and Europe. The foundation promotes social innovation and encourages the engagement of VINCI collaborators in solidarity projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that aligns with the foundation's mission and values. Technically, the site is built on WordPress with modern SEO and privacy tools such as Yoast SEO and Tarteaucitron for cookie consent, and uses Matomo for analytics, indicating a privacy-conscious approach. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Business credibility is high due to consistent branding, domain age, and alignment with VINCI Group. Overall, the site is trustworthy and professionally managed.

L

Literárna čajovna

literarnacajovna.sk

51

Literárna čajovna is a Slovak-based premium tea retailer operating both a physical tea shop in Bratislava and an online e-commerce platform. The company emphasizes direct import from farmers, offering a wide range of teas including Sencha, Darjeeling, Puer, and black teas, alongside tea accessories and catering services. With approximately 15 years of market presence, it targets tea enthusiasts primarily in Slovakia and the Czech Republic. The website is professionally designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content.

A

Adapex Inc

adapex.io

66

Adapex Inc is a technology company specializing in advanced monetization solutions for digital publishers and advertisers. Leveraging AI technology developed in collaboration with Nasdaq AI suite contributors and allied with Datrix, Adapex offers a comprehensive suite of products and services including the M4 Tech Suite and data refinery solutions. The company positions itself as an industry leader with a strong focus on transparency, innovation, and partnership, supported by industry awards and a professional online presence. Technically, the website is built on WordPress with Elementor, integrates multiple analytics and consent management tools, and uses Cloudflare for DNS and CDN services. Security posture is good with HTTPS and consent mechanisms but could be enhanced by enabling DNSSEC and publishing security policies. Overall, the website is accessible, well-designed, and compliant with GDPR consent requirements, though explicit privacy and terms of service pages were not found in the provided content.

D

Digifactory

digifactory.fr

42

Digifactory is a French technology company offering an integrated SaaS platform that combines CRM, e-mailing, e-commerce, CMS, project management, and event management tools. The platform targets businesses seeking omni-channel solutions to manage their activities, marketing campaigns, and events efficiently. The website presents a professional and consistent brand image with clear navigation and mobile optimization, supporting a positive user experience. Technically, the website is built on a PHP/MySQL stack with jQuery and Font Awesome for UI elements. It uses Matomo analytics, indicating a privacy-conscious approach to user tracking. The site is moderately performant and well-structured but lacks visible security headers and explicit privacy or cookie policies, which are important for compliance and security. From a security perspective, the site uses HTTPS (assumed from URL), but no security headers were detected in the provided data. The absence of WHOIS registration data is a concern for domain legitimacy and trustworthiness. No critical vulnerabilities or exposed sensitive data were found, but improvements in security best practices and compliance documentation are recommended. Overall, Digifactory presents a credible business platform with good technical implementation but needs to enhance its security posture and privacy compliance to improve trust and reduce risk.

JULA CZ, s.r.o. is a Czech-based company specializing in manufacturing, importing, and wholesale distribution of a wide range of products including office supplies, school materials, hygiene products, and seasonal goods. The company operates a B2B e-commerce platform targeting wholesalers, retailers, and e-shops, facilitating regular supply of approximately 10,000 product items. The website is professionally designed with clear navigation and multilingual support, reflecting a medium-sized retail business with a solid regional presence. Technically, the website employs a traditional tech stack centered around jQuery and jQuery UI, with Matomo analytics for user tracking. The site uses HTTPS but lacks advanced security headers and comprehensive privacy or cookie policies, indicating room for improvement in compliance and security posture. Performance and mobile optimization are moderate, with basic accessibility features implemented. From a security perspective, the site shows no immediate vulnerabilities or exposed sensitive data but lacks critical security headers and formal privacy documentation. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy and trustworthiness, which could impact business credibility. Overall, the security posture is average with recommendations to enhance header security, privacy compliance, and domain registration transparency. Strategically, the company should prioritize establishing clear privacy and cookie policies, improving security headers, and resolving domain WHOIS registration issues to strengthen trust and compliance. Enhancing mobile responsiveness and accessibility will also improve user experience and broaden market reach.

T

Théâtre Les 3 Chênes

theatreles3chenes.fr

52

Théâtre Les 3 Chênes is a small regional cultural venue based in Loiron-Ruillé, France, specializing in theatrical performances, workshops, and cultural events. The website serves as an information and ticketing portal for visitors and community members, reflecting a well-maintained and professionally designed platform. The business operates primarily in the hospitality and cultural sector, targeting a general audience interested in arts and theater. Technically, the site is built on WordPress with Bootstrap and jQuery, hosted by OVH, and incorporates privacy-conscious analytics via Matomo alongside a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced, though lacking some advanced security headers and formal security policies. Overall, the domain registration and WHOIS data align well with the business profile, indicating legitimacy and consistency.

É

École nationale supérieure d'Arts et Métiers

artsetmetiers.fr

55

École nationale supérieure d'Arts et Métiers (ENSAM) is a prestigious French engineering grande école specializing in initial and continuing education, research, and innovation in technology and industry. The institution maintains strong partnerships with industry and academic bodies, positioning itself as a leader in engineering education and industrial innovation in France. The website reflects a professional and comprehensive digital presence, targeting students, researchers, and industry collaborators. The business model focuses on education, research, and industry collaboration with services including degree programs, continuing education, and incubation support for startups. Technically, the website is built on Drupal 10 with modern web technologies including jQuery, Matomo analytics, and responsive design. The site demonstrates good SEO, accessibility, and mobile optimization. Hosting and domain registration are consistent with an academic institution, with domain age supporting legitimacy. Analytics usage respects privacy with Do Not Track enabled. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the site lacks published privacy and cookie policies, incident response contacts, and security headers, which are areas for improvement to enhance compliance and trust. Overall, the website is trustworthy, professional, and well-maintained, with recommendations to improve privacy compliance and security transparency to further strengthen its security posture and regulatory adherence.