Security Directory

C

Copernicus

copernicus.eu

11

Copernicus is the European Union's flagship Earth observation program, providing environmental data and services for the benefit of European citizens and public authorities. The website reflects a mature digital presence with a professional design, multilingual support, and comprehensive content focused on environmental monitoring, climate change, security, and emergency management. The program collaborates with major European agencies and institutions, reinforcing its authoritative market position. Technically, the site is built on Drupal 10, leveraging modern JavaScript libraries and analytics tools such as Matomo, with a strong emphasis on GDPR compliance and user privacy. The infrastructure supports good performance, mobile responsiveness, and accessibility, although some security headers could be improved. Security posture is solid with HTTPS enforced and privacy-conscious cookie management, but the absence of explicit vulnerability disclosure and incident response contacts suggests room for enhancement. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and stable platform. Overall, Copernicus.eu represents a high-quality, secure, and compliant government service website with strong business credibility and technical maturity, suitable for its broad public and institutional audience.

M

Mercator Ocean International

mercator-ocean.fr

58

Mercator Ocean International is an intergovernmental organization dedicated to providing digital ocean systems and information services, endorsed by multiple European countries and linked with the UN Ocean Conference. The organization delivers global ocean data, monitoring, forecasting, and scientific insights to support climate action and ocean health. The website is professionally designed using WordPress and Elementor, with a strong focus on oceanographic data and community coordination. Social media presence and official endorsements enhance its credibility. Technically, the site uses modern web technologies and analytics tools like Matomo, ensuring moderate user tracking with some privacy considerations. Security posture is strong with HTTPS and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is partial, lacking explicit privacy and cookie policies or consent mechanisms. Overall, the site is trustworthy, authoritative, and well-positioned in its niche, but could enhance transparency and compliance aspects.

O

Sign in - Matomo

openscop.icu

56

The website openscop.icu hosts a Matomo analytics platform instance, primarily serving as a login portal for authorized users to access analytics data. The platform is an open-source, free/libre analytics solution, targeting website administrators and analytics professionals who require privacy-focused visitor tracking. The business model revolves around providing analytics services with a focus on data privacy and user control. The site is relatively new, with domain registration dating back to 2019, and is hosted by Gandi SAS, a reputable registrar and hosting provider. The content is minimal, focusing on authentication, with no public-facing business or contact information.

C

Canopée

canopee.ong

59

Canopée is a French non-profit organization dedicated to protecting forests through expert investigations, advocacy, and citizen mobilization. The website positions itself as a credible and active player in environmental protection with a clear mission and multiple ongoing campaigns. Technically, the site is built on WordPress with modern analytics and consent management tools, showing good digital maturity and compliance with privacy regulations. Security posture is solid with HTTPS and cookie consent, though some security headers could be improved. The domain WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the site is trustworthy, professional, and well-maintained.

C

Confédération générale des Scop

les-scop.coop

55

The website www.les-scop.coop represents the Confédération générale des Scop, a French non-profit organization supporting cooperative enterprises such as Scop and Scic. It serves as a central hub for cooperative members, entrepreneurs, and stakeholders in the social and solidarity economy in France. The site offers resources, news, career information, and a network of regional unions and partners, positioning itself as a national leader in cooperative support. Technically, the site is built on Drupal 10 CMS, leveraging modern JavaScript libraries and analytics tools including Matomo and Google Tag Manager. It demonstrates good mobile optimization, accessibility, and SEO practices. The site employs cookie consent mechanisms compliant with GDPR and provides clear contact information and member extranet access. From a security perspective, the site enforces HTTPS and uses consent-based tracking. However, it lacks visible security headers and a published security policy or incident response contacts. The domain registration is consistent and trustworthy, registered since 2009 with a registrar specialized in .coop domains. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is professional, trustworthy, and well-aligned with its cooperative mission. Strategic improvements in security headers and explicit security policies would enhance its security posture further.

C

Collabora Online and Collabora Office

collaboraoffice.com

72

Collabora Online and Collabora Office provide a comprehensive open-source online document editing suite designed for secure, collaborative editing controlled by the user. The company targets businesses and organizations requiring enterprise-grade document collaboration solutions, offering products such as Collabora Online, Collabora Office desktop applications, mobile apps, and large deployment controllers. Their market position is that of an established technology provider in the open-source productivity software space, supported by a strong partner and integration ecosystem. Technically, the website is built on WordPress with modern plugins like Elementor and Yoast SEO, and integrates analytics and marketing tools such as Matomo and Mautic. The site is well-optimized for SEO, mobile-friendly, and accessible, reflecting a mature digital infrastructure. However, some security best practices like explicit security headers and published security policies are not evident. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks visible privacy and cookie policies and incident response information. The absence of WHOIS registration data reduces trust slightly, though the professional presentation and partner ecosystem support legitimacy. No critical vulnerabilities or adult content were detected. Overall, the website demonstrates a solid business and technical foundation with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and improving contact information visibility to strengthen trust and compliance.

E

ENGIE

engie.com

72

ENGIE is a major global energy company focused on accelerating the transition to a carbon-neutral economy. The company offers a broad range of services including renewable energy production, energy flexibility solutions, infrastructure management, and energy supply tailored to cities, industries, tertiary sectors, and individual consumers. The website content is professionally presented in French, reflecting ENGIE's strong market position in the energy sector, particularly in France and internationally. Technically, the site is built on Drupal CMS with modern web technologies such as Bootstrap, Google Tag Manager, and Matomo analytics, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers are not detected and no security.txt file is published. The absence of WHOIS data for the domain is unusual but does not detract significantly from the site's legitimacy given the strong branding and external references. Overall, ENGIE's website demonstrates a mature digital presence aligned with its business objectives and compliance requirements.

E

Ecclesia Holding GmbH

ecclesia.com

43

Ecclesia Holding GmbH operates as Germany's largest insurance broker and risk consultant, offering a broad portfolio of services that extend beyond traditional insurance brokerage. Their website presents a professional, well-structured digital presence powered by TYPO3 CMS, integrating modern analytics and consent management tools to ensure GDPR compliance. The company targets diverse sectors including health, industry, church, social services, transport, and logistics, providing tailored insurance and risk management solutions. Despite the absence of WHOIS data, the website's content quality and comprehensive service offerings indicate a mature and reputable enterprise. Security measures such as HTTPS, security headers, and consent mechanisms are properly implemented, reflecting a strong security posture. Overall, the site is safe, trustworthy, and professionally maintained.

L

Landesamt für Arbeitsbeschaffung

lfa.be

70

The Landesamt für Arbeitsbeschaffung (LfA) is a Belgian government agency responsible for implementing social insurance regulations related to unemployment, including labor market activation measures, career breaks, and time credit schemes. The website targets German-speaking citizens and employers in Belgium, providing information and electronic services such as online applications and electronic control cards. The site is professionally designed with consistent branding and clear navigation, reflecting a mature digital presence for a public sector entity. Technically, the site uses modern frameworks like Bootstrap and integrates privacy-conscious analytics (Matomo) and chatbot services, indicating a moderate to advanced digital infrastructure. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong with clear cookie and privacy policies aligned with GDPR. Overall, the domain and website appear legitimate and trustworthy, consistent with a government agency, despite limited WHOIS data due to .be domain privacy restrictions.

M

Mercator Ocean International

mercator-ocean.eu

58

Mercator Ocean International is an intergovernmental organization dedicated to providing digital ocean systems and information services. It operates as a public service delivering ocean data, supporting international cooperation, and advancing ocean prediction initiatives. The organization is endorsed by multiple European governments and actively participates in global ocean health and climate monitoring efforts. The website reflects a professional and consistent brand presence with comprehensive ocean-related content targeting governments, researchers, and civil society stakeholders. Technically, the website is built on a modern WordPress platform using Elementor and Yoast SEO, with multilingual support via WPML. It employs Matomo analytics and social sharing tools, indicating a mature digital infrastructure. The site is mobile optimized and accessible, with good SEO practices, though some improvements in security headers and privacy compliance are recommended. Security posture is solid with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit privacy and cookie policies, security headers, and incident response information suggests areas for enhancement. The domain WHOIS data is privacy protected by EURid, which is typical for .eu domains and justified for this type of organization. Overall, the website presents a trustworthy and authoritative presence in the ocean data and intergovernmental domain, with recommendations to improve transparency and privacy compliance to further strengthen user trust and security posture.

E

Eleven

eleven-strategy.com

60

Eleven is a medium-sized French strategy consulting firm specializing in data and AI strategy, founded in 2013. The company positions itself as a pioneer in digital and data revolutions consulting, targeting businesses seeking to leverage data and AI for strategic advantage. Their website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, the site runs on WordPress with Yoast SEO and Matomo analytics, hosted by OVH sas, a reputable provider. Security posture is good with HTTPS enabled and domain protections in place, though improvements are recommended such as enabling DNSSEC and adding security headers. Privacy compliance is strong with a comprehensive privacy and cookie policy and consent mechanism. However, explicit contact emails and phone numbers are not publicly listed, relying on contact forms instead. Overall, the website is trustworthy and professional, with moderate tracking and good privacy practices.

C

Climat Médias - Pour plus de climat dans les médias

climatmedias.org

63

Climat Médias is a French non-profit association dedicated to increasing and improving climate and biodiversity coverage in the media. They provide media monitoring data, conduct journalist training, advocate through petitions, and engage citizens to raise awareness. The website is built on WordPress with modern SEO and privacy compliance features, including a cookie consent mechanism and a comprehensive privacy policy. Security posture is good with HTTPS and domain protections, though DNSSEC is not enabled and some security headers could be improved. Contact is primarily via email and contact forms, with active social media channels. Overall, the site is professional, trustworthy, and well-aligned with its mission.

C

Centre national du livre

centrenationaldulivre.fr

63

The Centre national du livre (CNL) is a French public institution under the Ministry of Culture dedicated to supporting all actors in the book industry, including authors, translators, editors, booksellers, and libraries. The website serves as a comprehensive portal for information on financial aids, literary events, studies, and resources related to the book sector in France. It maintains a strong market position as a key governmental cultural support entity. Technically, the site is built on Drupal 8, employs Matomo and Google Analytics with privacy-conscious configurations, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS, cookie consent mechanisms, and domain protections, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, serving a broad audience of literary professionals and cultural stakeholders.

Kamael is a French company founded in 2014 specializing in software solutions tailored for bookstores and commerce. The website presents the company as a niche software provider targeting the retail sector, specifically bookstores. The business model revolves around providing software products to enhance commerce operations within this niche. The website content is primarily in French and focuses on describing the company's offerings to its target audience of bookstore owners and operators. Technically, the website employs modern iconography with Font Awesome 6 and uses the AOS library for animations. It also integrates Matomo for analytics, indicating a preference for privacy-conscious tracking. The hosting provider is OVH sas, a reputable French hosting company. The website is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. There is no DNSSEC enabled for the domain, and no explicit security or incident response policies are published. Privacy and cookie policies are absent, which is a compliance gap, especially under GDPR regulations. Overall, the website is functional and moderately professional but lacks comprehensive privacy, security, and contact disclosures. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and compliance posture.

D

Display Europe

displayeurope.eu

61

Display Europe is a European media platform that aggregates news and media content from various European sources, targeting media professionals, researchers, and the general public interested in European affairs. The platform offers search and filtering capabilities to access a wide range of media articles from partner sources. Technically, the website is built using modern web technologies including React and Next.js, with Apollo GraphQL for data management and Matomo for analytics. The site demonstrates good digital maturity with responsive design and moderate performance. Security-wise, the site enforces HTTPS, includes essential security headers, and avoids exposing sensitive data. However, it lacks a cookie consent mechanism and explicit security or incident response policies, which are areas for improvement. Overall, the website is trustworthy and professionally maintained, with a strong European identity and co-funding from the European Union.

F

fairkom

fairkom.net

65

fairkom is a small Austrian technology company specializing in open source based IT solutions, including consulting, cloud hosting, videoconferencing, chat platforms, and identity management. The company emphasizes GDPR compliance, green hosting, and sustainable digital communication. Their market position is supported by over 20 years of experience and partnerships with public institutions and NGOs. The website reflects a mature digital presence with a modern Drupal 10 CMS, privacy-respecting analytics, and a clear focus on open source technologies. Security posture is good with HTTPS and privacy measures, though explicit security policies and vulnerability disclosure mechanisms are absent. Overall, fairkom presents a trustworthy and professional business with a strong commitment to privacy and sustainability.

M

Musée du Luxembourg

museeduluxembourg.fr

59

Musée du Luxembourg is a well-established cultural institution in Paris, offering art exhibitions, events, and educational programs. The website reflects a professional and user-friendly digital presence, built on Drupal 10 with modern analytics and consent management tools. The museum is affiliated with the French Senate and Grand Palais RMN, reinforcing its legitimacy and trustworthiness. Privacy and cookie policies are comprehensive and GDPR compliant, with clear user consent mechanisms. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Overall, the site provides a safe, accessible, and informative experience for a broad audience including tourists, students, and art enthusiasts.

S

Soudons, fermes !

soudons-fermes.org

58

Soudons, fermes ! is a French network of structures committed to peasant agroecology, collaborating closely with the Atelier Paysan to disseminate technical projects and tools that promote farm autonomy and sustainable agriculture. The website serves as an informational and networking platform, showcasing members and activities through interactive maps and content. The business operates as a small, focused non-profit entity founded recently in 2023, targeting agricultural communities and stakeholders interested in agroecology. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS and domain protections but lacks advanced security headers and DNSSEC. Privacy compliance is limited, with no cookie consent mechanism or detailed privacy policies visible, which could be improved to meet GDPR standards. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy features.

F

fairkom

fairkom.eu

65

fairkom is a small Austrian technology company specializing in open source based IT solutions, including consulting, cloud hosting, videoconferencing, chat platforms, and identity management. The company emphasizes GDPR compliance, ecological hosting, and fair digital communication. Their market position is solid with over 20 years of experience and trusted partnerships with public institutions and NGOs. The website is professionally designed, content-rich, and well-structured, targeting private users, organizations, and public sector clients. Technically, the site uses Drupal 10 CMS, modern open source tools, and privacy-respecting Matomo analytics without cookies. Security posture is good with HTTPS and privacy best practices, though explicit security policies and incident response information are missing. Overall, the website is trustworthy, compliant, and technically sound.

S

Schweisfurth Stiftung

schweisfurth-stiftung.de

55

Schweisfurth Stiftung is a well-established non-profit organization focused on promoting ecological agriculture, animal welfare, and sustainable farming practices primarily in Germany. The foundation operates by granting awards, supporting development projects, and fostering networks within the ecological agriculture sector. Their website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates privacy-compliant analytics and cookie consent mechanisms. Security posture is strong with HTTPS, secure cookies, and captcha protections, although some advanced security headers could be added. Overall, the domain registration and hosting align well with the organization's profile, indicating legitimacy and trustworthiness.

Shen Yun Performing Arts is a globally recognized performing arts company specializing in classical Chinese dance and music, established in New York in 2006. The company focuses on reviving and presenting traditional Chinese culture through breathtaking performances that include classical dance, ethnic and folk dance, and orchestral music. Their market position is strong as a premier classical Chinese dance company with a broad international audience. The website reflects a professional and consistent brand image with multilingual support, targeting a general audience interested in cultural and performing arts experiences. Technically, the website employs modern JavaScript libraries, analytics tools, and accessibility features, indicating a mature digital infrastructure. However, some areas such as explicit privacy and cookie policies and WHOIS transparency could be improved. Security posture is good with HTTPS and no visible vulnerabilities, but security headers and incident response information are lacking. Overall, the site is trustworthy and well-maintained but would benefit from enhanced privacy compliance and domain registration transparency.

B

Bouvet ASA

bouvet.no

54

Bouvet ASA is a leading Norwegian-owned consulting company specializing in IT, advisory, design, and digital communication services. The company serves a broad range of private and public sector clients, positioning itself as a key digital transformation partner in the Nordic region. Their service portfolio includes designing, developing, managing, and advising on IT solutions and digital communication strategies. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to their target audience of businesses and societal actors across industries. Technically, the website leverages modern web technologies including Enonic XP CMS, Google Fonts, Matomo analytics for privacy-conscious tracking, and Cloudflare for performance and security enhancements. The site is well-optimized for mobile devices, accessible, and SEO-friendly. Security best practices are observed with HTTPS enforcement, cookie consent mechanisms, and published information security policies. However, explicit security headers and vulnerability disclosure mechanisms could be improved. From a security posture perspective, Bouvet demonstrates a strong commitment to information security, evidenced by ISO 27001 certification and published security guidelines. The presence of a security incident reporting page indicates readiness for incident response. No critical vulnerabilities or security issues were detected in the website content or configuration. Privacy compliance is robust with clear cookie policies and GDPR-aligned disclosures. Overall, Bouvet ASA's website and digital infrastructure reflect a reputable, secure, and professionally managed business entity with a strong market position in IT consulting. The lack of publicly available WHOIS data is consistent with Norwegian domain privacy norms and does not detract from the company's legitimacy. Strategic recommendations include enhancing transparency on security headers, adding a public vulnerability disclosure policy, and providing direct security contact information to further strengthen trust and compliance.

F

Fondation pour la Nature et l’Homme

fondation-nature-homme.org

69

Fondation pour la Nature et l’Homme is a well-established French non-profit organization dedicated to environmental awareness and ecological solutions. The foundation operates multiple programs focused on biodiversity preservation, sustainable agriculture, responsible food consumption, and decarbonized mobility. It engages a broad audience including volunteers, donors, and citizens, leveraging digital platforms and partnerships to amplify its impact. The website reflects a mature digital presence with modern technologies and comprehensive content supporting its mission. Technically, the website is built on WordPress with advanced JavaScript frameworks like Alpine.js and HTMX, and integrates analytics tools such as Microsoft Clarity, Google Tag Manager, and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Security posture is good with HTTPS enforced and consent management implemented, though some security headers could be explicitly added for enhanced protection. The absence of WHOIS data limits domain registration trust verification, but the website's branding, certifications, and external references strongly support its legitimacy. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the foundation demonstrates a strong commitment to transparency, privacy compliance, and user engagement. Strategic recommendations include enhancing security headers, publishing a formal security policy and incident response information, and maintaining vigilance on third-party scripts. These steps will further strengthen trust and security posture.

O

ONERA

onera.fr

60

ONERA is the French national aerospace research center, established in 1995, with a strong market position as a leading government research entity in aerospace. The website reflects a mature digital presence with comprehensive content targeting researchers, industry professionals, and academic audiences. Technically, the site uses Drupal 10, Bootstrap 5, and Matomo analytics, ensuring modern standards and good performance. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though it lacks a dedicated security policy or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting ONERA's reputation as a credible research institution.

E

Eugloh

eugloh.eu

40

EUGLOH is a European University Alliance focused on global health, uniting nine research-intensive universities to provide innovative education, research, and international collaboration opportunities. The website is professionally designed using TYPO3 CMS and integrates Matomo analytics with privacy-conscious settings. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though improvements are recommended in security headers and cookie consent mechanisms. The domain is privacy protected under EURid, which is typical for EU domains, and the website content strongly supports legitimacy and trustworthiness. Overall, the site serves as a comprehensive platform for students, academics, and partners engaged in global health education and research.

É

École normale supérieure Paris-Saclay

ens-paris-saclay.fr

56

École normale supérieure Paris-Saclay is a prestigious French Grande École specializing in higher education and research, particularly in fundamental sciences, engineering, and social sciences. It operates as part of the Université Paris-Saclay ecosystem and targets students, researchers, and academic partners. The website reflects a mature digital presence with comprehensive academic content, events, and testimonials, supporting its market position as a leading educational institution. Technically, the website is built on Drupal 9 with modern front-end libraries such as Bootstrap, jQuery, and Swiper, and employs Matomo analytics with privacy-conscious settings. The site is mobile-optimized, accessible, and SEO-friendly, indicating a well-maintained technical infrastructure suitable for its audience. From a security perspective, the site uses HTTPS and cookie consent mechanisms, but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or suspicious activities were detected. The WHOIS data confirms domain legitimacy and consistency with the institution's identity. Overall, the website presents a low-risk profile with strong compliance to privacy regulations and good user experience. Strategic improvements could include publishing security policies and enhancing security headers to further strengthen trust and resilience.

C

CentraleSupélec

centralesupelec.fr

51

CentraleSupélec is a prestigious French engineering school focused on delivering high-quality education and cutting-edge research. The institution offers a broad range of programs including bachelors, masters, doctorates, and executive education, supported by strong partnerships with industry and academia. The website reflects a mature digital presence with modern technologies such as Drupal 10, Matomo analytics, and a comprehensive cookie consent mechanism, ensuring compliance with GDPR and privacy standards. Security posture is solid with HTTPS and privacy-focused analytics, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and well-structured, serving a diverse audience including students, enterprises, researchers, and alumni.

T

TIMAC AGRO Maroc

timacagro.ma

53

TIMAC AGRO Maroc is a well-established agricultural solutions provider specializing in innovative fertilization, plant nutrition, and animal production products tailored for the Moroccan market. With a claimed 25 years of local expertise, the company positions itself as a trusted partner offering sustainable and environmentally respectful agricultural performance improvements. The website reflects a professional digital presence with clear branding, product categorization, and local support emphasis. Technically, the site is built on WordPress with Elementor and WooCommerce, leveraging modern analytics tools like Google Tag Manager and Matomo, and is hosted behind Cloudflare DNS services. Security posture is solid with HTTPS enabled and cookie consent implemented, though explicit privacy and terms policies are missing. The WHOIS data shows some inconsistencies, notably a future domain creation date, which may indicate a staging domain or data error but does not detract significantly from the site's legitimacy. Overall, the site is safe, professional, and targeted at agricultural professionals in Morocco.

W

William Houde Ltee

williamhoude.com

60

William Houde Ltee is a well-established agricultural company specializing in plant and animal nutrition solutions, serving producers primarily in Quebec and Canada. The company leverages 75 years of expertise and is affiliated with the Groupe Roullier, a recognized global player in the agricultural sector. Their product portfolio includes biostimulants, fertilizers, soil conditioners, and animal production aids, supported by a strong local presence and a network of representatives. The website reflects a professional and comprehensive digital presence, with clear branding and detailed product and service information. Technically, the site is built on WordPress with Elementor and WooCommerce, incorporating modern JavaScript libraries and analytics tools while maintaining good privacy compliance through cookie consent mechanisms. Security posture is solid with HTTPS and some security best practices, though some security headers could be improved. The WHOIS data is unavailable, which slightly reduces trust but is likely due to privacy protection or recent domain registration. Overall, the website and business present a credible and professional image with moderate risk.

T

TIMAC AGRO Canada

timacagro.ca

56

TIMAC AGRO Canada is a well-established agricultural company specializing in soil, plant, and animal nutrition solutions. With over 60 years of experience and a strong connection to its parent company Groupe Roullier, it serves farmers and agronomists with personalized agronomic products and expertise. The website reflects a mature digital presence with comprehensive product offerings, news updates, and multiple language support, targeting the Canadian agricultural market. Technically, the site is built on WordPress with Elementor and integrates modern analytics and marketing tools, ensuring good performance and user experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though it lacks a publicly available security policy or incident response information. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is privacy protected, limiting domain age verification. Strategic recommendations include publishing security policies and incident response contacts to enhance trust and compliance.

T

TIMAC AGRO INTERNATIONAL

grasslandagro.com

67

TIMAC AGRO INTERNATIONAL is a well-established company specializing in soil, plant, and animal nutrition products, serving agricultural professionals globally. Founded in 1959 and headquartered in Saint-Malo, France, it operates as a subsidiary of Groupe Roullier. The company positions itself as a leader in sustainable agriculture solutions, offering fertilization, biostimulation, and animal production nutrition services. The website reflects a professional B2B business model targeting agribusinesses and farmers. Technically, the website is built on WordPress with Elementor, leveraging modern JavaScript libraries such as GSAP and jQuery. It integrates analytics tools including Matomo, Google Analytics (GA4), and Hotjar, with a robust cookie consent mechanism via Tarteaucitron, indicating good privacy compliance. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses cookie consent management, but lacks visible advanced security headers and does not publish a dedicated security policy or incident response contacts. The WHOIS data is missing, which reduces transparency about domain registration and ownership, though the website content and external references support legitimacy. Overall, the website is professional, secure, and privacy-conscious, but could improve transparency and security posture by publishing security policies and enhancing domain registration visibility.

S

SAS NAAIA

naaia.ai

53

Naaia is a French-based SaaS company specializing in AI compliance, risk management, and governance solutions. Founded in 2022, it positions itself as a European leader and the first AIMS® provider, offering a platform to operationalize AI governance and compliance with global regulations. The company holds ISO 27001 and ISO 42001 certifications, reinforcing its commitment to security and AI management standards. The website is professionally designed, content-rich, and targets organizations deploying AI systems that require regulatory compliance and risk oversight. Technically, the website is built on WordPress with Elementor and integrates modern analytics and marketing tools such as HubSpot, Google Analytics, and Matomo. The hosting provider is Gandi SAS, and the domain registration details align well with the business identity. The site is mobile-optimized, accessible, and SEO-friendly, with a good performance profile. From a security perspective, the site enforces HTTPS, uses security headers, and demonstrates best practices through certifications and cookie consent mechanisms. However, DNSSEC is not enabled, and no explicit vulnerability disclosure or incident response contacts are provided. The absence of direct company emails or phone numbers on the site suggests reliance on contact forms for communication. Overall, Naaia presents a strong security posture and business credibility with minor areas for improvement in DNS security and transparency of incident response. The site content is safe for general audiences, with no adult or questionable material detected.

C

Commissariat à l’énergie atomique et aux énergies alternatives (CEA)

ceasciences.fr

59

The website represents the Direction de la Recherche Fondamentale (DRF) of the Commissariat à l’énergie atomique et aux énergies alternatives (CEA), a major French public research institution. It showcases extensive scientific research activities across multiple disciplines including physics, chemistry, biology, and health sciences, supported by a large community of over 6000 researchers. The site serves multiple audiences including researchers, institutional partners, journalists, and the general public, providing news, resources, and institutional information. The business model is focused on public research and innovation with strong ties to academic and industrial partners. Technically, the site is built on Microsoft SharePoint, leveraging standard web technologies and integrating Matomo analytics for user tracking and Google reCAPTCHA for bot protection. The infrastructure appears stable and professionally maintained, with moderate performance and basic mobile optimization. SEO and accessibility are adequately addressed, though some improvements could be made. From a security perspective, the site uses HTTPS and implements standard SharePoint security features such as form digest tokens. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident. Privacy compliance is good with a comprehensive GDPR-aligned privacy policy, but lacks a visible cookie consent mechanism. No incident response or vulnerability disclosure information is published. Overall, the website is trustworthy, professional, and aligned with the institutional identity of CEA. It poses low risk from a security and privacy standpoint but could enhance transparency and user consent mechanisms to improve compliance and user trust.

C

CEA-Leti

leti-cea.fr

59

CEA-Leti is a prominent French government research institute specializing in micro and nanotechnologies, focusing on applied research and innovation in wireless communication systems, biology and health, imaging, and micro-nano systems. The website reflects a well-established institution with a strong market position in technology research, supported by the Commissariat à l'Énergie Atomique et aux Énergies Alternatives (CEA). The site targets a broad audience including the general public, enterprises, journalists, and academic institutions. Technically, the website is built on Microsoft SharePoint, leveraging modern web technologies and analytics tools such as Matomo and Google reCAPTCHA for security. The security posture is solid with HTTPS enforced, though improvements could be made by adding security headers and cookie consent mechanisms. The absence of WHOIS data is noted but does not detract significantly from the site's legitimacy given its official nature and consistent branding. Overall, the site is professional, trustworthy, and serves as a comprehensive portal for CEA-Leti's research activities and partnerships.

C

CEA

prisonnier-quantique.fr

52

Le Prisonnier quantique is an educational interactive game developed and hosted by the French public research organization CEA. It aims to promote scientific and technical culture through a free browser-based adventure game targeting a general audience including students and educators. The website is well-branded with official CEA logos and partnerships, providing a trustworthy platform for educational content. Technically, the site uses standard web technologies with responsive design and integrates Matomo analytics for privacy-conscious user tracking. Security posture is adequate with HTTPS and no visible vulnerabilities, though security headers and explicit cookie consent mechanisms are missing. Contact information is limited to official CEA email addresses, supporting legitimacy but lacking phone or physical address details. Overall, the site is professional, secure, and suitable for its educational mission.

M

Městská divadla pražská

mestskadivadlaprazska.cz

79

Městská divadla pražská is a prominent cultural institution operating the largest single ensemble drama theatre across three stages in the center of Prague. The organization offers theatrical performances, ticket sales, educational programs, and media content such as blogs and podcasts, targeting a general audience interested in theatre and culture. The website reflects a mature digital presence with a professional design, clear navigation, and mobile responsiveness. The technical infrastructure leverages modern web technologies including Bootstrap, jQuery, and analytics tools like Matomo and Facebook Pixel, ensuring a robust user experience. Security posture is solid with HTTPS enforced and secure form handling, although some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website demonstrates high professionalism and trustworthiness, supporting the institution's mission effectively.

C

Cecoforma S.A

creative-europe-media.eu

60

Creative Europe MEDIA is a specialized platform providing comprehensive information on training and mentoring courses supported by Creative Europe MEDIA, targeting audiovisual professionals across Europe. The website serves as a central hub for accessing a wide range of educational programs, workshops, and industry networking opportunities, positioning itself as a key resource within the European media training ecosystem. The business operates primarily in the media sector, with a focus on animation, documentary, production, and related audiovisual disciplines, and is based in Belgium under the legal entity Cecoforma S.A. Technically, the website employs modern JavaScript technologies, integrates Google reCAPTCHA for form security, and uses Matomo and Google Analytics for user behavior tracking with privacy compliance mechanisms such as cookie consent banners. The site is well-optimized for mobile devices, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent with opt-in/out capabilities, and protects forms with reCAPTCHA. However, it lacks explicit security headers and a public vulnerability disclosure policy, which are recommended for enhanced security posture. No critical vulnerabilities or suspicious activities were detected. Overall, the website presents a professional, trustworthy, and user-friendly experience with strong compliance to privacy regulations. The domain registration details align with the business claims, supporting legitimacy. Strategic recommendations include implementing additional security headers, publishing a vulnerability disclosure policy, and enhancing incident response transparency.

E

ENGIE

engie.fr

63

ENGIE France is a major energy company focused on accelerating the transition to a carbon-neutral world through renewable electricity and gas production, distribution, and infrastructure services. The website reflects a strong market position as a leader in solar, wind, and biomethane production in France, targeting individuals, professionals, enterprises, and public entities. The digital infrastructure uses modern technologies such as Tailwind CSS, GSAP, and Matomo analytics, with a custom ENGIE design system ensuring consistent branding and good user experience. Security posture is moderate with cookie consent implemented and no obvious vulnerabilities detected, though explicit security policies and headers are not evident. WHOIS data is unavailable likely due to privacy protection, but the website's professional presentation and linkage to official ENGIE domains support legitimacy. Overall, the site is well-designed, compliant with privacy regulations, and trustworthy, though improvements in security transparency and contact information availability are recommended.

R

Réseau pour les Alternatives Forestières

alternativesforestieres.org

45

The Réseau pour les Alternatives Forestières is a French non-profit organization dedicated to promoting sustainable and alternative forestry practices. The website serves as a hub for community members, forest professionals, and associations interested in ecological forest management, offering training, events, publications, and a platform for collective forest management. The organization positions itself as a niche player focused on environmental stewardship and community engagement in forestry. Technically, the website is built on the SPIP CMS platform, utilizing modern JavaScript libraries such as jQuery, Leaflet for mapping, and Matomo for privacy-conscious analytics. The site is mobile-optimized with a good user experience and clear navigation, although accessibility features are basic. Cookie consent is managed via Tarteaucitron, reflecting compliance with GDPR requirements. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is unavailable due to query failure, likely indicating privacy protection, which is justified for this type of non-profit entity. Overall, the website presents a trustworthy and professional front with good content quality and privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen the security posture and user trust.

M

Mountain Wilderness France

mountainwilderness.fr

45

Mountain Wilderness France is a well-established non-profit organization dedicated to the protection and preservation of mountain environments. Founded in 1988, it operates primarily through volunteer engagement, advocacy, and educational initiatives to promote sustainable mountain use and conservation. The website reflects a mature digital presence with comprehensive content, clear navigation, and a strong focus on community involvement and environmental stewardship. Technically, the site uses modern web technologies including Craft CMS and Vue.js, with Matomo analytics for privacy-conscious user tracking. Security posture is generally good with HTTPS and CSRF protections, but lacks some security headers and cookie consent mechanisms. The absence of WHOIS data is a notable gap that impacts domain trustworthiness, though the organization's legitimacy is supported by its content and social media presence. Overall, the site is professional, trustworthy, and well-suited for its target audience of environmental advocates and volunteers.

R

Rivières Sauvages

rivieres-sauvages.fr

51

Rivières Sauvages is a French non-profit organization dedicated to protecting the last wild rivers in France and Europe through a conservation label and network. The website serves as an informational and engagement platform offering educational programs, scientific studies, publications, and multimedia content to support river conservation efforts. The organization targets environmental stakeholders, educators, and the general public interested in ecological preservation. Technically, the website is built on WordPress using modern plugins and themes, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and spam protection, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is partially met with a privacy policy but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its mission, though improvements in security transparency and privacy mechanisms are recommended.

E

Emmaüs France

emmaus-france.org

60

Emmaüs France is a well-established non-profit organization dedicated to social inclusion and fighting exclusion through community support, reemployment, and ecological alternatives. Founded over 70 years ago, it holds a strong market position in France with a large network and a clear mission to empower vulnerable populations. The website reflects this mission with comprehensive content, clear navigation, and multiple engagement channels for donors, volunteers, and partners. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses privacy-respecting analytics (Matomo). It is hosted behind Cloudflare DNS and enforces HTTPS, ensuring a secure browsing experience. Security practices are good, with cookie consent mechanisms and domain transfer protections, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable digital presence for the organization.

C

Canopée

canopee-asso.org

59

Canopée is a French non-profit organization dedicated to protecting forests through expert investigations, advocacy, and citizen mobilization. Founded in 2018, it has established itself as a reference in forest protection with a small but agile team. The website reflects a mature digital presence with a WordPress CMS, modern analytics tools like Matomo and Microsoft Clarity, and a strong emphasis on privacy compliance via cookie consent and GDPR-aligned policies. Security posture is good with HTTPS and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data is mitigated by the professional and transparent nature of the site content and social proof. Overall, Canopée demonstrates a credible and trustworthy online presence aligned with its mission.

C

Commissariat à l'Énergie Atomique et aux Énergies Alternatives (CEA)

cea.fr

57

The Commissariat à l'Énergie Atomique et aux Énergies Alternatives (CEA) is a major French governmental research organization focused on scientific and technological innovation in energy, defense, digital technologies, and health. The website reflects a well-established institution with a broad scope of research and innovation activities, targeting government, industry partners, researchers, and the general public. The site is professionally designed using Microsoft SharePoint, featuring multimedia content, clear navigation, and official branding. Technically, the site employs modern web technologies including HTTPS, Matomo analytics for privacy-conscious tracking, and Google reCAPTCHA for bot protection. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant. The WHOIS data is unavailable, likely due to AFNIC policies or privacy protection, but the domain and content strongly support legitimacy. Overall, the website is a trustworthy and authoritative source for information about CEA's research and innovation activities.

B

BRGM

brgm.fr

58

BRGM is the French national geological survey and a public institution specializing in geological research and management of soil and subsoil resources and risks. It holds a prominent position as the national reference in its sector, providing scientific and technical expertise to public and private stakeholders. The website reflects a mature digital presence built on Drupal 10, with privacy-conscious analytics via Matomo and a professional design optimized for accessibility and mobile devices. Security posture is strong with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. The absence of WHOIS data is a limitation but the domain and content align with a legitimate public entity. Overall, the site is trustworthy and serves its audience well.

É

École Nationale Supérieure de Chimie de Montpellier

enscm.fr

53

The École Nationale Supérieure de Chimie de Montpellier (ENSCM) is a reputable French public engineering school specializing in chemistry education and research. The website presents a professional and well-structured digital presence, targeting prospective students, researchers, and industry partners. It highlights the institution's long history since 1889, its international partnerships, and its position as the second leading chemistry engineering school in France. Technically, the site is built on WordPress, uses modern web technologies including jQuery and TinyMCE, and integrates Matomo analytics for user tracking. Security best practices such as HTTPS and security headers are implemented, though privacy and cookie policies are not clearly presented, indicating room for compliance improvement. Overall, the site is trustworthy, content-rich, and professionally maintained, supporting the institution's credibility and market position.

C

CHARM-EU

charm-eu.eu

61

CHARM-EU is a European university alliance focused on delivering challenge-driven, accessible, research-based, and mobile education primarily in sustainability and global challenges. The website presents a well-structured educational platform offering master's programs, micro-credentials, mobility opportunities, and research hubs. The technical infrastructure is built on a modern WordPress CMS with Elementor, enhanced by SEO and analytics tools such as Yoast SEO, Matomo, and Google Tag Manager. Security posture is strong with HTTPS, security headers, and reCAPTCHA integration, though explicit cookie consent and security policies are not prominently published. The site demonstrates good design quality, navigation, and content relevance, targeting learners, academics, researchers, and institutional partners. Overall, the domain registration and WHOIS data align with the website's educational mission, indicating legitimacy and trustworthiness.

I

Institut de Recherche pour le Développement (IRD)

ird.fr

57

The Institut de Recherche pour le Développement (IRD) is a prominent French public research institute focused on sustainable development and scientific partnerships with countries in the Global South. The website reflects a mature digital presence with multilingual support, comprehensive content on research activities, and a strong emphasis on innovation and capacity building. The organization positions itself as a key player in international scientific cooperation and sustainable development research. Technically, the site is built on Drupal 10, leveraging modern analytics (Matomo) and cookie management tools (Tarteaucitron.js), ensuring compliance with privacy regulations such as GDPR. The website is mobile-optimized and exhibits good SEO and accessibility practices, though some improvements in accessibility compliance and security headers are recommended. Security-wise, the site uses HTTPS and cookie consent mechanisms effectively, but lacks explicit security policy documentation and incident response contacts. No vulnerabilities or suspicious activities were detected in the content or scripts. WHOIS data is not publicly available, consistent with French domain registration norms, and does not raise legitimacy concerns. Overall, the IRD website demonstrates a strong security posture, professional content quality, and good privacy compliance, making it a trustworthy and authoritative source in its domain.

I

Inria

inria.fr

64

Inria is a well-established French national research institution specializing in computer science and applied mathematics. The website reflects a professional and consistent brand identity, targeting researchers, academics, and industry partners. The technical infrastructure is modern, leveraging Drupal 10 CMS and privacy-conscious Matomo analytics, with a cookie consent mechanism implemented via tarteaucitron.js. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements could be made by adding security headers and publishing explicit security policies. Overall, the domain registration and website content are consistent and legitimate, supporting a high trust level.