Security Directory

Domorrow is a family philanthropic endowment fund established in 2020 by the family of Bruno Rousset, operating under the parent company Evolem. The fund supports projects focused on ecological transition and sustainable agriculture, targeting non-profit organizations and project leaders in these sectors. The website is professionally designed using WordPress with modern SEO and privacy-compliant features, including a cookie consent mechanism and a comprehensive privacy policy. The technical infrastructure is robust, hosted by Hosteur SARL, and employs privacy-respecting analytics via Matomo. Security posture is good with HTTPS enforced, though some security headers and explicit policies are missing. No contact emails or phone numbers are directly listed, with contact primarily via a support form. Overall, the site is trustworthy, well-branded, and aligned with its stated mission.

E

Evolem

evolem.com

57

Evolem is a family office investment organization founded by entrepreneur Bruno Rousset, focusing on supporting entrepreneurs through investments and philanthropy. The company targets SME managers, startups, and non-profit projects promoting entrepreneurship, employment, and environmental sustainability. The website reflects a mature digital presence with clear business descriptions, structured navigation, and consistent branding. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and GDPR compliance, indicating a good level of digital maturity. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers and policies could be enhanced. Overall, Evolem presents a trustworthy and professional online presence aligned with its business objectives.

C

Centre de Ressources des Hauts Pays Alpins

centre-de-ressources.fr

51

Centre de Ressources des Hauts Pays Alpins is a French non-profit association serving as a resource hub for local associations and communities in the Hauts Pays Alpins region. The organization provides equipment sharing, digital mediation, training, and studio services to support regional development and cooperation. The website reflects a well-established entity founded in 2009, with a clear focus on community engagement and support. Technically, the website is built on WordPress with a modern theme and plugins including Yoast SEO, Matomo Analytics, and Complianz GDPR for privacy compliance. Hosting is provided by OVH, a reputable provider. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism in place. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though some security headers are not explicitly detected and no formal security policy or incident response contacts are published. No vulnerabilities or suspicious activities were found in the analysis. The domain registration data is consistent with the business history and website content, supporting legitimacy. Overall, the website is professional, trustworthy, and well aligned with its non-profit mission. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen the security and compliance posture.

Héliocat is a small French business led by Pierre-Yves Cavellat, specializing in training, facilitation, and consulting on collaborative practices within organizations and networks, particularly in the social economy sector. The company offers in-person and remote services, including deployment of collaborative digital tools, and is certified by QUALIOPI, indicating recognized quality standards. The website is built on WordPress, hosted by OVH, and integrates Stripe for payments and Matomo for privacy-conscious analytics. The site is professionally designed with good content quality and clear navigation, targeting organizations primarily in Brittany and the broader western France region. From a technical perspective, the website uses modern web technologies and plugins, including jQuery and SKT Blocks, and is mobile-optimized. Security posture is solid with HTTPS enabled and no visible sensitive data exposure, though the absence of security headers and published privacy or cookie policies represents compliance gaps. The WHOIS data is privacy-protected, which is common for small businesses, and no suspicious patterns were detected. Contact information is available via email and phone, with social media presence on LinkedIn. Overall, the website demonstrates a good level of professionalism and security for a small service-oriented business, but improvements in privacy compliance and security headers are recommended to enhance trust and regulatory adherence.

G

Grand Café

grand-cafe.cz

51

Grand Café operates as a specialized e-commerce retailer focused on coffee products, coffee machines, and related accessories primarily serving the Czech Republic market. The website presents a professional and comprehensive catalog of products including various coffee brands, coffee machines, capsules, syrups, and barista tools. The business targets coffee retailers, cafes, offices, and individual consumers seeking quality coffee products and equipment. The platform also offers customer support and servicing options, enhancing its value proposition. Technically, the website is built on the eshop-rychle.cz platform, utilizing modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. The site is mobile-optimized with good navigation and SEO practices. Security posture is solid with HTTPS enforced and consent mechanisms for cookies, although some security headers could be improved. No WAF or blocking mechanisms interfere with content accessibility. From a security and compliance perspective, the site shows good privacy compliance with a visible privacy policy and cookie consent. However, no explicit security policy or incident response contacts were found. The WHOIS data is privacy-protected, which is common for e-commerce businesses, and no suspicious patterns were detected. Contact information is available with clear phone numbers but no public email addresses were found in the HTML. Overall, Grand Café presents a trustworthy and professional online presence with a strong focus on coffee retail and service. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving accessibility features to further strengthen trust and compliance.

I

Idéomauges

ideomauges.fr

40

Idéomauges is a regional government advisory website focused on the territorial prospective council of the Mauges community in France. The site provides governance information, news updates, and a member space for collaboration, targeting local government stakeholders and community members. The business operates as a small public sector entity founded in 2023, with a clear focus on community engagement and regional planning. Technically, the website is built on WordPress using the Divi theme and enhanced with Yoast SEO for search optimization. It employs Matomo analytics for user tracking and is hosted on o2switch servers. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The technical infrastructure is modern and well-maintained, supporting a professional online presence. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism, indicating basic compliance with privacy regulations. However, it lacks explicit security headers and published policies for privacy, incident response, and vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is transparent and consistent with the organization's founding date, supporting legitimacy. Overall, the website presents a trustworthy and professional front for the Idéomauges council but would benefit from enhanced privacy and security documentation to improve compliance and user trust. Strategic recommendations include publishing privacy and terms of service policies, implementing additional security headers, and establishing incident response protocols.

Scènes de Pays is a regional cultural event platform operated as a service of Mauges Communauté in France. It focuses on programming theatrical and cultural events for the general public, families, and schools, positioning itself as a key regional promoter of cultural activities. The website provides comprehensive event information, ticketing links, and practical guides, supporting community engagement and cultural participation. Technically, the site is built on WordPress using the Divi theme, enhanced with accessibility features, SEO optimizations, and a cookie consent mechanism compliant with GDPR. The use of Matomo analytics indicates a privacy-conscious approach to user tracking. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though the site lacks a dedicated security policy or incident response contact. WHOIS data is privacy protected, typical for French domains, and the domain appears legitimate and consistent with the business. Overall, the website is professional, user-friendly, and trustworthy, serving its community-oriented mission effectively.

Onestein B.V. is a Dutch company specializing in open-source business software solutions, prominently featuring their CURQ ERP system based on Odoo Community. They provide consultancy, support, and custom development services tailored to businesses ranging from startups to enterprises, with a strong emphasis on Dutch financial compliance and community management. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site runs on Odoo CMS, uses Matomo for analytics, and employs modern web technologies such as Bootstrap and FontAwesome. Security posture is solid with HTTPS enforced, CSRF tokens present, and DNSSEC enabled, though the absence of explicit security headers and cookie consent mechanisms indicates room for improvement in compliance and defense-in-depth. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

T

The Cochrane Collaboration

cochrane.org

72

The Cochrane Collaboration is a globally recognized non-profit organization dedicated to producing trusted health evidence through systematic reviews and evidence synthesis. Their website reflects a mature digital presence with a professional design, multi-language support, and comprehensive content targeting scientists, policymakers, healthcare professionals, and the public. The organization is well-positioned in the healthcare sector, influencing major health guidelines such as those from WHO. Technically, the site is built on Drupal 10 with modern libraries and includes Matomo analytics, demonstrating a commitment to privacy and data-driven improvements. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be enhanced. Overall, the site is trustworthy, accessible, and professionally maintained, supporting the organization's mission to improve health decisions worldwide.

L

Librairie Quae

quae.com

71

Librairie Quae operates as a specialized online bookstore focused on scientific literature, offering a broad catalog of printed and digital books, including open access ebooks through its partner platform Quae-open. The website demonstrates a professional e-commerce infrastructure with modern technologies such as jQuery, Google Analytics, Matomo, and Owl Carousel, and is built likely on a Ruby on Rails framework. The site is well-structured with clear navigation and a responsive design, targeting scientists, professionals, and the general public interested in science. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is adequate with HTTPS and CSRF protections, but lacks advanced security headers and explicit policies such as privacy and terms of service. Cookie consent is implemented, indicating some privacy compliance efforts. Overall, the site is functional and trustworthy in content but requires improvements in transparency and security documentation.

Domorrow is a French philanthropic endowment fund established in 2020 by the family of Bruno Rousset, operating under the Evolem group. The organization focuses on supporting projects related to sustainable agriculture and ecological transition, aiming to foster environmental and social solidarity. The website reflects a clear mission and target audience, with professional design and comprehensive content that supports their philanthropic goals. Technically, the site is built on WordPress with modern plugins and privacy-respecting analytics, hosted by Hosteur SARL in France. Security posture is good with HTTPS and cookie consent mechanisms, though some additional HTTP security headers could enhance protection. The domain registration is consistent and legitimate, with no suspicious patterns detected. Overall, Domorrow presents a trustworthy and professional online presence aligned with its non-profit mission.

F

Fondation Terre Solidaire

fondation-terresolidaire.org

56

Fondation Terre Solidaire is a French non-profit organization founded in 2016, dedicated to accelerating ecological and solidarity transitions by funding and supporting concrete projects. The foundation targets individuals, associations, and companies interested in contributing to ecological causes, leveraging donations and partnerships to finance impactful initiatives. The website is professionally designed, well-structured, and provides clear information about the foundation's mission, projects, and ways to engage. Technically, the site is built on WordPress with Elementor and Yoast SEO, hosted by OVH sas, and uses modern analytics and marketing tools with a cookie consent mechanism. Security posture is good with HTTPS enabled and domain registration protections, though DNSSEC is not enabled and no explicit security policies or vulnerability disclosures are published. Overall, the website is trustworthy, compliant with GDPR, and effectively communicates its mission and services.

R

Réseau Canopé

mathador.fr

59

Mathador is an educational platform operated by Réseau Canopé, focused on promoting mental calculation skills through engaging games and contests. The website offers both digital and physical game formats, targeting students and educators primarily in France. The platform is well integrated with educational initiatives and provides resources to motivate learners in mathematics. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Matomo analytics, with a cookie consent mechanism compliant with GDPR. The website is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some security headers and explicit security policies are not evident, suggesting room for improvement in security hardening. Security posture is moderate with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data limits domain trust verification, but the strong affiliation with a reputable educational network and consistent branding supports legitimacy. Privacy compliance is well addressed through cookie management and privacy policy presence. Overall, Mathador presents a trustworthy and professional educational service with a solid digital presence. Strategic enhancements in security headers, incident response transparency, and WHOIS data availability could further strengthen trust and compliance.

R

Réseau Canopé

hiboutheque.fr

56

Hibouthèque is an online documentary management solution specifically designed for primary school libraries (BCD) offered by Réseau Canopé. It targets French-speaking teachers in France and abroad, providing a subscription-based service that facilitates catalog management, loans, returns, and reservations. The platform is web-based, requiring no installation, and supports multiple simultaneous users. It includes user assistance through monthly webinars and technical support. The website is professionally designed with consistent branding and clear navigation, reflecting a mature digital presence in the education sector. Technically, it leverages modern frameworks such as Symfony 6.4, Bootstrap 5.3, and jQuery 3.7, with Matomo analytics for privacy-conscious user tracking. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though security headers and formal security policies are absent. Privacy compliance is strong, with clear GDPR-aligned policies and cookie management. Overall, the site is trustworthy and well-positioned within its niche.

R

Réseau Canopé / eTwinning France

etwinning.fr

62

eTwinning.fr is a professionally maintained educational support website operated under the auspices of Réseau Canopé and linked to the French Ministry of Education and Erasmus+. It serves as a community and resource hub for European schools and teachers to collaborate on educational projects. The site offers training, project management tools, and recognition programs to enhance educational collaboration across Europe. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes privacy-conscious analytics via Matomo. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data limits domain registration trust verification, but the site’s official affiliations and professional presentation indicate legitimacy. Overall, the site is a high-quality, trustworthy resource for its target audience.

E

Formez-vous en ligne | Formation enseignant | e-inspé

e-inspe.fr

57

The website www.e-inspe.fr is a public online educational platform dedicated to providing free training courses for teachers in France, from kindergarten through high school. It is supported by the French Ministry of Education and offers pedagogical resources and video-based learning modules designed by experts. The platform targets educators seeking to enhance their teaching skills with accessible, research-based content. Technically, the site is built on Drupal 10 CMS, uses Bootstrap for styling, and integrates Video.js for media playback. It employs Matomo analytics for user tracking with cross-domain capabilities. Security-wise, the site enforces HTTPS and secure login via SAML but lacks some security headers and explicit privacy and cookie policies. WHOIS data is unavailable, which is typical for .fr domains managed by AFNIC, and does not detract from the site's legitimacy. Overall, the site presents a professional, trustworthy, and well-structured educational resource with room for improvement in privacy transparency and security headers.

C

CanoTech

canotech.fr

58

CanoTech is a French educational platform specializing in continuing education for primary and secondary school teachers and educational teams. The website offers training modules aimed at diversifying student learning experiences. The business operates in the education sector with a focus on teacher professional development. The website is built using modern web technologies including Angular and employs Matomo and Piwik Pro for analytics tracking. The site is responsive and well-structured, providing a good user experience for its target audience. However, the absence of WHOIS data for the domain and lack of visible privacy and cookie policies indicate areas for improvement in transparency and compliance. Security headers are not detected, and SSL configuration details are unknown, suggesting potential enhancements in security posture. Overall, the website appears legitimate and safe, but the missing WHOIS information and privacy compliance gaps reduce trustworthiness.

L

Laïta

laita.com

71

Laïta is a well-established cooperative dairy company based in the Grand Ouest region of France, founded in 1997. The website serves as the official portal for the cooperative, providing information about its dairy production and cooperative services. The business is positioned as an important regional player in the manufacturing sector, specifically dairy production. The website demonstrates a good level of digital maturity with modern technologies such as Cookiebot for GDPR-compliant cookie consent and Matomo for privacy-respecting analytics. Hosting is managed via Eolas infrastructure with domain registration dating back to 1997, indicating a stable and credible online presence. Security posture is solid with HTTPS enabled and no visible vulnerabilities, although some security headers could be added to enhance protection. Privacy compliance is strong, with clear cookie consent mechanisms and privacy policy references. However, explicit contact information and detailed security policies are not present on the site, which could be improved to enhance trust and transparency.

H

Hoop Corporate Services SA

hoop.swiss

48

Hoop Corporate Services SA operates a fully digital platform specialized in company formations and modifications within Switzerland. Targeting fiduciary firms, law offices, notaries, and corporate legal departments, Hoop streamlines traditionally complex and time-consuming processes by offering a 100% digital workflow including rapid capital deposit account setup via Yapeal. The company positions itself as a unique Swiss solution combining technology with compliance and efficiency. Technically, the website leverages modern frameworks such as Next.js and React, integrates analytics tools like Matomo and Google Analytics, and is hosted on a Swiss cloud infrastructure certified to ISO 27001 standards. Security posture is strong with HTTPS enforcement and secure cloud storage, though explicit security headers could be improved. Privacy compliance is well addressed with clear cookie and privacy policies. Overall, Hoop demonstrates a mature digital presence with strong business credibility and technical sophistication.

U

U Logistique

u-logistique.com

9

U Logistique is a large French logistics company serving the Coopérative U retail cooperative. The company specializes in transport logistics, warehouse management, and supply chain expertise, operating 27 sites and managing millions of parcels annually. The website reflects a professional and consistent brand presence with clear business focus and recruitment efforts. Technically, the site is built on WordPress with modern SEO and analytics tools, including Matomo for privacy-conscious tracking. Security posture is good with HTTPS and cookie consent implemented, though additional security headers and explicit policies are recommended. The absence of WHOIS domain registration data is a concern for domain legitimacy and should be investigated. Overall, the site is trustworthy and well-maintained but could improve transparency and security documentation.

K

KBOO

kboo.com

58

KBOO is a well-established community radio station based in Portland, Oregon, operating since 2002. It provides alternative media content and community engagement through live radio streaming, scheduled programs, and volunteer opportunities. The station operates as a non-profit entity funded primarily through donations, memberships, and underwriting. The website reflects a consistent brand and good content quality aimed at local community members interested in alternative and independent media. Technically, the site runs on Drupal 7 with Bootstrap and integrates analytics tools such as Google Analytics and Matomo. While the site is mobile optimized and has good SEO practices, it lacks some modern security headers and cookie consent mechanisms, which are areas for improvement. The domain registration data is consistent with the business claims, indicating a legitimate and trustworthy entity.

K

KBOO

kboo.org

10

KBOO is a well-established community radio station based in Portland, Oregon, providing alternative media content and community engagement since at least 1998, with roots going back to 1968. The station operates as a non-profit entity, funded primarily through donations, memberships, underwriting, and sponsorships. Its market position is that of a trusted local media outlet serving niche audiences interested in diverse and alternative programming. The website reflects this mission with clear navigation, relevant content, and community-focused services such as volunteer opportunities and program proposals. Technically, the website is built on Drupal 7 with Bootstrap and jQuery, integrating modern analytics tools like Google Analytics and Matomo, alongside marketing and engagement tools such as Olark live chat and ShareThis. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and security headers. Hosting and domain registration are consistent with the organization's profile, with Gandi SAS as registrar and EasyDNS as name servers. From a security perspective, the site uses HTTPS and employs some best practices like DoNotTrack in Matomo. However, DNSSEC is not enabled, and no explicit security headers were detected, which could expose the site to certain risks. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. No incident response or vulnerability disclosure policies are evident. Overall, KBOO's website is professional, trustworthy, and aligned with its community radio mission. Security and privacy practices could be enhanced to meet modern standards, particularly regarding DNS security and user consent. The site is safe for general audiences, with no adult or explicit content detected.

Elivia is a prominent French meat processing company specializing in beef, pork, veal, and lamb, serving large-scale retailers, butchers, and restaurants. Positioned as the second largest in France for beef meat cutting and preparation, Elivia emphasizes eco-responsible and organic meat supply chains, supported by its shareholder cooperative Terrena. The website reflects a mature digital presence with clear business messaging and professional branding. Technically, the site leverages WordPress CMS, integrates Google Tag Manager, Matomo analytics, Google reCAPTCHA, and a cookie consent solution (Axeptio), demonstrating a modern and privacy-conscious infrastructure. Security posture is strong with HTTPS enforced and bot protection mechanisms, though some security headers are not explicitly detected. The absence of WHOIS data limits domain registration trust but does not detract from the business legitimacy evident from the website content and external references. Overall, the site is well-structured, accessible, and compliant with privacy regulations, supporting a positive user experience and business credibility.

Loire Vins operates an e-commerce platform specializing in the sale of wines from the Loire region of France. The website targets French-speaking wine consumers and enthusiasts, offering a wide selection of red, white, rosé, sparkling, and organic wines directly sourced from producers. The business model focuses on direct-to-consumer sales with secure payment and fast delivery services. The company positions itself as a niche player in the French wine e-commerce market with a consistent brand presence and good content quality. Technically, the website is built on the PrestaShop CMS platform and integrates multiple modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Sendinblue, Matomo, and Skeepers for customer reviews. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with a well-structured technical stack supporting e-commerce operations. From a security perspective, the site enforces HTTPS, implements standard security headers, and uses cookie consent mechanisms compliant with GDPR. However, there is no publicly available security policy or incident response information, and no vulnerability disclosure program is evident. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, though the website content and technical setup suggest a legitimate business. Overall, Loire Vins presents a professional and trustworthy e-commerce platform for Loire wines, with room for improvement in transparency around security policies and domain registration details. Strategic recommendations include publishing security and incident response policies, establishing a vulnerability disclosure channel, and monitoring domain registration status to enhance trust and compliance.

I

Séjour et week-end en Charente et Charente-Maritime

infiniment-charentes.com

58

The website 'infiniment-charentes.com' serves as the official tourism portal for the Charente and Charente-Maritime regions in France. It provides visitors and locals with comprehensive guides on activities, events, and local attractions, positioning itself as a practical and authentic resource for sustainable tourism. The site targets residents and tourists seeking cultural, natural, and leisure experiences in these French regions. Technically, the website is built using modern web technologies including React and utilizes Matomo for privacy-conscious analytics. Hosting is provided by OVH sas, a reputable provider, and the domain is well-maintained with appropriate registration status. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the site employs HTTPS and has domain status protections to prevent unauthorized transfers or deletions. However, it lacks DNSSEC, explicit security headers, and formal vulnerability disclosure mechanisms. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet GDPR standards. Overall, the website is professional and trustworthy for its intended purpose but would benefit from enhanced privacy disclosures and security best practices to strengthen user trust and regulatory compliance.

L

Le journal du Grand Paris

lejournaldugrandparis.fr

53

Le journal du Grand Paris is a specialized regional media outlet focused on the economic development, innovation, and urban planning of the Ile-de-France region and the Grand Paris project. It serves business professionals, government officials, and stakeholders interested in regional development. The website offers news articles, analyses, and updates on transport, housing, public markets, and other relevant sectors. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses various plugins for SEO, membership, and GDPR compliance. Analytics are handled primarily via Matomo, ensuring privacy-conscious tracking. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. The WHOIS data is unavailable, which slightly impacts trust but the professional presentation and active social media presence support legitimacy. Overall, the site is well-maintained, content-rich, and compliant with privacy regulations, making it a credible source for its target audience.

C

Chiesi Farmaceutici S.p.A

chiesi.com

70

Chiesi Farmaceutici S.p.A is a large, globally recognized pharmaceutical company based in Italy, with over 80 years of experience specializing in respiratory, neonatology, and rare diseases. The company operates a professional corporate website primarily in Italian, offering detailed information about its therapeutic areas, research and development, partnering opportunities, and sustainability initiatives. The website demonstrates a mature digital presence with modern technologies such as Bootstrap, jQuery, Swiper.js, and Matomo analytics, alongside a robust cookie consent mechanism via OneTrust. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are not evident. WHOIS data is unavailable, which is unusual but the website content and branding strongly indicate legitimacy. Overall, the site is well-structured, accessible, and trustworthy, targeting healthcare professionals, partners, and patients.

C

Charentes Tourisme

charentestourisme.com

47

Charentes Tourisme is a regional tourism organization based in France, focused on supporting and boosting tourism activities in the Charentes region. The website offers a range of services including professional support, certifications like Tourisme & Handicap and Accueil Vélo, and digital tools such as online booking and data intelligence platforms. The organization targets tourism professionals, local authorities, and project leaders, positioning itself as a key regional player with a medium-sized operation founded in 2017. Technically, the website is built on WordPress with WooCommerce and uses modern tools like Google Analytics, Matomo, and Google Tag Manager, hosted by OVH sas. The site is well designed, mobile-optimized, and SEO-friendly, providing a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and some security plugins but lacks DNSSEC and explicit security headers, and does not publish a security policy or incident response information. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the business. The site is safe for general audiences with no adult or questionable content.

D

Département de la Charente-Maritime

charente-maritime.fr

65

The website la.charente-maritime.fr serves as the official online presence for the Département de la Charente-Maritime, a governmental entity in France. It provides extensive information about departmental services, elected officials, public projects, social services, tourism, and cultural activities. The site targets residents, visitors, and stakeholders within the Charente-Maritime region, offering a broad range of public sector services and information. The business model is that of a public sector government service provider, with a large scope and audience. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies such as Google Fonts, Google Maps API, and Matomo Analytics for privacy-conscious user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The presence of cookie consent mechanisms indicates attention to privacy compliance, though an explicit privacy policy page was not detected in the provided content. From a security perspective, the site enforces HTTPS and uses modern JavaScript libraries, but lacks visible security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which is unusual but may be due to AFNIC registry policies or privacy protections. Overall, the site appears trustworthy and professional, consistent with an official government entity. The overall risk is low, but improvements are recommended in publishing comprehensive privacy and security policies, implementing security headers, and providing clear contact information for security incidents to enhance trust and compliance.

F

Formation Animacoop

animacoop.net

50

Formation Animacoop is a French educational organization specializing in cooperative training across multiple cities in France. Established in 2010, it offers comprehensive training programs focused on animating and facilitating cooperative projects, collective intelligence, and collaborative digital tools. The organization targets professionals involved in project management, facilitation, coaching, and collective initiatives, providing blended learning with both in-person and remote sessions. The website reflects a mature digital presence with structured data, social media integration, and clear contact points. Technically, the site is built on WordPress with modern frameworks and includes GDPR-compliant cookie consent and privacy policies. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Overall, the site is professional, trustworthy, and well-positioned in its niche.

A

ADMvalue

admvalue.com

68

ADMvalue is a well-established French technology company founded in 2006, specializing in delivering customized customer relationship management and business process solutions that combine human intelligence, emotional intelligence, and artificial intelligence. The company positions itself as a leader in multishore and multilingual services, targeting B2B clients seeking digital transformation and enhanced customer experience. Their key services include front office customer service, technical assistance, sales, marketing consulting, and back office process management. The website reflects a professional and consistent brand image with excellent content quality and user experience.

C

Conseil départemental de la Vendée

vendee.fr

62

The website www.vendee.fr is the official online presence of the Conseil départemental de la Vendée, a government entity serving the Vendée department in France. It provides comprehensive information and services related to social support, infrastructure, culture, and public administration targeted at residents and stakeholders of the region. The site is well-branded, professionally designed, and structured to facilitate user navigation and access to departmental resources. Technically, the site is built on TYPO3 CMS with Bootstrap and FontAwesome for frontend styling, and integrates Matomo analytics for user behavior tracking, including heatmaps and session recordings. The presence of cookie consent mechanisms and structured data indicates a mature digital infrastructure with attention to privacy and SEO best practices. Performance and mobile optimization are good, supporting a positive user experience. From a security perspective, the site enforces HTTPS and includes some security headers, though additional headers like Content-Security-Policy could enhance protection. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is unavailable, likely due to privacy protection, which is justified for a government domain. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website demonstrates a strong security posture, good privacy compliance, and high business credibility as a government portal. Strategic recommendations include enhancing security headers and publishing a clear privacy policy page to improve transparency and compliance.

P

PortlandLabs, Inc.

portlandlabs.com

65

PortlandLabs, Inc. is a technology company specializing in delivering innovative, secure, and scalable digital solutions primarily targeting government agencies and large enterprises. The company emphasizes compliance with rigorous security frameworks such as ISO 27001, HIPAA, SOC2, and IL2/IL4, serving clients including the U.S. Department of Defense and Fortune 100 companies. Their service offerings span artificial intelligence, web content management, analytics, managed IT, application development, user experience design, and data privacy and protection. The website reflects a mature business with a professional online presence and strong trust indicators such as client logos and testimonials. Technically, the website is built on Concrete CMS and employs modern web technologies including jQuery, Google Tag Manager, Matomo Analytics, and Userback for feedback. The site is mobile optimized with good SEO and accessibility basics, though some improvements in accessibility and cookie consent mechanisms are recommended. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and claims compliance with multiple security standards. However, no explicit security headers were detected in the provided data, and no incident response or vulnerability disclosure information is publicly available. The absence of WHOIS registration data is a notable anomaly that may warrant further investigation to confirm domain legitimacy. Overall, PortlandLabs presents a credible and professional digital presence with a strong security and compliance focus. Strategic recommendations include enhancing privacy compliance with cookie consent, publishing security policies and incident response contacts, and verifying domain registration details to strengthen trust and transparency.

Douce France is a French poultry brand specializing in the production and sale of poultry products sourced and prepared within French regions. The website positions itself as a regional brand emphasizing quality, local sourcing, and family enjoyment. The site offers product information, recipes, and a customer loyalty program, targeting French consumers interested in quality poultry. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Smart Slider 3, and uses Matomo for analytics, indicating a privacy-conscious approach. The site is well-structured, mobile-optimized, and SEO-friendly. Security posture is good with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not found. WHOIS data for the domain is missing from the AFNIC database, which is unusual and reduces trustworthiness somewhat. Overall, the site is professional and trustworthy but would benefit from improved transparency in domain registration and security policies.

Sourires de Campagne is a French brand specializing in organic French meat products, emphasizing quality, traceability, and availability in supermarkets. The website presents a professional and consistent brand image supported by official quality certifications such as Viandes de France. The target audience includes consumers who value organic and locally sourced meat. Technically, the site is built on WordPress with modern plugins and frameworks, including Yoast SEO and Bootstrap, ensuring good SEO and mobile responsiveness. Security posture is adequate with HTTPS and hCaptcha integration, though security headers and explicit security policies are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data for this .fr domain is a notable gap but does not detract significantly from the overall legitimacy given the professional presentation and social media presence.

F

Festival des Pains

festivaldespains.com

49

Festival des Pains is a French artisan bakery brand that offers a wide range of bakery products including breads, baguettes, and specialty items. The company supports professional bakers through training programs, commercial opportunities, and partnerships with regional mills. The website is professionally designed, mobile-optimized, and provides rich content including multimedia and testimonials, targeting both professional bakers and general consumers interested in artisan bread. The business operates primarily in the retail and manufacturing sectors within France, positioning itself as a regional leader with a network of 26 mills.

Ackerman is a historic French wine house founded in 1811, specializing in fine sparkling wines from the Loire Valley, particularly Saumur and Crémant de Loire appellations. The company combines tradition with innovation to offer a range of wines for both gastronomic and casual consumption. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive content about the brand, products, and visitor experiences. Technically, the site is built on WordPress with Elementor and integrates modern tools such as Matomo for analytics and Axeptio for cookie consent, indicating a good level of digital maturity. Security posture is generally strong with HTTPS and CAPTCHA protections, though improvements in security headers and published security policies are recommended. Overall, the site is trustworthy and well-positioned in its niche, though the absence of WHOIS data slightly impacts domain trustworthiness.

Père Dodu is a well-established French brand specializing in poultry and prepared food products, operating since 1965. The website serves as a consumer-facing platform providing product information, recipes, and promotional campaigns, targeting general family audiences. The brand maintains consistent and professional digital branding with a focus on facilitating home cooking. Technically, the site is built on WordPress with modern SEO and performance plugins, including Yoast SEO and WP Rocket, and uses Matomo for analytics. The site is mobile-optimized and provides a good user experience, although some broken images were detected which could impact perception. Security posture is solid with HTTPS and standard security headers, but could be improved with enhanced form protections and fixing broken assets. Privacy and cookie policies are present and GDPR compliant, but no explicit contact emails or phone numbers were found, limiting direct contact options. WHOIS data is not publicly available, typical for AFNIC domains, but the domain appears legitimate given the professional site and brand history. Overall, the site is trustworthy, secure, and well-maintained, suitable for its retail and consumer engagement purposes.

R

Réseau Canopé

reseau-canope.fr

52

Réseau Canopé is a French public operator under the Ministry of National Education, Higher Education and Research, dedicated to the training of teachers and educational staff. It holds a strong market position as the national network for teacher training, offering a wide range of services including online courses, workshops, and digital educational resources. The website reflects a mature digital infrastructure using TYPO3 CMS and integrates advanced analytics tools such as Matomo and Piwik PRO for user engagement tracking. The site is well-designed, accessible, and optimized for mobile devices, providing a professional user experience. Security posture is strong with HTTPS enforcement and standard security headers, though there is room for improvement in explicit security policies and vulnerability disclosure. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high business credibility with official government affiliation, certifications, and active social media presence.

G

Groupe Caisse des Dépôts

caissedesdepots.fr

65

The Groupe Caisse des Dépôts is a major French public financial institution dedicated to serving the public interest through investment and management of public funds. The website reflects a well-established entity with a clear mission to support social, territorial, and economic development in France. The site is built on a modern Drupal 10 CMS platform, incorporating accessibility features, GDPR-compliant consent management, and Matomo analytics for user tracking. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly detailed. Overall, the website presents a professional and trustworthy digital presence aligned with its public institution status.

M

Mooj ! Le réseau Mobilités de Mauges Communauté

mooj.fr

51

Mooj ! Le réseau Mobilités de Mauges Communauté is a regional public transportation service operated by the local community of Mauges Communauté in France. The website serves as an information portal for residents and commuters, offering details on regular bus lines, school transport, transport on demand, train connections, carpooling, and electric bike rental and purchase aid. The service is positioned as a key regional mobility provider, supporting sustainable and accessible transportation options for the community. Technically, the website is built on WordPress using the Divi theme, enhanced with plugins such as Yoast SEO, Matomo Analytics, and MailPoet for marketing. The site demonstrates good digital maturity with responsive design, accessibility features, and SEO optimization. Performance is moderate, with common libraries like jQuery and Slick Carousel used for UI components. From a security perspective, the site enforces HTTPS, implements standard security headers, and includes a cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy page, vulnerability disclosure, and incident response contact information, which are recommended for enhanced trust and compliance. Overall, the website is professional, trustworthy, and well-aligned with its public service mission. The absence of WHOIS data due to privacy protection is not unusual for such entities and does not detract from the site's legitimacy. Strategic recommendations include publishing security policies and improving transparency around incident response to further strengthen security posture and user trust.

G

Géomatika

geomatika.fr

53

Géomatika is a specialized French company focused on Geographic Information Systems (GIS), offering a suite of software products and services centered around their IsiGéo platform. Their offerings include web-based GIS applications, mobile data collection apps, and tailored solutions for public sector entities such as municipalities and syndicates, as well as private companies. The company positions itself as a niche player providing powerful, customizable GIS tools for management and operational needs. Technically, the website is built on WordPress with modern plugins and frameworks, including Yoast SEO, Contact Form 7, and Matomo analytics, indicating a mature digital presence. Security-wise, the site enforces HTTPS, uses Google reCAPTCHA for form protection, and offers user privacy options via Matomo opt-out, but lacks explicit security headers and published privacy or cookie policies. The absence of WHOIS registration data limits domain trust assessment, though the professional website and detailed content support legitimacy. Overall, the site demonstrates good content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and security transparency.

V

VetAgro Sup

vetagro-sup.fr

55

VetAgro Sup is a French public higher education and research institution specializing in veterinary medicine, agronomy engineering, and public veterinary health inspector training. The institution holds multiple accreditations and offers a range of educational and clinical services, positioning itself as a reputable player in the education and healthcare sectors in France. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to students, researchers, and professionals in related fields. Technically, the site is built on WordPress with modern plugins and frameworks, including Elementor and Bootstrap, and integrates analytics tools such as Google Analytics and Matomo. Security posture is good with HTTPS enforced and use of ReCaptcha, although explicit security headers and published security policies are lacking. Privacy compliance is well addressed with visible cookie consent and privacy policies. Overall, the site is trustworthy and professionally maintained, with no signs of malicious activity or content blocking.

E

ENVT

envt.fr

61

ENVT (École Nationale Vétérinaire de Toulouse) is a well-established French educational institution specializing in veterinary education, research, and clinical services. The website reflects a mature digital presence with comprehensive content targeting students, veterinarians, researchers, and related stakeholders. It offers detailed information on educational programs, clinical services, research units, and international collaborations. The institution holds a strong market position as a national reference in veterinary training in France. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and FontAwesome, supported by various plugins for SEO, analytics (Matomo), and user interaction. The site is mobile-optimized and demonstrates good SEO practices with structured data and meta tags. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. However, some security headers are not explicitly detected, and no public security policy or incident response contacts are found. No vulnerabilities or suspicious activities were identified in the content or scripts. Overall, the website is professional, trustworthy, and compliant with GDPR, with clear business credibility and a high legitimacy score. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

C

Cirad

cirad.fr

62

Cirad is a prominent French public research organization specializing in agronomic research and international cooperation for sustainable development in tropical and Mediterranean regions. The website reflects a well-established institution with a clear mission, extensive research themes, and active engagement in global projects and partnerships. The digital infrastructure is modern, leveraging eZ Platform CMS, and integrates analytics tools such as Matomo and Google Analytics with privacy-conscious configurations. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is noted but does not detract significantly from the site's legitimacy given its government affiliation and professional presentation. Overall, the site is trustworthy, informative, and well-structured, serving a diverse audience including researchers, students, and institutional partners.

A

AgroParisTech

agroparistech.fr

55

AgroParisTech is a prominent French higher education and research institution specializing in agronomy, life sciences, environment, and food sciences. The website reflects a well-established academic entity with a comprehensive offering of engineering, master, doctoral, and continuing education programs. It also highlights active research, innovation initiatives, and international collaborations, positioning AgroParisTech as a leader in its sector within France and the Paris-Saclay academic ecosystem. The site targets students, researchers, academic staff, and industry partners interested in these domains. Technically, the website is built on Drupal 10, a modern and robust content management system, and employs Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization, clear navigation, and professional design quality. While performance is moderate, the infrastructure appears stable and suitable for an academic institution. Accessibility features are present but could be enhanced for better compliance. From a security perspective, the site uses HTTPS and shows no signs of exposed sensitive data or vulnerable libraries. However, it lacks explicit security headers and a publicly available security or vulnerability disclosure policy. Cookie consent mechanisms are implemented, indicating GDPR awareness, but no dedicated privacy or terms of service pages were detected in the provided content. Social media presence is active and official, enhancing trust. Overall, AgroParisTech's website is credible, professional, and secure with room for improvement in privacy policy transparency and security best practices. The domain registration data aligns well with the institution's profile, reinforcing legitimacy.

Shen Yun Performing Arts is a globally recognized performing arts company specializing in classical Chinese dance and music performances. The company tours extensively, reaching audiences in over 20 countries and 200 cities annually. Their business model centers on ticket sales for live shows that celebrate and revive traditional Chinese culture. The website is professionally designed, mobile-optimized, and rich in content, providing comprehensive information about performances, ticketing, and audience reviews. Technically, the site employs modern web technologies including React, Google Tag Manager, and multiple analytics platforms, ensuring good performance and user experience. Security posture is strong with HTTPS enforcement and security headers, though the absence of public WHOIS data slightly reduces domain trustworthiness. Overall, the site demonstrates a mature digital presence with effective marketing and analytics integration, supporting a reputable cultural enterprise.

T

TIMAC AGRO INTERNATIONAL

timacagro.com

70

TIMAC AGRO INTERNATIONAL is a well-established enterprise specializing in soil, plant, and animal nutrition, with a history dating back to 1959 in Saint-Malo, France. As part of Groupe Roullier, it holds a strong market position as an innovation leader in sustainable agriculture, serving farmers globally through a network of subsidiaries and field representatives. The company offers a comprehensive range of products and services focused on efficient and sustainable farming practices. Technically, the website is built on a modern WordPress platform using Elementor and WooCommerce, with advanced analytics and consent management tools implemented. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and a public security policy or incident response information. The absence of WHOIS data for the domain is a notable concern, potentially indicating privacy protection or registration issues, though the website content and branding strongly suggest legitimacy. Overall, the site demonstrates a high level of professionalism and trustworthiness, with room for improvement in transparency and security disclosures.

Terrena is a well-established agricultural cooperative based in the Grand Ouest region of France, serving 18,000 member farms and employing 13,000 people. The cooperative focuses on supporting farmers through local supply chains and strong brand management, aiming to provide responsible and accessible food. The website reflects a mature digital presence built on WordPress, with good SEO, mobile optimization, and privacy-conscious analytics via Matomo. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Security posture is solid with HTTPS enforced, though explicit security headers and incident response policies are not published. WHOIS data is unavailable, which slightly reduces trust but the overall business credibility remains high due to consistent branding and external partner references.

C

Concrete CMS

concrete5.org

74

Concrete CMS is an open source content management system designed for teams including content creators, designers, and developers. It offers a website builder with built-in tools to simplify content editing and management. The company behind Concrete CMS, PortlandLabs, positions itself as a provider of secure, compliant, and enterprise-ready CMS solutions, serving notable clients such as the U.S. Army, BASF, and Home Depot. Their business model includes offering the open source CMS software alongside hosting, support, and custom development services. The website demonstrates strong branding consistency, professional design, and clear navigation, targeting medium-sized to enterprise organizations in technology and government sectors. Technically, the website leverages modern web technologies including jQuery, Bootstrap, Vue.js, and integrates analytics and marketing tools such as Google Tag Manager, Matomo, ZoomInfo, Leadfeeder, and Pipedrive LeadBooster. The CMS platform itself is Concrete CMS, hosted likely by PortlandLabs. The site is mobile optimized and performs moderately well, with good SEO and accessibility features. From a security perspective, Concrete CMS emphasizes compliance with ISO 27001, SOC 2, and HIPAA standards, offering role-based access control, workflow approvals, and version control. The site uses HTTPS and has cookie consent mechanisms. However, explicit security headers are not detected, and there is no public vulnerability disclosure or incident response contact information, which are areas for improvement. Overall, the website is professional, trustworthy, and content safe for general audiences. The main concern is the lack of WHOIS registration data, which raises questions about domain legitimacy despite the strong business presence. Strategic recommendations include improving security header implementation, publishing vulnerability disclosure policies, and clarifying domain registration details to enhance trust.