Security Directory

Mouvement SOL operates as a French non-profit organization dedicated to promoting and supporting local complementary currencies (Monnaies Locales Citoyennes). The website serves as an informational and community hub, providing resources, news, and event information to stakeholders including local governments, businesses, associations, and citizens. The organization holds a leading position in the French market for local currency advocacy and coordination, with a history dating back to 2006. Technically, the website is built on the Odoo CMS platform, hosted by OVH sas, and uses Matomo for analytics, reflecting a modern but modest digital infrastructure. The site is well-structured, mobile-optimized, and professionally designed, with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and CSRF tokens implemented, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the organization.

C

Collectif des associations citoyennes

associations-citoyennes.net

52

The Collectif des associations citoyennes (CAC) is a French non-profit organization dedicated to defending the rights of associations and promoting social solidarity. The website serves as a hub for advocacy, events, publications, and mobilization efforts targeting associations and citizens engaged in social causes. The organization maintains an active presence on social media platforms including Facebook, Twitter, and YouTube, and provides multiple resource sites for knowledge sharing and mobilization. Technically, the website is built on WordPress using the Themify Ultra theme, incorporates modern JavaScript libraries such as Swiper.js, and employs Matomo for analytics, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and use of hCaptcha for forms, though there is room for improvement in security headers and cookie consent mechanisms. The absence of WHOIS registration data raises some concerns about domain legitimacy, but the website content and social presence strongly support the organization's authenticity. Overall, the site is professional, content-rich, and serves its target audience effectively.

M

Mouvement Colibris

colibris-lemouvement.org

50

Mouvement Colibris is a well-established French non-profit organization focused on promoting ecological and social solidarity through community engagement, education, and activism. The website serves as a hub for information, resources, and connections to various partner projects and educational platforms. The organization targets individuals and groups interested in sustainable living and social change. Technically, the website is built on Drupal 7, uses HTTPS, and integrates privacy-conscious analytics via Matomo. While the site is generally well-designed and mobile-optimized, it lacks modern security headers and up-to-date CMS versions, which could pose risks. Privacy compliance is incomplete due to missing privacy and cookie policies. Security posture is moderate with good SSL but missing DNSSEC and security headers. No incident response or vulnerability disclosure information is published. The domain registration is consistent and trustworthy, supporting the legitimacy of the organization. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to reduce risks and improve user trust.

H

Habitat Participatif France

habitatparticipatif-france.fr

58

Habitat Participatif France is a French citizen movement founded in 2013 dedicated to promoting participative, ecological, and solidarity-based housing projects. The organization acts as a federation providing resources, advocacy, and networking opportunities for individuals and groups interested in alternative housing models. The website is well-structured, professionally designed, and provides comprehensive information and tools to support participative housing initiatives across France. Technically, the site is built on the YesWiki CMS platform, leveraging Bootstrap 5 and jQuery, and employs Matomo analytics configured to respect user privacy by disabling cookies. Security posture is solid with HTTPS enforced and secure login forms, though some security headers could be improved. The absence of WHOIS data for the domain is a transparency concern but does not detract significantly from the site's legitimacy given the quality and consistency of content. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the site is trustworthy, informative, and serves a niche non-profit community effectively.

A

Artisans du Monde

artisansdumonde.org

45

Artisans du Monde is a French non-profit organization and associative distribution network dedicated to promoting fair trade products and solidarity artisan crafts. Established in 2001, it operates a network of shops and campaigns to inform, sensitize, and advocate for ethical commerce. The website reflects this mission with content focused on fair trade, education, and advocacy, targeting consumers interested in socially responsible products. Technically, the site is built on Joomla CMS with extensions like Flexicontent and uses modern JavaScript libraries such as jQuery and Select2. It employs Matomo analytics, indicating a preference for privacy-conscious tracking. The site is hosted on o2switch servers with HTTPS enabled, but lacks DNSSEC and some security headers, representing minor security gaps. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy or terms of service policies detected. Overall, the website is professional, well-branded, and trustworthy, with a moderate to good security posture.

M

MIRAMAP

miramap.org

57

MIRAMAP is a French non-profit organization dedicated to supporting and consolidating the movement of AMAPs (Associations for the Maintenance of Peasant Agriculture) across France. The organization promotes local, ecological, and solidarity-based agriculture by connecting producers and consumers through AMAP networks. MIRAMAP acts as a national representative and facilitator for these local networks, providing tools, events, and advocacy to strengthen sustainable food systems. The website reflects a mature and well-established entity with a domain registered since 2009, consistent with its organizational history. Technically, the website is built on WordPress using the Astra theme, leveraging common plugins such as Contact Form 7, Leaflet.js for interactive maps, and Matomo for analytics. The site is hosted by OVH sas, a reputable provider, and employs HTTPS with a valid SSL certificate. Mobile optimization and SEO practices are good, though some accessibility features could be improved. Cookie consent is managed via CookieYes, indicating attention to privacy compliance, although a dedicated privacy policy page is not explicitly found. From a security perspective, the site uses HTTPS and Google reCAPTCHA on forms, but lacks DNSSEC and several recommended security headers. No direct incident response or vulnerability disclosure policies are present, which could be areas for improvement. No suspicious or malicious content was detected, and the site is safe for general audiences. Overall, MIRAMAP presents a credible, professional, and trustworthy online presence for a non-profit agricultural movement. Strategic recommendations include enhancing security headers, enabling DNSSEC, and publishing clear privacy and security policies to improve compliance and trust further.

C

Commerce Équitable France

commercequitable.org

59

Commerce Équitable France is a French non-profit collective representing actors in the fair trade sector. The organization focuses on advocacy, education, campaigns, and member services to promote fair trade practices nationally. The website is well-structured, professionally designed, and targets both fair trade stakeholders and the general public interested in ethical commerce. The digital infrastructure is based on WordPress with modern plugins and analytics tools, indicating a moderate level of digital maturity. Security posture is good with HTTPS enforced and privacy compliance evident through cookie consent and privacy policies. However, some security headers are missing and WHOIS data is privacy-protected, which slightly reduces transparency. Overall, the website is trustworthy and professionally maintained, supporting the organization's mission effectively.

T

Terre de Liens

terredeliens.org

63

Terre de Liens is a well-established French non-profit organization dedicated to preserving agricultural land and supporting sustainable farming practices. The organization operates through a network of associations, an investment solidarity enterprise, and a public utility foundation. Their website reflects a mature digital presence with good content quality, clear navigation, and a focus on community engagement and transparency. Technically, the site uses modern JavaScript frameworks and analytics tools, hosted under reputable providers with HTTPS enabled. However, explicit privacy policies and terms of service are not readily found, and security headers are not visibly implemented, indicating areas for improvement in compliance and security posture. Overall, the domain registration data supports the legitimacy and trustworthiness of the organization.

A

Autour du 1er mai

autourdu1ermai.fr

44

Autour du 1er mai is a French non-profit cultural association dedicated to cinema, popular education, and collective projects aimed at societal improvement. The website serves as a portal for film-related resources, including a cinema and society database, filmographies, and event information. It also coordinates the TESSA project and participates in the CoreDem network, indicating active collaboration within the cultural sector. The target audience is general public interested in cinema and social issues. The organization has a long-standing presence since 2006, supported by a domain age of over 17 years and multiple partner affiliations. Technically, the website is built on the SPIP CMS platform, using standard web technologies such as HTML5, CSS, JavaScript, and jQuery. It employs Matomo analytics, a privacy-respecting tool, and is hosted by OVH, a reputable provider. The site demonstrates good mobile optimization and SEO practices but lacks some advanced accessibility features. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and privacy-conscious analytics but lacks explicit security headers and a cookie consent mechanism. There is no visible security policy or incident response contact information, which could be improved to enhance trust and compliance. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's claims, showing a legitimate and stable registration. Overall, the website is professional, trustworthy, and serves its niche well. Strategic recommendations include implementing cookie consent, adding security headers, publishing a security policy, and improving accessibility to strengthen compliance and security posture.

V

valemo.fr

valemo.fr

54

VALEMO is a French company specializing in the exploitation, maintenance, and supervision of renewable energy assets including wind, solar, hydroelectric, and marine energies. Established in 2011, the company has grown to a medium-sized enterprise with over 145 employees distributed across 15 bases, including a dedicated offshore team. VALEMO positions itself as a leading multi-energy operator in France, recently ranked as the 5th largest wind energy operator nationally. The company offers a comprehensive suite of services from engineering to onshore and offshore operations, targeting clients who own and operate renewable energy installations. Technically, the website is built on WordPress using Elementor and Yoast SEO, hosted by OVH, a reputable provider. The site integrates Matomo analytics for privacy-conscious user tracking and embeds YouTube videos for multimedia content. The website is mobile-optimized with good SEO practices but could improve accessibility and performance further. Security posture is solid with HTTPS enforced, though security headers and explicit security policies are absent. From a security and compliance perspective, the site implements a GDPR cookie consent mechanism but lacks visible privacy policies, terms of service, or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The domain registration is consistent with the business claims, showing a long-standing presence and no privacy protection, which supports legitimacy. Overall, VALEMO presents a professional and trustworthy online presence aligned with its business sector. However, improvements in privacy documentation, security headers, and contact transparency would enhance compliance and trustworthiness.

S

SIPPEREC

sipperec.fr

42

SIPPEREC is a French public syndicate specializing in energy and digital services for member municipalities, holding a leading market position in electricity concession, renewable energy production, and digital infrastructure in the Île-de-France region. The website is built on TYPO3 CMS and employs modern web technologies including Matomo for privacy-conscious analytics and Tarteaucitron.js for cookie consent management. The site is well-structured, mobile-optimized, and provides comprehensive content relevant to its target audience of local governments and residents. Security posture is solid with HTTPS enforced and no exposed sensitive data, though security headers are not visibly implemented. Privacy compliance is strong with clear policies and consent mechanisms. WHOIS data is unavailable, which slightly reduces trust but is common for French domains under AFNIC. Overall, the site presents a professional and trustworthy digital presence for a public sector entity.

The website for the Communauté de communes de l'île d'Oléron serves as the official digital presence for the local government community of Île d'Oléron in France. It provides comprehensive information on territorial management, community services, environmental initiatives, economic development, and cultural activities. The site targets residents and stakeholders of the island, offering resources and news relevant to their daily lives and local governance. The business model is that of a public service entity, focusing on community support and regional development. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Amazon Polly, ensuring good SEO and accessibility. The site is mobile-optimized and features a clear navigation structure. Security-wise, the site uses HTTPS and includes Google reCAPTCHA for form protection and a cookie consent mechanism, but lacks visible advanced security headers and published security policies. The WHOIS data is unavailable or hidden, which is unusual for a government domain and warrants further verification. Overall, the site is professional, trustworthy, and serves its community well, though improvements in privacy transparency and security documentation are recommended.

H

Hespul

hespul.org

60

Hespul is a French non-profit association with over 30 years of experience specializing in renewable energy, particularly solar photovoltaic technology, and energy efficiency. The organization focuses on accelerating the energy transition through project development, education, and community engagement. Their website reflects a mature digital presence with a clear mission and professional content targeting professionals and communities interested in sustainable energy solutions. Technically, the site uses modern web technologies including Foundation framework, FontAwesome icons, and Matomo analytics, hosted on a reputable registrar's infrastructure. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and cookie consent mechanisms. The absence of direct contact emails or phone numbers is a minor limitation, with contact primarily via web forms. Overall, the domain registration data aligns well with the organization's claims, supporting legitimacy and trustworthiness.

É

Épices Énergie

epices-energie.fr

55

Épices Énergie is a French company specializing in software solutions for the supervision and management of renewable energy installations, including photovoltaic, wind, and hydroelectric power plants. The company targets energy producers and operators seeking efficient tools to monitor and optimize their renewable energy assets. Their market position is that of a niche provider offering a comprehensive web and mobile platform tailored to the renewable energy sector. Key services include data centralization, real-time production monitoring, performance evaluation, maintenance management, and personalized customer support. Technically, the website employs modern web technologies such as Bootstrap 5, jQuery, FontAwesome 6 Pro, and Matomo analytics, indicating a mature digital infrastructure with responsive design and moderate performance. However, there is no explicit CMS detected, and hosting details are not disclosed. The site is well-structured with good navigation and content relevance, supporting a positive user experience. From a security standpoint, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are critical for compliance and user trust. No incident response or vulnerability disclosure information is provided. The absence of WHOIS data limits domain trust assessment, though the presence of client logos and a LinkedIn profile adds credibility. Overall, Épices Énergie presents a professional and trustworthy online presence with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen their risk posture and user confidence.

F

FAIR

finance-fair.org

64

FAIR is a French non-profit collective dedicated to promoting social impact finance through education, certification (Finansol label), and community engagement. The website is professionally designed using Drupal 10, with good mobile optimization and accessibility. It integrates multiple analytics tools including Matomo, Google Tag Manager, and Microsoft Clarity, alongside a robust cookie consent mechanism. Security posture is good with HTTPS enforced, though some security headers and policies could be improved. WHOIS data is unavailable, but the website's content and social presence strongly indicate legitimacy. Overall, FAIR presents a trustworthy and authoritative resource in the social finance sector.

F

Fondation la France s’engage

fondationlafrancesengage.org

63

Fondation la France s’engage is a French non-profit foundation dedicated to identifying and promoting bold social and environmental innovations. It supports impactful projects in education, health, inclusion, equality, ecology, and digital sectors through a national contest and ongoing accompaniment. The foundation has established a strong market position in France with over 200 supported structures and significant investment. Technically, the website is built on WordPress with modern plugins and tools, hosted by OVH, and demonstrates good SEO and mobile optimization. Security posture is solid with HTTPS and privacy-conscious analytics, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear business credibility and active social media presence.

The Fondation Charles Léopold Mayer pour le Progrès humain (FPH) is a Swiss non-profit foundation established in 1982, dedicated to supporting civil society organizations advocating for social and ecological transition. Funded by the estate of Charles Léopold Mayer, the foundation operates with a long-term vision to promote participatory, fair, and sustainable societal development. The website presents clear information about the foundation's history, aims, and governance, targeting philanthropic partners and civil society actors. Technically, the website is built using the SPIP CMS with custom CSS and JavaScript, including Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some improvements could be made in accessibility and SEO optimization. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, no explicit security headers or incident response policies are visible, and cookie consent mechanisms are absent, which could be improved for better GDPR compliance. Overall, the security posture is moderate with room for enhancement. The domain WHOIS data aligns well with the website content, showing a consistent and legitimate registration for a Swiss foundation. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

C

Collectif pour une Transition Citoyenne

transition-citoyenne.org

48

Collectif pour une Transition Citoyenne is a French non-profit coalition established in 2016, uniting 34 organizations to promote ecological, social justice, and democratic transitions at local and national levels. The website serves as an information hub and campaign platform, featuring initiatives such as 'Mairie-Me', 'Fête des Possibles', and 'Transiscope'. It targets citizens, volunteers, members, and partners interested in social and ecological activism. The organization positions itself as a significant player in the French non-profit sector focused on citizen engagement and advocacy. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Complianz GDPR for SEO and privacy compliance. Hosting is provided by Scaleway SAS, and the site uses Matomo analytics configured to respect user privacy. The site demonstrates good mobile optimization, clear navigation, and professional design, though accessibility features are basic. Performance is moderate, with room for improvement. From a security perspective, the site uses HTTPS and a cookie consent mechanism, but lacks DNSSEC and visible HTTP security headers in the provided data. There is no published security policy or incident response information. Privacy compliance is strong, with a comprehensive privacy policy and GDPR-aligned cookie consent. No contact emails or phone numbers are explicitly listed, which could be improved for transparency. Overall, the website is trustworthy and professionally managed, with a solid business and technical foundation. Strategic improvements in security headers, DNSSEC, and published security policies would enhance its security posture and trustworthiness further.

L

LOU Rugby

lourugby.fr

10

LOU Rugby is a professional rugby club based in France, operating an official website that serves as a hub for news, ticketing, merchandise, business partnerships, and event information. The website targets rugby fans and stakeholders, providing up-to-date content and branded experiences. The digital infrastructure is built on Drupal 8, integrating modern web technologies such as Matomo for analytics and Google DFP for advertising, alongside a cookie consent mechanism to address privacy requirements. The site demonstrates good mobile optimization and user experience, with consistent branding and clear navigation. Security posture is adequate with HTTPS enabled, but lacks visible security headers and explicit privacy or terms of service pages, which are recommended for compliance and trust. WHOIS data is unavailable, likely due to privacy protection, but the domain and content appear legitimate and consistent with the business purpose. Overall, the website is professional and trustworthy, with room for improvement in privacy transparency and security hardening.

P

Payplug

payplug.com

62

Payplug is a French payment solution provider specializing in online and in-store payment processing for merchants across France and Europe. With over 17,000 merchants relying on its services, Payplug offers a comprehensive suite of payment solutions including omnichannel payment, fraud management, and financial flow centralization. The company is part of Groupe BPCE, a major French banking group, which strengthens its market position and trustworthiness. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to merchants and e-commerce businesses. Technically, the website is built on WordPress and leverages modern JavaScript libraries and analytics tools such as GSAP, HubSpot, Matomo, and Microsoft Clarity. It demonstrates good performance and mobile optimization, although accessibility compliance is basic. Security practices include HTTPS enforcement and use of security-related scripts, but explicit security headers and policies could be improved. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the strong branding and parent company affiliation. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms. Contact information is primarily via web forms, with no direct phone numbers or emails found on the homepage. The website uses multiple tracking and marketing tools, indicating an extensive user tracking level balanced with good privacy compliance. Overall, Payplug's website presents a professional, secure, and trustworthy platform for payment services, with minor recommendations to enhance security transparency and accessibility. The domain's WHOIS data absence warrants monitoring but does not currently undermine the business credibility.

S

SeoMix

seomix.fr

56

SeoMix is a specialized French digital agency focused on SEO and WordPress services, founded in 2010. The company offers a comprehensive range of services including SEO audits, WordPress site creation, SEO consulting, training, and maintenance. Their market position is strong within the WordPress SEO niche, supported by certifications such as Google Partners and client testimonials from reputable organizations. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern technologies including jQuery, Gravity Forms, Matomo Analytics, and caching via WP Rocket. SEO optimization is excellent with proper meta tags and structured data. Security posture is good with HTTPS enforced and secure form handling, though some security headers could be improved. Privacy compliance is basic with a privacy policy present but lacking a cookie consent mechanism. Overall, the website demonstrates a high level of professionalism and trustworthiness with no signs of malicious activity or suspicious content. The absence of WHOIS data is noted but does not detract from the legitimacy given the strong business signals on the site. Strategic recommendations include enhancing security headers and implementing explicit cookie consent to improve GDPR compliance.

G

GOBELINS Paris

gobelins.fr

57

GOBELINS Paris is a prestigious French educational institution specializing in arts and digital creation, including animation, photography, video, graphic and interactive design, game development, and music. It operates as a private non-profit higher education establishment under the Chamber of Commerce and Industry of Paris Ile-de-France and is recognized as a member of the Conférence des Grandes Ecoles. The school has a strong market position with international partnerships and a broad target audience including students, professionals, and enterprises. The website reflects a mature digital presence with comprehensive content and clear navigation.

C

Collectif pour une Transition Citoyenne

fete-des-possibles.org

50

The website fete-des-possibles.org represents a French non-profit initiative called 'La Fête des Possibles' organized by the Collectif pour une Transition Citoyenne. It serves as a platform to promote and coordinate hundreds of civic events focused on sustainability, social solidarity, and citizen engagement across France and Belgium. The site offers event listings, resources for organizers, and a newsletter subscription, supported by a network of partners including European institutions and foundations. Technically, the site is built on WordPress, hosted by OVH, and employs modern tools such as Matomo for privacy-conscious analytics and Complianz for GDPR-compliant cookie consent management. The website demonstrates good design quality, clear navigation, and mobile optimization, though accessibility could be further enhanced. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies or incident response information. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations, making it a reliable resource for its target audience.

S

SEOPress

seopress.org

71

SEOPress is a well-established provider of WordPress SEO plugins and related SEO tools, targeting a broad audience including bloggers, small businesses, developers, agencies, and SEO experts. The company offers a freemium business model with free and premium versions of their SEO plugin, along with add-ons such as SEOPress Insights for off-site SEO tracking. Their market position is strong, supported by over 350,000 active installs and numerous positive reviews, and they maintain a professional online presence with comprehensive resources and integrations. Technically, the website is built on WordPress using modern technologies including Bootstrap 5, jQuery, and various plugins like Gravity Forms and Easy Digital Downloads. Hosting is provided by o2switch, a reputable French hosting provider. The site demonstrates excellent performance, mobile optimization, and SEO best practices, including rich metadata and structured data. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully visible in the HTML, the site shows no signs of exposed sensitive data or vulnerabilities. However, the absence of a published security policy or incident response contact is noted as an area for improvement. Overall, the website presents a low risk profile with strong business credibility and technical maturity. The lack of WHOIS data due to privacy protection is common for commercial software vendors and does not detract from the site's legitimacy. Strategic recommendations include enhancing security header implementation, publishing a security policy, and adding a vulnerability disclosure channel to further strengthen trust and compliance.

M

Métropole du Grand Paris

metropolegrandparis.fr

69

Métropole du Grand Paris is a French governmental organization responsible for metropolitan governance, urban planning, transportation, and regional development in the Greater Paris area. The website serves as an official portal providing information and services to residents, businesses, and stakeholders within the metropolitan region. It positions itself as a key regional authority with a focus on public service and sustainable development. The technical infrastructure is based on Drupal 10 CMS, leveraging modern web technologies including FontAwesome Pro for iconography and Matomo for analytics, indicating a moderate level of digital maturity and privacy awareness. The site is hosted with DNS managed by Claradns and registered through Gandi, reflecting a stable and consistent hosting environment. Security posture is adequate with HTTPS enforced and domain transfer protections in place. However, the absence of visible security headers, privacy and cookie policies, and incident response contact information indicates areas for improvement in compliance and security transparency. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, explicit security policies, and improved contact transparency to strengthen user trust and regulatory adherence.

F

federation flame

federation-flame.org

65

The Fédération des Agences Locales de l’Énergie et du Climat (FLAME) is a French non-profit federation coordinating a network of local energy and climate agencies (ALEC) across France. It supports territorial energy transition through expertise in public territorial engineering, training, and resource provision. The website positions FLAME as a key reference in energy transition and climate action in France, targeting local authorities, energy operators, and community organizations. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted likely by WPServeur, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly visible. WHOIS data is unavailable, likely due to privacy protection, which is reasonable for this type of organization. Overall, the site is professional, trustworthy, and compliant with GDPR, with moderate user tracking via Matomo analytics.

L

La Région Auvergne-Rhône-Alpes

europeenauvergnerhonealpes.fr

61

The website www.europeenauvergnerhonealpes.fr is the official digital presence of the Auvergne-Rhône-Alpes regional government in France, focusing on European funding and project support. It serves as a comprehensive resource for beneficiaries such as local authorities, associations, companies, and research entities seeking information and assistance with European funds and programs. The site is well-branded, professionally designed, and provides clear navigation and relevant content tailored to its target audience. Technically, the site is built on Drupal 10, leveraging modern web technologies including Matomo for analytics and lazy loading for performance optimization. It is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although the absence of certain security headers suggests room for improvement. From a security and compliance perspective, the site demonstrates GDPR compliance with clear privacy and cookie policies. However, the WHOIS data is unavailable, which slightly impacts trustworthiness but is mitigated by the official nature of the site and its consistent branding. No vulnerabilities or malicious content were detected. Overall, the website is a trustworthy, professional government portal with strong content quality and user experience. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and monitoring third-party scripts for security risks.

W

World Media Partners, s.r.o.

unesco-czech.cz

60

The website 'Sedmnáct českých divů světa - České dědictví UNESCO' serves as the official portal for the Czech UNESCO heritage association, providing comprehensive information about UNESCO-listed cultural sites in the Czech Republic. It targets a general audience interested in cultural heritage and tourism, offering multimedia content, event calendars, virtual tours, and an e-shop. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages to reach an international audience. Technically, the website employs a modern technology stack including Bootstrap, jQuery, Leaflet for maps, and Matomo for analytics. It is mobile-optimized and demonstrates good SEO practices. However, some accessibility features could be improved. The site uses HTTPS, but lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and security hardening. From a security perspective, the site shows a moderate posture with secure login forms and no exposed sensitive data. The absence of WHOIS data for the domain reduces trust slightly, though the official branding and government funding mention support legitimacy. No vulnerability disclosure or incident response information is provided, which could be improved to enhance security transparency. Overall, the website is a credible, well-maintained informational portal with room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and improving accessibility to strengthen trust and compliance.

V

Více než agentura, s.r.o.

vicenez.com

73

Více než agentura, s.r.o. is a Czech Republic based small marketing agency specializing in online marketing, web development, consulting, and education services. The company positions itself as more than a typical agency, emphasizing professional expertise and comprehensive digital marketing solutions. Their website is built on WordPress using Elementor and related plugins, reflecting a modern and professional digital presence. The site includes GDPR-compliant privacy and cookie policies with a consent mechanism, indicating attention to privacy regulations. Security posture is good with HTTPS enabled and no obvious vulnerabilities, though some security headers could be improved. Overall, the website is well-structured, user-friendly, and trustworthy, targeting businesses and professionals in the Czech market seeking marketing and web services.

L

L'Institut Agro Montpellier

institut-agro-montpellier.fr

61

L'Institut Agro Montpellier is a reputable French public higher education institution specializing in agriculture, food, and environmental sciences. It offers a range of engineering, master, and doctoral programs, alongside active research and innovation initiatives. The institution targets students, researchers, and professionals interested in sustainable agriculture and environmental management, positioning itself as a leading grande école with strong Mediterranean and international ties. Technically, the website is built on Drupal 11, leveraging modern frameworks and libraries such as Uikit and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, with comprehensive structured data enhancing search visibility. Privacy compliance is well addressed with cookie consent mechanisms and a clear privacy policy. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, it lacks publicly available security policies or incident response information, which could be improved to enhance trust. The absence of WHOIS data is noted but is common for French domains managed by AFNIC, and does not significantly detract from the site's legitimacy. Overall, the website reflects a mature digital presence suitable for an educational institution, with strong content quality and user experience. Strategic recommendations include publishing explicit security and incident response policies, adding vulnerability disclosure mechanisms, and enhancing performance optimizations.

A

Atypie-Friendly

atypie-friendly.fr

46

Atypie-Friendly is a French national program dedicated to making higher education inclusive for individuals with neurodevelopmental disorders such as autism, ADHD, and dyslexia. It is coordinated by the University of Toulouse and supported by a network of over 40 higher education institutions. The program offers a variety of services including workshops, online hotlines, webinars, training for staff, and resources to support both students and educational institutions. The website is professionally designed, well-structured, and uses modern web technologies including WordPress and Elementor. It employs privacy-respecting analytics via Matomo and is hosted by OVH, a reputable provider. Security posture is good with HTTPS enforced, though some security headers and incident response information are missing. Privacy compliance is mostly adequate but lacks a cookie consent mechanism. Overall, the site is trustworthy, authoritative, and serves an important educational and social inclusion mission.

A

Association CERESA

ceresa.fr

39

Association CERESA is a French non-profit organization established in 2005, specializing in autism support and education in the Occitanie region. It operates multiple specialized services including home education and care (SESSAD), educational units (UE), and professional training through its Pôle Formation. The website is professionally designed using WordPress and Elementor, with good content quality and clear navigation targeting parents, professionals, and stakeholders concerned with autism. The organization maintains a social media presence on Facebook and LinkedIn, enhancing its outreach and credibility. Technically, the site uses modern web technologies and includes Matomo analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS usage but lacks advanced security headers and explicit privacy policies. WHOIS data is missing from the AFNIC database, which slightly reduces trust but does not negate the legitimacy given the consistent business information and social presence. Overall, the site is safe, professional, and well-positioned within its niche.

A

April

april.org

55

April is a well-established French non-profit association dedicated to promoting and defending free software and open standards since 1996. It serves a broad francophone audience including individuals, professionals, and institutions. The website reflects an active organization with frequent news, events, and educational content. Technically, the site is built on Drupal CMS, uses jQuery and Matomo analytics, and is moderately optimized for mobile and SEO. Security posture is adequate with HTTPS and domain transfer protection but lacks DNSSEC and explicit security headers. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but could improve transparency and security practices.

Libre en Fête is a French non-profit initiative coordinated by April that promotes free software and free culture through annual events across France. The website provides detailed information about the 2025 edition of the event, including dates, how to participate, and links to related free software projects. The site targets the general public interested in technology and free culture, positioning itself as a well-established community-driven event organizer with a history dating back to 2001. Technically, the website is built on the SPIP CMS platform and uses Matomo for analytics, reflecting a moderate level of digital maturity with a focus on privacy-conscious tracking. The site is mobile-optimized and has a clear navigation structure, although accessibility features are basic. Performance is moderate, and SEO optimization is basic but functional. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers such as Content-Security-Policy and Strict-Transport-Security. There are no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, as well as incident response information, indicates gaps in compliance and security transparency. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen its security posture and user trust.

O

OpenStreetMap France

openstreetmap.fr

42

OpenStreetMap France is a non-profit organization dedicated to promoting and supporting the global OpenStreetMap project within France. The website serves as a hub for community engagement, providing information about mapping, events, training, and data reuse. It targets a broad audience including contributors, local communities, and organizations interested in open geographic data. Technically, the site is built on WordPress with modern web technologies and integrates privacy-respecting analytics via Matomo. Security posture is solid with HTTPS enforced, though some security headers and explicit privacy policies are missing. The absence of WHOIS data reduces domain trust slightly but the website's content quality and community trust indicators are strong. Overall, the site is professional, well-maintained, and serves an important role in the open data ecosystem.

F

Forum-Debian.fr - Forum-Debian.fr

forum-debian.fr

52

Forum-Debian.fr is a French-language community forum dedicated to Debian Linux and related topics, providing a platform for discussions, support, announcements, and programming help. The site targets French-speaking Debian users and Linux enthusiasts, operating as a niche community forum with a small but active user base. The business model is community-driven, offering free access to discussion forums without commercial transactions. Technically, the site runs on phpBB forum software, hosted by OVH in France, and uses modern web technologies including jQuery, Font Awesome, and Google Fonts. The site is moderately performant and mobile-optimized with basic accessibility features. Security posture is good with HTTPS enforced and cookie consent implemented, though it lacks explicit security headers and published incident response contacts. Privacy compliance is adequate with visible privacy and cookie policies aligned with GDPR. Overall, the website is trustworthy, well-branded, and professionally maintained with active user engagement.

E

ecosystem

ecosystem.eco

73

ecosystem is a French eco-organization dedicated to extending the lifecycle of electrical and electronic equipment through repair, reuse, and recycling. Accredited by public authorities, it serves both individuals and professionals with services including locating repairers, donation and recycling points, and providing educational resources. The website is professionally designed, content-rich, and well-structured, targeting a broad audience interested in sustainable management of electrical waste. Technically, the site employs modern analytics tools such as Matomo and Google Tag Manager, along with Cookiebot for consent management. The site is mobile-optimized and accessible, with good SEO practices. However, explicit security headers and detailed security policies are not evident, representing an area for improvement. Security posture is moderate with HTTPS implied but lacking visible advanced security headers or incident response information. The absence of WHOIS data limits domain trust assessment, though the website's professional presentation and public accreditation support its legitimacy. Overall, ecosystem presents a trustworthy and authoritative platform in its domain, with recommendations to enhance security transparency and domain registration visibility to further strengthen trust and compliance.

D

Deutscher Paritätischer Wohlfahrtsverband - Gesamtverband e. V.

paritaet.org

62

The Deutscher Paritätischer Wohlfahrtsverband - Gesamtverband e. V. is a large, well-established non-profit umbrella organization in Germany, representing over 10,800 member organizations in the social welfare sector. The website serves as a comprehensive platform for advocacy, information dissemination, event management, and member services. It targets social welfare organizations, policymakers, and the general public interested in social issues. The organization offers key services including quality management systems, education, financing support, and insurance brokerage through a partner entity. Technically, the website is built on TYPO3 CMS with modern frameworks like Bootstrap and integrates Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent implemented, though some HTTP security headers and explicit security policies are absent. No vulnerabilities or suspicious domains were detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting the organization's mission effectively.

V

VARTA AG

varta.cz

47

VARTA AG is a well-established European leader in battery technology and energy storage solutions, with a history dating back to 1887. The company operates multiple divisions including Consumer Batteries, Micro Batteries, and Lithium-Ion technologies, with a significant automotive battery division owned by Clarios LLC. The website reflects a professional corporate presence with detailed business and contact information, targeting both consumers and industrial clients. Technically, the site uses TYPO3 CMS and integrates Matomo analytics for privacy-conscious tracking, alongside Google reCAPTCHA for form security. Security posture is generally strong with HTTPS enforced, though the absence of security headers and privacy policies indicates room for improvement. The missing WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the detailed corporate disclosures on the site.

P

Pražská vodohospodářská společnost a.s. (PVS) and Pražské vodovody a kanalizace, a.s. (PVK)

vyjadrovaciportal.cz

55

The Vyjadřovací portál is a joint service portal operated by Pražská vodohospodářská společnost a.s. (PVS) and Pražské vodovody a kanalizace, a.s. (PVK), two key water infrastructure companies in Prague, Czech Republic. The portal facilitates requests for statements on project documentation, network mapping, and geodetic data submissions related to water infrastructure projects. It targets professionals and entities involved in construction and infrastructure planning within Prague. The website presents a professional and consistent brand image with clear navigation and relevant content.

E

Extra Publishing

radostzpoznani.cz

57

Extra Publishing operates the e-commerce website radostzpoznani.cz, a Czech online store specializing in magazines, books, and subscriptions focused on history, military, hobbies, and children's educational content. The site targets a general audience interested in cultural and educational materials, positioning itself as a niche market leader within the Czech Republic. The business model centers on retail sales of printed media and subscription services, supported by a well-structured product catalog and clear navigation.

G

Glooton

glooton.com

60

Glooton is a French-language technology news and tutorial website providing content on current technology trends, cybersecurity, blockchain, AI, and ethical discussions related to technology. The site targets French-speaking technology enthusiasts and professionals seeking in-depth articles and practical tutorials. The business model appears to be content publishing, likely monetized through advertising and affiliate marketing. Technically, the site is built on WordPress with common plugins such as Rank Math PRO for SEO and Matomo for analytics, using modern web technologies like jQuery and Slick Carousel. The website is mobile-optimized and well-structured with good SEO practices. Security-wise, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The WHOIS data for the domain is unavailable, raising some concerns about domain legitimacy, though the active and professional website presence mitigates this somewhat. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

M

Métropole de Lyon

lyoncampus.com

62

Lyon Campus is an official student information portal managed by the Métropole de Lyon, targeting students and new arrivals in the Lyon metropolitan area. The website provides comprehensive resources including housing, jobs, cultural events, and support services, positioning itself as a key regional platform for student engagement and assistance. The site is well-branded with consistent use of official logos and maintains active social media channels to enhance outreach. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies such as Matomo for privacy-conscious analytics and tarteaucitron.js for cookie consent management. The site demonstrates good mobile optimization and accessibility features, although there is room for improvement in security headers and explicit security policies. From a security perspective, the site enforces HTTPS and uses privacy-focused analytics, but lacks visible security headers and a published incident response or vulnerability disclosure policy. The WHOIS data is notably missing or unavailable, which is unusual for a government-affiliated site and may warrant further investigation. Overall, the security posture is solid but could be enhanced with additional transparency and technical controls. The overall risk assessment is moderate with a good trust level based on content and branding, but the absence of WHOIS data and some security best practices suggest areas for improvement. Strategic recommendations include implementing security headers, publishing a security policy, enhancing accessibility compliance, and improving contact transparency to bolster trust and compliance.

B

Bruxelles Formation

bruxellesformation.be

63

Bruxelles Formation is the official public francophone service responsible for professional training in the Brussels region. The organization offers free training programs targeted primarily at job seekers and provides services to employers for staff development and recruitment of trained talents. The website reflects a well-established public entity with a clear mission and a strong regional presence. The digital infrastructure is based on WordPress with modern plugins for SEO, GDPR compliance, and analytics, indicating a mature technical setup. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the site is professional, trustworthy, and serves its public service mandate effectively.

D

Deutscher Paritätischer Wohlfahrtsverband - Gesamtverband e. V.

der-paritaetische.de

62

Der Paritätische Gesamtverband is a large, well-established non-profit umbrella organization in Germany representing over 10,800 independent social welfare organizations. The website serves as an information hub, providing news, publications, events, and services to its members and the public. It is built on TYPO3 CMS with modern web technologies and demonstrates a high level of digital maturity. The site is professionally designed, mobile-optimized, and accessible, with clear navigation and comprehensive content. Security posture is strong with HTTPS, cookie consent, and privacy-conscious analytics (Matomo with disabled cookies). However, explicit security policies and incident response contacts are not published. Overall, the website reflects a trustworthy and credible organization with a strong market position in the non-profit social welfare sector.

K

KONTEXT:Wochenzeitung

kontextwochenzeitung.de

47

KONTEXT:Wochenzeitung is an independent, donation-funded weekly newspaper based in Stuttgart, Germany, providing critical and in-depth journalism without advertising. It publishes online every Wednesday and as a print supplement in the national taz weekend edition. The website is built on TYPO3 CMS with a modern, responsive design and integrates privacy-conscious Matomo analytics. The site demonstrates good security hygiene with HTTPS and cookie consent mechanisms but lacks explicit security policies or incident response contacts. WHOIS data confirms domain legitimacy and consistency with the business history. Overall, the site is professional, trustworthy, and well-positioned in its niche media market.

M

M6 Unlimited

m6pub.fr

59

M6 Unlimited is a prominent French multimedia advertising agency specializing in TV, radio, and digital advertising. As part of the Groupe M6, it offers integrated advertising solutions including an online platform (My6) for purchasing ad spaces. The website reflects a mature, professional business with a strong market position in the French media advertising sector. Technically, the site is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Google Tag Manager, Matomo, and Hotjar, ensuring good digital maturity and performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the site is well-designed, accessible, and compliant with GDPR regulations, supporting a high level of trust and professionalism.

V

VALOREM Group

valorem-energie.com

65

VALOREM Group is a well-established independent operator in the renewable energy sector, pioneering wind energy in France and expanding into solar and hydropower across several European countries. The company emphasizes community involvement and sustainable energy transition, supported by a professional and content-rich website. Technically, the site is built on WordPress with modern SEO and analytics tools, delivering good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent, though lacks explicit security policies and incident response details. The absence of WHOIS registration data introduces some uncertainty about domain legitimacy, but the overall business presentation and digital maturity suggest a credible and professional organization. Strategic recommendations include enhancing security transparency and verifying domain registration details to improve trust.

Advanced Energies is a French company specializing in photovoltaic solar energy and energy self-consumption solutions. Established since 2009 and operating under the parent company Vinci Energies, it offers services including project design, realization, operational assistance, maintenance, and supervision for renewable energy projects. The company targets professionals and local authorities, positioning itself as a reference in the renewable energy sector in France. The website content is professionally presented in French, with clear navigation and relevant business information, although direct contact details are not prominently displayed. Technically, the website is built on WordPress with modern technologies such as jQuery, Matomo analytics for privacy-respecting user tracking, and Google Maps integration. The site is mobile-optimized and includes cookie consent mechanisms compliant with GDPR. However, some security best practices like explicit security headers and incident response information are missing. Security posture is generally good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with cookie policies and consent banners. The lack of WHOIS data for the domain raises some concerns about domain registration transparency, but the association with Vinci Energies and professional site content mitigate these concerns. Overall, the website demonstrates a solid business and technical foundation with room for improvement in security transparency and contact accessibility. Strategic recommendations include enhancing security headers, publishing security policies, and providing clear contact channels for incident response.