Security Directory

D

De Vinci Higher Education

devinci.fr

0

De Vinci Higher Education operates an online portal primarily for student access and educational services. The website serves as a login gateway for users, indicating a focus on digital education delivery. The institution appears to be based in France, targeting students and academic users. The business model revolves around providing online higher education resources and account management. Technically, the site employs a modern JavaScript and CSS stack including libraries such as jQuery, SweetAlert2, CropperJS, and Matomo analytics for user tracking. The site is mobile responsive and uses HTTPS, but lacks visible privacy and cookie policies, which impacts compliance. Security posture is moderate with secure login forms but missing security headers and explicit CSRF protections. WHOIS data is unavailable, which reduces domain trustworthiness and complicates legitimacy verification. Overall, the site is functional and moderately secure but would benefit from enhanced privacy disclosures and security hardening.

L

LePantalon

lepantalon.com

0

LePantalon is an e-commerce retailer specializing in high-quality men's and women's pants, including chinos, jeans, and accessories. The company emphasizes responsible manufacturing and premium fabrics, targeting customers seeking durable and stylish pants. The website is professionally designed on the Shopify platform, featuring clear navigation, privacy and cookie policies, and integrated marketing and analytics tools. However, the absence of WHOIS registration data raises questions about domain legitimacy, although the active and polished online presence suggests a legitimate business. Security posture is strong with HTTPS and consent mechanisms, but lacks explicit security policies and incident response contacts.

C

CS GROUP

cs-soprasteria.com

0

CS GROUP is a large French technology company specializing in the design, integration, deployment, maintenance, and operation of intelligent, secure, and interconnected critical systems. As a subsidiary of Sopra Steria, it holds a strong market position in sectors such as defense, security, aerospace, transport, energy, and finance. The website reflects a professional and modern digital presence with comprehensive content and multilingual support. Technically, the site is built on WordPress with a robust set of plugins for SEO, cookie management, and user interaction, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies could be improved. Overall, the site is trustworthy and well-maintained, but the lack of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy.

ALL SENS is a small French manufacturing company specializing in the production and distribution of food ingredients and premixes for animal feed, including aromas, colorants, and additives. The company targets agro-food industrial clients and animal feed manufacturers, offering customized flavor formulations and solutions that comply with regulatory standards. The website is built on the Weebly platform, utilizing common web technologies such as jQuery and Google Analytics for tracking. The site is professionally designed with good navigation and mobile optimization, providing clear contact information and business descriptions. However, it lacks visible privacy and cookie policies, security headers, and incident response information, which are important for compliance and trust. WHOIS data is unavailable due to EURid privacy restrictions, but the domain appears legitimate and consistent with the company's French location. Overall, the website presents a moderate security posture with room for improvement in privacy compliance and security best practices.

The website jeux.fm appears to be related to online gaming or gambling services, as suggested by the domain and the French text referencing ANJ regulations. However, the specific page analyzed is minimal and states the site is forbidden in France according to ANJ laws, indicating restricted access likely due to regulatory compliance. The domain is registered since 2017 with Dynadot LLC and uses Cloudflare DNS services, but DNSSEC is not enabled. The website lacks any privacy, cookie, or terms of service policies, and no contact or incident response information is provided. The minimal content and access restrictions limit the ability to fully assess the business or technical infrastructure. Security posture is weak due to lack of security headers and policies, and no analytics or advertising technologies are detected.

A

Avenir Conseil France

avenir-conseil.fr

0

Avenir Conseil France is a specialized consulting and training firm focusing on the deployment of business information systems and supporting organizational digital transformation. The company positions itself as a bridge between IT and engineering/manufacturing sectors, offering services including project management, change management, training, operations, and user support. Their subsidiary or agency, edufactory, enhances their digital learning capabilities. The website is professionally designed, well-structured, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the site uses WordPress with modern plugins and frameworks, including Yoast SEO, Bootstrap, Google Tag Manager, and Google Analytics, with a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. WHOIS data is unavailable, likely due to privacy protection, which is common for consulting firms. Overall, the site demonstrates a credible and professional business presence with moderate risk due to limited public domain registration transparency.

A

ALTEN France

alten.fr

0

ALTEN France is a leading global engineering and IT services company that supports clients in innovation, R&D, and IT systems both in France and worldwide. The company offers a broad range of services including engineering services, IT services, cybersecurity, artificial intelligence, and data management. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to corporate clients and professionals in technology sectors. Technically, the site is built on WordPress with modern frameworks and includes robust privacy and cookie consent mechanisms. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. WHOIS data is unavailable due to privacy protection but the domain appears legitimate and active. Overall, ALTEN France demonstrates a solid business and technical foundation with good compliance and trust indicators.

K

Kerlink

kerlink.com

0

Kerlink is a leading provider of IoT connectivity equipment, software, and services, specializing in LoRaWAN technology for public and private networks. The company targets businesses, cities, industries, and network operators globally, offering a comprehensive portfolio including outdoor and indoor gateways, network servers, management tools, and value-added IoT applications. Their market position is strong, supported by their role as a founding member of the LoRa Alliance and their listing on the Euronext Growth market. The website reflects a mature digital presence with professional design, clear navigation, and extensive content relevant to their industry. Technically, the site is built on WordPress with WooCommerce, integrating modern analytics and marketing tools, and optimized for mobile and SEO. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS registration data is a notable gap but does not detract significantly from the overall legitimacy given the professional web presence and business indicators. Strategic recommendations include enhancing security headers, publishing a dedicated security policy, and adding a security.txt file to improve vulnerability reporting and trust.

B

The 20 best boutique hotels in Paris

boutiquehotels-paris.com

0

The website boutiquehotels-paris.com is a specialized online platform dedicated to showcasing the 20 best boutique hotels in Paris. It provides detailed hotel listings, including descriptions, ratings, room counts, and booking links, targeting travelers seeking unique and stylish accommodations in Paris. The business operates as a travel guide and booking referral service, with a focus on boutique hospitality in the French capital. The domain is well-established since 2014, indicating a mature presence in the niche market. Technically, the site employs modern web standards with HTTPS and Cloudflare DNS, ensuring secure and reliable access. However, it lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. Privacy and cookie policies are absent, which is a compliance gap, especially under GDPR regulations. No direct contact or incident response information is provided, limiting transparency and user trust. Overall, the site offers a good user experience with professional design and relevant content but requires improvements in privacy, security, and contact disclosures to elevate its trustworthiness and compliance posture.

O

OVH sas

tatoeba.org

0

Tatoeba.org is a community-driven educational platform established in 2008, focused on collecting and sharing multilingual sentences and translations to support language learners, linguists, and educators worldwide. The platform operates under OVH sas hosting in France, reflecting a stable and legitimate domain registration consistent with its long-standing presence. Technically, the website employs AngularJS and Material Design frameworks, offering a good user experience with moderate performance and basic accessibility features. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is minimal, with no visible privacy or cookie policies, which could be enhanced to meet modern standards. Overall, the website is safe, professional, and trustworthy, serving a niche educational market effectively.

N

NBtech

nbtech.fr

0

NBtech is a French industrial engineering and technical consulting company founded in 2014, specializing in automotive, aeronautics, railway, and industrial maintenance sectors. The company provides pragmatic and comprehensive solutions including mechanical and electronic testing, incident analysis, and industrial methods consulting. Their client portfolio includes major industry players such as Bosch, Thales, Airbus, Renault, Stellantis, and SNCF, indicating a strong market position. The website is professionally designed, well-structured, and includes detailed information about services, partners, and company values. Technically, the site is built on WordPress with Elementor, uses modern libraries and frameworks, and is hosted by PLANETHOSTER. It implements GDPR-compliant cookie consent and privacy policies, and integrates Google Analytics and Tag Manager for analytics. Security posture is strong with HTTPS enforced and security headers present, though no explicit security policy or incident response contacts are published. Overall, the website reflects a mature digital presence with good privacy compliance and trustworthy business information.

achatpublic.info is a French media and information platform specializing in public procurement news, updates, and documentation. It serves public sector professionals, buyers, and suppliers by providing continuous coverage of market developments, regulatory changes, and practical tools. The website demonstrates a solid market position within the niche of government procurement information. Technically, the site is built on Drupal CMS, uses modern web technologies including Bootstrap and Google Tag Manager, and implements a GDPR-compliant cookie consent mechanism via Didomi. Security posture is adequate with HTTPS enforced, but lacks visible security headers and explicit security policies. WHOIS data is unavailable due to privacy or query failure, which slightly reduces transparency but is common for such websites. Overall, the site is professional, trustworthy, and well-optimized for its audience.

M

MarchesOnline

marchesonline.com

0

MarchesOnline is a French online platform specializing in providing access to public and private tender notices, including public procurement and adapted procedures (MAPA). It serves as a reference site for businesses and professionals seeking to monitor and respond to over 400,000 market notices across various sectors in France. The website targets companies involved in services, public works, studies, and supplies, positioning itself as a key player in the French government and business procurement ecosystem. Technically, the site is built using modern JavaScript frameworks (Nuxt.js) and integrates monitoring and analytics tools such as New Relic and Google Tag Manager, indicating a moderate level of digital maturity. However, the absence of visible privacy and cookie policies, as well as incomplete WHOIS data, suggests areas for improvement in compliance and transparency. Security posture is moderate with no evident blocking or WAF mechanisms, but lacks explicit security headers and policies. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and clearer business contact information to improve trust and regulatory adherence.

T

Touren Service France S.A.S

grand-est-for-groups.com

0

The website grand-est-for-groups.com operates as an online platform dedicated to planning and booking group travel in France, targeting primarily bus operators and travel agencies. The business, identified as Touren Service France S.A.S, was founded in 2020 and offers services including hotel bookings, activities, and group packages. The platform positions itself as a niche regional service provider in the transportation and hospitality sectors. Technically, the site leverages modern JavaScript frameworks such as Vue.js and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. The site appears to be mobile-optimized with a good user experience and professional design. However, there is a lack of visible privacy and cookie policies, and no explicit contact information was found in the analyzed content, which impacts trust and compliance. Security posture is moderate with no detected security headers and DNSSEC not enabled, suggesting room for improvement in technical security controls. Overall, the site is safe with no adult or questionable content detected, but it would benefit from enhanced privacy compliance and security practices.

P

Pigolabs

piwigo.com

0

Piwigo.com is a mature and reputable online image library and digital asset management platform operated by Pigolabs, founded in 2008. The company targets a broad range of professional users including travel and tourism organizations, public sector entities, businesses, non-profits, and photographers. Their SaaS business model offers a free trial and subscription pricing, emphasizing ease of use, collaboration, and GDPR compliance. The website is professionally designed with clear navigation and rich content, supporting multiple languages and showcasing strong trust indicators such as client logos and testimonials. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Matomo analytics, hosted under a domain registered with Gandi SAS. The site is mobile optimized and performs moderately well. Security posture is good with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, but lacks a cookie consent mechanism. Security evaluation shows no critical vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure policy are areas for improvement. Overall, the site is trustworthy, safe, and professionally maintained with a high AI score reflecting content quality, technical implementation, security, privacy, and business credibility.

R

Regiondo

regiondo.fr

0

Regiondo is a French-language SaaS company providing an all-in-one online booking software solution tailored for tour operators, leisure activity providers, attractions, and destinations. The platform offers comprehensive features including online ticketing, reservation management, multi-channel distribution, POS solutions, and integrations with major OTAs like Viator and GetYourGuide. The company positions itself as a growth partner for businesses in the hospitality and tourism sector, emphasizing increased bookings, operational efficiency, and cost reduction. The website is professionally designed, multilingual, and rich in content, supporting a strong market presence in France and related markets. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and uses Google Tag Manager and Usercentrics for analytics and consent management. HubSpot forms are used for lead capture, indicating a mature digital marketing infrastructure. The site is mobile-optimized and SEO-friendly, with structured data and Open Graph metadata enhancing search visibility and social sharing. From a security perspective, the site enforces HTTPS and employs a consent management platform, but lacks explicit HTTP security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data for the subdomain is unavailable, which is typical for subdomains, and does not raise legitimacy concerns. Overall, the security posture is good but could be improved with additional headers and transparency. The overall risk assessment is low, with the site demonstrating professionalism, compliance with GDPR, and strong business credibility. Strategic recommendations include enhancing HTTP security headers, publishing security policies, and maintaining regular audits of third-party scripts to sustain security and trust.

C

CCI Business

ccibusiness.fr

0

CCI Business is a French B2B platform established in 2014 that facilitates connections between businesses and major market order givers, serving over 12,500 member companies. It operates through multiple regional territories and sector-specific communities, focusing on energy, manufacturing, and government sectors. The website is built on Drupal 10 and employs Matomo for analytics and tarteaucitron for cookie consent, reflecting a moderate level of digital maturity. While the site is well-structured and mobile-optimized, it lacks explicit privacy and terms of service pages, which are important for compliance and user trust. Security posture is solid with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and clearer contact information for incident response. Overall, the site presents a professional and trustworthy business presence with room for enhancement in privacy and security transparency.

N

NordNet SA (Registrar)

tourisme-en-champagne.com

0

The website tourisme-en-champagne.com serves as a comprehensive regional tourism portal for the Champagne region in France, offering information on destinations, cultural heritage, accommodations, and activities. It targets tourists and visitors interested in exploring the Champagne terroir and related experiences. The site is well-established with a domain age dating back to 1999, indicating a mature presence in the tourism sector. Technically, the site is built on Drupal 7 with a variety of JavaScript libraries for UI enhancements and analytics, including Matomo and Google Analytics. While the site is functional and provides good content quality and navigation, it uses some outdated JavaScript libraries that may pose security risks. Security posture is moderate with HTTPS enabled but lacks visible security headers and DNSSEC. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from improvements in security and privacy compliance.

E

Ebo-systems S.A.S

ebo-systems.com

0

Ebo Systems is a specialist manufacturer of composite cable tray systems with over 60 years of experience, serving demanding industrial sectors such as energy, transportation, chemistry, and water. The company is part of the Niedax Group, a global leader in cable management solutions, which strengthens its market position and global reach across 27 countries. The website reflects a professional and well-structured digital presence built on WordPress, leveraging modern technologies and SEO best practices. Security posture is strong with HTTPS enforced and no obvious vulnerabilities, though explicit security policies and privacy compliance documentation are lacking. WHOIS data is unavailable, which reduces transparency but does not negate the evident legitimacy of the business. Overall, the website is a credible and professional representation of a medium-sized industrial supplier.

T

Touraine Val de Loire

tourainevaldeloire.com

0

Touraine Val de Loire is a regional tourism organization promoting cultural, natural, and gastronomic experiences in the Touraine region of France. The website is professionally designed with multi-language support and rich content targeting tourists and visitors. The technical infrastructure leverages modern JavaScript modules, WordPress CMS, and integrates analytics and consent frameworks, indicating a mature digital presence. Security posture is good with HTTPS and consent mechanisms, though explicit privacy policies and contact information are missing. The absence of WHOIS registration data is a notable concern but may be due to privacy or data source limitations. Overall, the site is trustworthy and well-positioned for tourism promotion but should improve transparency and compliance documentation.

C

Conseil départemental des Vosges

vosges.fr

0

The website www.vosges.fr is the official online presence of the Conseil départemental des Vosges, a regional government entity in France. It serves as a comprehensive portal for residents and visitors, offering information on public services, cultural events, tourism, and local governance. The site is positioned as a trusted source for regional information and services, targeting a broad audience including citizens, businesses, and tourists. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies such as jQuery, FontAwesome, and various analytics tools including Matomo and Facebook Pixel. The infrastructure supports good mobile optimization, accessibility, and SEO practices, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS, implements key security headers, and avoids exposing sensitive data. While no critical vulnerabilities were detected, the absence of a publicly available security policy and incident response contact suggests room for improvement in transparency and preparedness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website demonstrates a strong legitimacy and trustworthiness profile consistent with an official government entity. The lack of WHOIS data is likely due to privacy protection policies common in French domains. Strategic recommendations include publishing explicit security and incident response policies, enhancing monitoring of third-party scripts, and considering a vulnerability disclosure program to further strengthen security posture.

C

Conseil départemental de la Haute-Marne

haute-marne.fr

0

The Conseil départemental de la Haute-Marne operates as the official local government authority for the Haute-Marne department in France, providing a wide range of public services including road maintenance, education management, social support, and cultural activities. The website serves as a comprehensive portal for residents and stakeholders to access information and services. Technically, the site is built on WordPress using Elementor and Yoast SEO, with Matomo analytics for user tracking. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility could be improved. Security posture is solid with HTTPS and security headers properly configured, but lacks published security policies or incident response details. Privacy compliance is limited due to absence of explicit privacy and cookie policies. Overall, the domain registration data aligns well with the website's governmental nature, supporting high legitimacy and trustworthiness.

D

Département de la Marne

marne.fr

0

The Département de la Marne website serves as the official digital portal for the regional government of the Marne department in France. It provides comprehensive information about the department's missions, actions, elected officials, and public services. The site targets residents and stakeholders within the region, offering resources such as contact information, news, tourism details, and access to administrative procedures. The website maintains a professional and consistent brand image aligned with government standards. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Matomo for analytics. It employs accessibility features and cookie consent management, ensuring compliance with basic privacy norms. The site is mobile-optimized and uses HTTPS, contributing to a secure and user-friendly experience. However, some advanced security headers and explicit privacy policies are not evident, indicating areas for improvement. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits full trust verification, but the official .fr domain and government affiliation support legitimacy. Overall, the site presents a moderate to high security posture with room for enhanced transparency and policy documentation. Strategically, the website effectively supports the department's public service mission, providing clear navigation and relevant content. It integrates social media channels to extend outreach and engagement. Recommendations include publishing detailed privacy and security policies, implementing additional security headers, and establishing a vulnerability disclosure process to strengthen trust and compliance.

The website optimalpeople.fr currently presents no accessible content, with an empty HTML body and no metadata or scripts detected. The domain is registered since 2017 with Infomaniak Network SA as the registrar and hosting provider, using Cloudflare nameservers, indicating a possible Cloudflare WAF protection that may be blocking content access. Due to the lack of visible content, no business description, contact information, or policies are available for analysis. The technical infrastructure appears minimal with no detectable CMS or frameworks. Security posture cannot be fully assessed but is likely weak given the absence of security headers and policies. Overall, the site is inaccessible for meaningful analysis, resulting in a low AI score and limited trustworthiness.

G

Gibraltaz

gibraltaz.fr

0

Gibraltaz is a French technology company founded in 2020, specializing in custom digital business solutions and software services primarily serving enterprises, associations, and territorial organizations in the Grand Est region and Luxembourg. The company offers a broad range of services including consulting, software development, UX/UI design, maintenance, and digital transformation support. They are recognized partners of regional industry initiatives and have won awards for innovation. Technically, the website is built on WordPress with modern plugins and frameworks, hosted by OVH, and uses HTTPS with some security best practices but lacks explicit security headers and formal policies. Contact is primarily via email and web forms, with social media presence on LinkedIn and Facebook enhancing credibility. Privacy and cookie policies are missing, representing compliance gaps. Overall, the website is professional, content-rich, and trustworthy, with moderate technical and security maturity.

A

Aji Groupe

aji-groupe.com

0

Aji Groupe is a specialized communication agency based in Alsace, France, focusing on the gastronomy sector. Founded in 2015, the company offers a range of services including culinary photography, custom website creation, social media management, and proprietary software solutions such as Aji Box and Aji Manager. The agency positions itself as a regional expert with a strong emphasis on digital marketing tailored to culinary businesses. Technically, the website is built on WordPress using Elementor and Yoast SEO, with modern libraries and Google reCAPTCHA for security. Hosting is provided by OVH sas, a reputable French provider. Security posture is good with HTTPS enabled and cookie consent mechanisms in place, though DNSSEC is not enabled and no explicit security or incident response policies are published. Overall, the website is professional, well-branded, and compliant with GDPR, with clear trust indicators such as certifications and client testimonials.

E

EXPO'STAT

expostat.com

0

EXPO'STAT is a French organization specializing in the certification and control of statistical data related to fairs, exhibitions, congresses, and commercial events. Accredited by COFRAC, it offers services including CLEO activity reporting and verification of the quality of 'société à mission' companies. The website targets event organizers and professionals in the event industry, positioning itself as a trusted partner with a long-standing presence since 2008. Technically, the site uses a traditional tech stack with jQuery and several JavaScript libraries, but some components like jQuery are outdated, posing potential security risks. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is average, with no DNSSEC and missing security headers, and no visible cookie consent mechanism, indicating partial GDPR compliance. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

EXPOCERT is a French-based accredited organization specializing in the control and certification of event attendance figures, security services for events, and event management software solutions. Established in 2008, it holds a recognized accreditation from COFRAC, positioning itself as a trusted entity in the French event industry. The company targets event organizers such as salons, congresses, and exhibitions, offering services that ensure compliance and safety in event management. Technically, the website is built on a custom ASP.NET Web Forms platform, utilizing legacy jQuery and standard web technologies. While the site is functional and professionally designed, it shows room for modernization, particularly in mobile optimization and security enhancements. The hosting is managed via host7x24.com, and the site employs HTTPS with Google Analytics for visitor tracking. From a security perspective, the site enforces HTTPS but lacks advanced security headers and uses an outdated JavaScript library version, which could pose vulnerabilities. Privacy compliance is partial; a privacy policy exists but no cookie consent mechanism is implemented, indicating GDPR compliance gaps. Contact information is clearly presented, enhancing business credibility. Overall, EXPOCERT's website reflects a stable and credible business with a solid market position in event certification and security in France. Strategic improvements in security posture and privacy compliance would enhance trust and regulatory adherence.

A

achatpublic.com

achatpublic.com

0

achatpublic.com is a leading French platform specializing in services for public procurement. It serves over 22,000 public buyers and 125,000 suppliers, providing a comprehensive suite of tools covering sourcing, document drafting, buyer profiling, procedural management, act tracking, archiving, and electronic auctions. The platform also offers professional training tailored to public buyers and companies, positioning itself as a key player in the French public procurement ecosystem. Technically, the website is built on Drupal CMS and integrates modern analytics and consent management tools such as HubSpot, Google Tag Manager, Didomi, and Piano Analytics, reflecting a mature digital infrastructure. The site is well-structured, mobile-optimized, and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS and implements a detailed cookie consent mechanism, but lacks explicit security headers and published security policies. The absence of WHOIS data is a notable concern for domain transparency, though the professional presentation and GDPR compliance indicators suggest legitimate operations. Overall, the site presents a moderate to high level of trustworthiness with room for improvement in security transparency and contact information clarity.

D

DÉVELOPPEMENT ÉCONOMIQUE DE LA VILLE DE VANDOEUVRE

vandeco.fr

0

The website www.vandeco.fr serves as the official digital platform for the economic development and employment services of the Ville de Vandœuvre-lès-Nancy, France. It targets local businesses, job seekers, institutions, students, and the general public by providing comprehensive information on business creation, development, employment opportunities, training, and local events. The platform is positioned as a key local government service to foster economic growth and employment within the community. Technically, the site is built on WordPress using Elementor and several popular plugins such as Yoast SEO and Contact Form 7. The infrastructure supports responsive design and basic accessibility features, with moderate performance. The site employs HTTPS with a valid SSL certificate, but lacks advanced security headers and explicit incident response policies. From a security perspective, the site demonstrates good baseline practices including encrypted connections and cookie consent mechanisms compliant with GDPR. However, the absence of security headers and vulnerability disclosure policies suggests room for improvement in security maturity. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is trustworthy and professional, reflecting its role as a municipal service. The lack of WHOIS data reduces domain registration transparency but does not detract significantly from the site's legitimacy given the official branding and contact information. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility compliance to strengthen trust and resilience.

V

Ville de Vandœuvre

vandoeuvre.net

0

The website www.vandoeuvre.fr serves as the official digital presence of the city of Vandœuvre in France, providing residents and visitors with access to city news, event agendas, and a variety of public services including online administrative procedures. The site is positioned as a municipal government portal with a medium-sized audience primarily localized to the city and surrounding region. The content is well-structured, professionally presented, and consistent with official city branding, targeting a general audience with information relevant to local governance and community engagement. Technically, the site is built on WordPress CMS, utilizing common plugins such as Yoast SEO for search optimization and Matomo for privacy-conscious analytics. The technology stack includes modern JavaScript libraries and UI frameworks, ensuring a good user experience with mobile responsiveness and moderate performance. However, some accessibility features could be improved, and security headers are not explicitly detected in the provided data. From a security standpoint, the site enforces HTTPS and includes a GDPR-compliant cookie consent mechanism, reflecting awareness of privacy regulations. No critical vulnerabilities or exposed sensitive data were identified in the HTML content. However, the absence of a published privacy policy, terms of service, and security incident contact information represents compliance and transparency gaps. The WHOIS data for the domain is unavailable, which reduces trust signals but may be due to AFNIC's query restrictions or privacy protections. Overall, the website demonstrates a solid foundation for municipal digital services with good content quality and technical implementation. Strategic improvements in security headers, privacy documentation, and WHOIS transparency would enhance trust and compliance. The risk profile is moderate with no immediate critical issues detected.

B

Bureau des Congrès de Nantes & St-Nazaire

bureaudescongres-nantes.fr

0

The Bureau des Congrès de Nantes & St-Nazaire website serves as a professional platform to assist in organizing various types of corporate events such as seminars, congresses, salons, team-building activities, and hybrid or virtual events in the Nantes and Saint-Nazaire regions. The site positions itself as a creative and eco-responsible destination, targeting event organizers and companies seeking unique and sustainable event solutions. The business model revolves around providing expert guidance and connecting clients with local service providers including venues, caterers, and agencies. Technically, the website is built on Drupal 9 CMS, utilizing modern frontend libraries like Swiper.js for interactive elements. The site demonstrates good mobile optimization and SEO practices, with clear navigation and professional design. However, some accessibility features appear basic, and performance is moderate. No explicit hosting provider or advanced platform details are evident. From a security perspective, the site uses HTTPS as indicated by canonical URLs, but lacks visible security headers and explicit privacy or cookie policies. No contact emails or phone numbers are directly found in the provided content, though a contact form is available. There is no evidence of vulnerability disclosures or incident response information. The absence of WHOIS data suggests privacy protection on domain registration, which is typical for business entities. Overall, the website is professional and trustworthy with a solid business presence, but could improve in privacy compliance and security best practices to enhance user trust and regulatory adherence.

R

Reworld Media Connect

reworldmediafactory.com

0

Reworld Media Connect is the advertising sales division of Reworld Media, a leading French thematic media group owning 80 proprietary media brands. The website targets advertisers and media buyers interested in thematic media advertising in France. The business model focuses on media representation and advertising sales. The website is built on WordPress with modern plugins and SEO optimizations, including Google Tag Manager and a GDPR-compliant cookie consent mechanism via Didomi. However, no explicit privacy policy or terms of service pages were detected, and no direct contact information was found in the HTML content. The WHOIS data for the domain is missing or unavailable, which is inconsistent with the active and professional website presence, lowering trustworthiness. Security posture is basic with HTTPS enabled but lacking visible security headers or explicit security policies. Overall, the website is professional and functional but would benefit from improved transparency and security disclosures.

U

Unbottled

unbottled.co

0

Unbottled is a French e-commerce company specializing in eco-friendly, solid personal care products designed to eliminate plastic and chemical usage in bathrooms. The website is built on the Shopify platform and integrates multiple marketing and analytics tools such as Klaviyo, Hotjar, TikTok Analytics, and Judge.me for customer reviews. The business targets environmentally conscious consumers seeking sustainable alternatives to bottled products. The site demonstrates good design quality, clear navigation, and consistent branding, supporting a positive user experience. Technically, the site uses modern web technologies and maintains good performance and mobile optimization. Security posture is strong with HTTPS enforcement and security headers, though explicit security and privacy policies are missing from the visible content. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

C

Colorful Black

colorfulblack.com

0

Colorful Black is a niche e-commerce retailer specializing in haircare and skincare products tailored for curly, afro, black, and mixed skin types. Established since 2009, the company offers a curated selection of products including haircare brands, beauty accessories, fashion items, and home decor, with a physical presence in Paris. The website is built on the Shopify platform, leveraging modern web technologies and third-party integrations for marketing, analytics, and customer engagement. Privacy and cookie policies are implemented with consent mechanisms, reflecting GDPR compliance. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are absent. The domain WHOIS data is unavailable, possibly due to privacy protection, which slightly impacts trust but is common for small e-commerce businesses. Overall, the site presents a professional and trustworthy online presence with room for improvement in transparency and contact accessibility.

N

Nuvia Group

nuvia.com

0

Nuvia Group is an international company specializing in nuclear technology, offering a comprehensive range of services including engineering, EPC, services and works, and products. The company operates under the parent company Vinci Construction Group, positioning itself as a key player in heavily regulated environments such as nuclear, healthcare, defense, and industrial sectors. The website reflects a professional and consistent brand image targeting business clients and professionals in these industries. Technically, the website is built on WordPress with modern libraries such as jQuery, Owl Carousel, and Leaflet, and integrates privacy-conscious analytics via Matomo. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though some security headers are not detected and no explicit security policy or incident response information is published. The absence of WHOIS data for the domain is a notable gap, reducing transparency and trust slightly. Overall, the website is well-designed, compliant with privacy regulations, and safe for general audiences.

K

KRKA

krka.fr

0

KRKA is a well-established pharmaceutical company specializing in generic medicines with nearly 70 years of experience. The French website presents a professional and comprehensive digital presence targeting healthcare professionals and the general public. It offers a product catalog, detailed company information, and multilingual support through links to various country-specific KRKA sites. The technical infrastructure is modern, leveraging Nuxt.js and Vue.js frameworks, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, although some security headers and explicit security policies are absent. WHOIS data is unavailable, which limits domain registration trust analysis, but the overall site content and contact information support legitimacy. The site is GDPR compliant and provides clear data protection officer contact details.

I

ISSN International Centre

issn.org

0

The ISSN International Centre website serves as the official portal for the International Standard Serial Number system, coordinating a global network of national centres responsible for assigning ISSNs to serial publications. The organization operates as a non-profit entity with a focus on standardization and registration services for serials in both print and electronic formats. The website targets publishers, libraries, and multinational publishing entities, offering subscription-based access to the ISSN Portal and customized data processing services. The site is multilingual, professionally designed, and provides clear navigation and relevant content for its audience. Technically, the website is built on WordPress and leverages a variety of plugins and libraries including Gravity Forms for contact forms, Google reCAPTCHA for spam protection, and Google Tag Manager for analytics. The site is secured with HTTPS and employs anti-spam measures on forms, but lacks some advanced security headers and explicit cookie consent mechanisms. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and captcha-protected forms, but could improve by implementing security headers, publishing a security policy, and providing incident response contacts. The absence of WHOIS data limits domain trust analysis, but the professional presentation and organizational legitimacy mitigate concerns. No vulnerabilities or suspicious content were detected. Overall, the website is a credible and professional platform for the ISSN International Centre, with room for improvement in privacy compliance and security transparency. Strategic recommendations include enhancing security headers, adding cookie consent, publishing security policies, and improving accessibility to strengthen trust and compliance.

N

NORMA Sàrl

norma.fr

0

NORMA Sàrl operates as a discount food retailer primarily serving the French market with additional presence in Germany, Austria, and the Czech Republic. The website offers consumers access to discount offers, interactive catalogues, and store locators, targeting general consumers interested in affordable groceries and regional or organic products. The business model focuses on discount retail with a medium-sized footprint of 71 stores in the Grand-Est region of France. Technically, the website employs modern JavaScript libraries such as jQuery and Bootstrap, uses Matomo for privacy-conscious analytics, and is hosted behind Akamai CDN services, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security headers are not evident in the HTML content. The absence of WHOIS data is a concern but does not detract significantly from the site's legitimacy given the professional presentation and consistent branding. Overall, the site is well-structured, mobile-optimized, and compliant with GDPR cookie consent requirements.

F

Franceinfo

francetvinfo.fr

0

Franceinfo is a prominent French public news media website providing real-time news updates, live information, and multimedia content such as photos, videos, and tweets. It targets a general audience interested in current events and live news coverage. The website demonstrates a high level of digital maturity with modern web technologies, mobile optimization, and strong branding consistency. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are not clearly presented in the HTML content. The absence of WHOIS data is likely due to registry privacy policies and does not detract significantly from the site's legitimacy given its public media status. Overall, Franceinfo is a trustworthy and professional news platform with room for improvement in privacy and security disclosures.

T

Touraine Val de Loire

touraineloirevalley.com

0

Touraine Val de Loire is a regional tourism organization promoting cultural, natural, and gastronomic experiences in the Touraine region of France. The website offers rich content including activities, destinations, events, and accommodations, targeting tourists and travelers interested in exploring the Loire Valley. The technical infrastructure is modern, leveraging a WordPress CMS with advanced JavaScript modules and libraries, ensuring a good user experience and mobile optimization. Security posture is generally good with HTTPS and cookie consent mechanisms, but lacks explicit security headers and detailed privacy policies. The absence of WHOIS data reduces trustworthiness somewhat, though the professional presentation and multi-language support indicate a legitimate and established tourism entity. Strategic improvements in transparency, privacy compliance, and security headers would enhance overall trust and compliance.

C

Comité régional du Tourisme de la région Centre-Val de Loire

tourisme-pro-centre-valdeloire.fr

0

The website 'Tourisme Pro' serves as the official digital platform for the Comité régional du Tourisme de la région Centre-Val de Loire, targeting tourism professionals within the region. It offers a comprehensive range of services including tourism data, professional training, innovation support, publications, and sustainable tourism initiatives. The site positions itself as a key regional resource and authority in tourism promotion. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for content management, GDPR compliance, and user engagement. Hosting is provided by Infomaniak Network SA, a reputable provider. The site demonstrates good mobile optimization, moderate performance, and solid SEO practices. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully detected, no vulnerabilities or exposed sensitive data were found. The absence of direct contact emails or phone numbers suggests reliance on contact forms for communication. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. It maintains good privacy compliance and provides a safe browsing experience. Strategic recommendations include enhancing security headers, expanding contact information transparency, and continuous security monitoring.

T

Tours Val de Loire Box

valdeloire-box.fr

0

Tours Val de Loire Box is a small French hospitality business specializing in selling curated experience gift boxes focused on the Val de Loire region. Their offerings include cultural passes, vintage vehicle rides, helicopter tours, gastronomy workshops, and weekend stays, targeting tourists and gift buyers interested in unique regional experiences. The website is professionally designed using WordPress with the Divi theme and WooCommerce platform, supported by modern web technologies such as jQuery and Snap.svg. The site is hosted by OVH, a reputable French provider, and includes SEO optimizations and mobile responsiveness. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy policies and terms of service are present and accessible, indicating GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the website presents a trustworthy and professional digital presence for a niche tourism business.

T

Tours City Pass

tourscitypass.com

0

Tours City Pass is a small-sized tourism-focused business founded in 2020, offering digital city passes and related tourism packages for visitors to Tours, France. The website serves as an e-commerce platform enabling users to purchase passes, access interactive maps, and benefit from discounts and cultural offers. The business is positioned as a local tourism enabler with a clear target audience of tourists and visitors seeking cultural and leisure activities in the Tours metropolitan area. The parent company is Otipass, which provides the technological platform and payment processing services. Technically, the website employs a modern technology stack including Bootstrap, jQuery, React, and various analytics and tracking tools such as Matomo and Facebook Pixel. The site is mobile-optimized, uses HTTPS with strong SSL configuration, and integrates cookie consent mechanisms compliant with GDPR. However, some security headers are missing, and DNSSEC is not enabled, representing areas for improvement. From a security perspective, the site demonstrates good practices such as encrypted communications, cookie consent, and no visible sensitive data exposure. There is no evidence of a published security policy or incident response plan, and no vulnerability disclosure mechanism is present. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company’s founding date and no privacy protection, which supports transparency. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with moderate technical sophistication and a solid security posture. Recommendations include enhancing security headers, enabling DNSSEC, and publishing formal security and incident response policies to further strengthen trust and compliance.

B

Bureau des Congrès Tours Val de Loire

bureaudescongres-tours.com

0

The Bureau des Congrès Tours Val de Loire is a regional convention bureau dedicated to supporting professional event organization in the Tours and Touraine region of France. The website presents a professional and well-structured digital presence, targeting event planners and corporate clients seeking local expertise and unique venues. The business model focuses on destination management and event facilitation, positioning itself as the official regional bureau with a strong local market presence. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and WPML for multilingual support, hosted by OVH sas. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is adequate with HTTPS enforced and a comprehensive cookie consent mechanism, though it lacks advanced security headers and explicit security policies. WHOIS data shows some inconsistencies, notably a future domain creation date and minimal registrant information, which slightly reduces trust but does not undermine the professional nature of the site. Overall, the site is safe, compliant with GDPR, and suitable for its target audience.

S

SPL-XDEMAT

spl-xdemat.fr

0

SPL-XDEMAT is a French public local company established in 2012 by multiple departmental governments to provide digital dematerialization services tailored for local authorities. The company offers a suite of applications and services including administrative document management, electronic signatures, public procurement platforms, and citizen communication tools. The website reflects a mature regional service provider with a strong focus on government clients and compliance with French regulations. Technically, the site uses standard web technologies such as jQuery and JavaScript, with a responsive and accessible design optimized for mobile devices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Privacy and cookie policies are present and appear comprehensive, supporting GDPR compliance. The absence of WHOIS data limits domain legitimacy verification but the professional presentation and official departmental partnerships support trustworthiness.

S

SPL-XDEMAT

maelis.info

0

Maelis.info is the official website for the MAELIS application, a service provided by SPL-XDEMAT aimed at facilitating local community engagement through a smartphone app. The app offers practical information, alerts, incident reporting, and access to local public services and associations. The website is professionally designed with clear navigation and mobile optimization, targeting French local government citizens and community members. The business model focuses on providing a digital platform for local government communication and citizen participation. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and libraries such as jQuery and AOS for animations. It supports mobile platforms with links to iOS and Android app stores. While the site performs moderately well and is mobile-optimized, there is room for improvement in accessibility and security headers. No CMS or hosting provider details are evident. From a security perspective, the site lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and user trust. The WHOIS data is privacy protected, which is common but reduces transparency. No forms or sensitive data collection points are present on the main page, reducing immediate risk exposure. Overall, the security posture is moderate but could be enhanced with standard best practices. The overall risk assessment is low, with no signs of malicious content or suspicious behavior. Strategic recommendations include implementing security headers, adding cookie consent, improving privacy disclosures, and providing clear contact information for security incidents to enhance trust and compliance.

N

Nancy Jazz Pulsations

nancyjazzpulsations.com

0

Nancy Jazz Pulsations is a well-established cultural festival based in France, focusing on jazz music and related events. The website serves as the primary digital platform for festival programming, ticketing, and information dissemination. It targets jazz enthusiasts and cultural event attendees, positioning itself as a key regional festival with a history dating back to 2000. The business model revolves around event organization, promotion, and ticket sales, supported by a medium-sized operational scale.

Facebook, accessible via the fr-fr.facebook.com subdomain, is a leading social networking platform operated by Meta Platforms, Inc. The website serves the French-speaking audience in France, providing a localized interface for users to connect, share, and communicate. As part of Meta's extensive ecosystem, Facebook maintains a dominant market position with a broad range of services including messaging, video content, and advertising solutions. The platform's business model is primarily advertising-based, leveraging extensive user data to deliver targeted ads. The website's content is professionally presented, with clear navigation and strong branding consistent with Meta's corporate identity. Technically, the website employs modern web technologies such as React and BigPipe for efficient content delivery and dynamic user experiences. The site is optimized for performance and mobile responsiveness, ensuring accessibility across devices. Security is robust, with HTTPS enforced, secure cookies, and standard security headers like HSTS. The login form includes anti-CSRF tokens and secure input handling, reflecting good security practices. Privacy and cookie policies are comprehensive and GDPR compliant, demonstrating Meta's commitment to regulatory adherence. The security posture is strong, with no visible vulnerabilities or exposed sensitive data. While no explicit incident response or vulnerability disclosure pages are found, the overall security framework appears mature. The website integrates multiple analytics and marketing tools, including Meta Pixel and Google Analytics, enabling extensive user tracking balanced with privacy compliance. No adult or questionable content is present, making the site safe for general audiences. Overall, Facebook's French site is a high-quality, secure, and professionally managed platform aligned with Meta's global standards. It effectively serves its target audience with a reliable and trustworthy user experience, supported by a mature technical infrastructure and strong business credibility.

The website www.tours-tourisme.fr serves as the official online presence of the Office de Tourisme de Tours Val de Loire, providing tourism-related services such as hotel reservations, activity bookings, guided tours, and holiday stays. It targets tourists and visitors interested in the Tours Val de Loire region in France. The site is built using modern web technologies including Gatsby and React, indicating a contemporary digital infrastructure. However, the technical implementation shows room for improvement in security and privacy compliance, as no privacy or cookie policies were detected, and security headers are absent. The WHOIS data is unavailable from the AFNIC database, which limits the ability to fully verify domain legitimacy and age. Overall, the site appears professional and trustworthy in content and design but would benefit from enhanced security and compliance measures.