Security Directory

E

Eiffage Immobilier

eiffage-immobilier-corporate.fr

0

Eiffage Immobilier is a prominent French real estate developer specializing in low-carbon, sustainable urban development. The company operates as an integrated entity combining land development, promotion, and construction services, targeting mixed-use and multisector projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to a broad audience including investors, partners, and end-users. Technically, the site leverages modern web technologies such as the Jahia CMS, Typekit fonts, and integrates third-party services like YouTube and OneTrust for cookie consent, indicating a well-maintained infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data is a notable concern, impacting domain legitimacy assessment. Overall, the site is professional, trustworthy, and compliant with GDPR, but domain registration details should be verified for full assurance.

E

Eiffage

eiffage-amenagement.fr

0

Eiffage Aménagement is a specialized urban development subsidiary of the large European construction and concessions group Eiffage. The company focuses on urban renewal, revitalization of city centers, and creation of sustainable eco-neighborhoods, targeting local authorities and urban planners primarily in France. The website reflects a mature corporate presence with consistent branding and clear business messaging aligned with the parent group. Technically, the site uses modern JavaScript libraries, integrates third-party analytics and consent management tools, and is built on the Jahia CMS platform. Security posture is good with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. WHOIS data is not publicly available, typical for AFNIC-managed French domains, but the domain and content align with a legitimate enterprise. Overall, the site is professional, secure, and compliant with basic privacy standards, though improvements in transparency and contact information are recommended.

E

Eiffage

eiffageconstruction.com

0

Eiffage Construction is a major construction and real estate development company operating primarily in France and Europe. As a subsidiary of the Eiffage group, it offers expertise in construction, urban development, real estate promotion, and maintenance services. The website reflects a professional corporate presence with consistent branding and clear navigation aimed at business and public sector clients. Technically, the site uses modern JavaScript libraries and analytics tools, including jQuery, Google reCAPTCHA, and Piano Analytics, and appears to be built on the Jahia CMS platform. The site is mobile-optimized and includes accessibility features, although explicit security headers are not detected in the provided content. The WHOIS data for the domain is missing or unavailable, which is unusual for a corporate domain and warrants further investigation. Privacy compliance is supported by a cookie consent mechanism, but explicit privacy and terms of service pages were not found in the provided content. Overall, the website is professional and trustworthy, but the lack of WHOIS data and explicit contact/security policies are areas for improvement.

R

Accès aux massifs forestiers

risque-prevention-incendie.fr

0

The website www.risque-prevention-incendie.fr functions as an informational portal providing access maps and data related to forest massif access in Mediterranean departments of France. It is a government-related service in partnership with Météo France and Valabre, aimed at supporting fire prevention and public information. The site offers interactive maps embedded via iframe and department-specific links to forest access information. Technically, the site is built with basic HTML and CSS, with no detected CMS or advanced frameworks. Mobile optimization and accessibility are basic but functional. Security posture is limited, with no HTTPS verification in the provided data, no security headers, and no privacy or cookie policies, which are critical for compliance and trust. WHOIS data is unavailable, which reduces domain trustworthiness, though the content and external partner references suggest legitimacy. Overall, the site is functional and serves its informational purpose but requires improvements in security, privacy compliance, and contact transparency to enhance trust and compliance.

D

Démarches Simplifiées / Direction interministérielle du numérique (DINUM)

demarches-simplifiees.fr

0

Démarches Simplifiées is a French government digital platform designed to facilitate online administrative procedures for citizens and public administration agents. It serves as a centralized service to submit and manage administrative files, significantly reducing processing times and improving user experience. The platform is backed by the Direction interministérielle du numérique (DINUM), ensuring strong governmental support and legitimacy. The website features professional design, clear navigation, and comprehensive content tailored to its target audience of general public users and government agents. Technically, the website employs modern web technologies including Ruby on Rails, StimulusJS, and Vite for asset management. It integrates privacy-respecting analytics via Matomo and error tracking through Sentry, reflecting a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices and performance characteristics. From a security perspective, the platform enforces HTTPS, uses CSRF tokens, and publishes a security policy and vulnerability disclosure guidelines. However, explicit security headers are not evident in the HTML content, and there is no visible cookie consent mechanism despite the presence of a cookie policy page. Incident response contact details are not explicitly provided. Overall, the security posture is strong but could be enhanced by adding recommended headers and improving privacy compliance mechanisms. The overall risk assessment is low, with high trust indicators stemming from government affiliation, open source transparency, and consistent branding. Strategic recommendations include implementing cookie consent banners, publishing incident response contacts, adding security headers, and considering a security.txt file to facilitate vulnerability reporting.

O

Office de Tourisme de La Grande Motte

lagrandemotte.com

0

La Grande Motte's official tourism website provides comprehensive information and services for visitors including accommodation booking, activity reservations, and event details. The site targets tourists and business travelers, positioning itself as a key local tourism authority with a strong digital presence. Technically, the site is built on WordPress with modern plugins and integrates Google Analytics for tracking. The site is well-designed, mobile-optimized, and offers a good user experience. Security posture is adequate with HTTPS and cookie consent, but lacks visible security headers and a published privacy policy. WHOIS data is missing, which raises some concerns about domain registration transparency. Overall, the site is trustworthy and professional but could improve compliance and security transparency.

O

Office de Tourisme Béziers Méditerranée

beziers-mediterranee.uk

0

The website represents the official Office de Tourisme Béziers Méditerranée, providing comprehensive tourist information, event promotion, and ticketing services for the Béziers region in France. It targets tourists and visitors seeking cultural, leisure, and practical information about the Mediterranean area. The site is well-branded, professionally designed, and offers multilingual support, reflecting a mature digital presence. Technically, the site is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, and integrates Google Analytics and Tag Manager for tracking. Cookie consent is managed via Axeptio, indicating attention to privacy compliance. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and no visible sensitive data exposure. However, the absence of HTTP security headers and lack of published security policies or incident response contacts are areas for improvement. The WHOIS data is missing or invalid due to domain naming rules violation, which slightly reduces trust from a domain registration perspective but does not detract from the site's legitimacy based on content and certifications. Overall, the site is low risk with strong business credibility and privacy compliance, but should address domain registration clarity and enhance security headers and policies to improve trust and resilience.

M

Montpellier Tourism

montpellier-france.com

0

Montpellier Tourism operates a professional and content-rich website promoting tourism in Montpellier, France. The site offers comprehensive visitor information including accommodation, events, guided tours, and local attractions, targeting international tourists with multi-language support. Technically, the website uses a modern JavaScript stack with modular ES scripts, integrates third-party services for maps, booking, and analytics, and is built on WordPress with a custom theme. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit privacy policies are missing. The absence of WHOIS data is a notable concern, reducing domain registration transparency and trust. Overall, the site is well-designed and functional but would benefit from enhanced privacy disclosures and domain registration clarity.

C

Office de Tourisme Cap d'Agde Méditerranée, Hérault, Occitanie

capdagde.com

0

The website www.capdagde.com serves as the official tourism office portal for the Cap d'Agde Mediterranean region in Hérault, Occitanie, France. It provides comprehensive information on local tourism services including accommodation, activities, events, and gastronomy, targeting tourists and visitors to the region. The site is built on WordPress and integrates Matomo analytics for visitor tracking. The technical infrastructure is modern with responsive design and good SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, which should be further investigated. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and clearer contact information to improve trust and security.

L

La Ramoneta

laramoneta.com

0

La Ramoneta is a small, niche travel and lifestyle blog focused on promoting tourism and cultural experiences in the South of France. The website offers curated content including guides on activities, places to see, local food, accommodations, and cultural insights. The business model centers around content publishing and local food tours, targeting tourists and visitors interested in authentic regional experiences. The site maintains a consistent brand presence with active social media channels and a professional design. Technically, the website is built on WordPress with Yoast SEO and integrates Google Analytics and CookieControl for analytics and cookie consent management. The site is mobile optimized and has good SEO practices, though performance is moderate. Hosting is provided by Vautron Rechenzentrum AG, and the domain is registered since 2017, consistent with the business age. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks advanced security headers and does not enable DNSSEC. There is no visible privacy policy, terms of service, or incident response information, which are gaps in compliance and security transparency. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent from the data provided. Overall, La Ramoneta presents a trustworthy and professional online presence for a small travel blog, but should improve privacy and security disclosures to enhance compliance and user trust.

L

Laëtis

laetis.fr

0

Laëtis is a French digital agency specializing in creating interactive and user-friendly digital solutions tailored to sectors such as tourism, local development, agriculture, environment, and e-commerce. The company targets clients focused on efficiency and sustainable territorial development, offering custom web and online collaborative applications. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in French. Technically, the website is built on Drupal CMS with modern JavaScript libraries including jQuery, RequireJS, and Modernizr. It employs HTTPS with good SSL configuration and includes a cookie consent mechanism compliant with GDPR. However, no explicit security headers were detected, and no detailed security or incident response policies are published. From a security perspective, the site shows a moderate security posture with HTTPS and cookie consent but lacks visible advanced security headers and incident response information. The absence of WHOIS data limits domain trust assessment, though the site content and structure suggest a legitimate business. No vulnerabilities or exposed sensitive data were identified in the provided content. Overall, Laëtis presents a professional and trustworthy digital presence with room for improvement in security transparency and WHOIS data availability. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain registration details to strengthen trust and compliance.

M

Meteored

tameteo.com

0

Tameteo.com, operated by Meteored, is a well-established online weather forecasting platform targeting French-speaking users primarily in France and its overseas territories. The site offers comprehensive 14-day weather forecasts, hourly updates, radar and satellite imagery, and weather-related news. It supports multiple platforms including web and mobile apps for Android, iOS, Huawei, and Windows, enhancing accessibility and user engagement. The business model relies on free content supported by advertising and additional services such as widgets and plugins for third-party integration. Technically, the website employs modern JavaScript frameworks and libraries, integrates Google Tag Manager and Google Ads for analytics and advertising, and uses a Consent Management Platform to comply with GDPR. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and GDPR compliance evident, though some security headers could be improved. Despite the professional appearance and comprehensive content, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. No direct company contact emails or phone numbers are publicly available, which may impact business credibility. Overall, the site is trustworthy and functional but would benefit from improved domain registration transparency and enhanced security headers. Strategic recommendations include implementing additional security headers, enhancing accessibility features, and providing clearer business contact information to strengthen trust and compliance.

O

Orne Département

travaillerdanslorne.com

0

The website 'Travailler dans l'Orne' is a regional employment platform operated by the Orne Département, a local government entity in France. It serves as a centralized portal for job seekers and recruiters within the Orne department, offering job listings, training opportunities, internships, and alternance contracts. The platform also provides a CV analysis feature to better match candidates with relevant job offers. The site targets local residents and businesses, positioning itself as a key regional employment resource. Technically, the website employs modern JavaScript frameworks such as Turbo (Hotwire) and StimulusJS, and integrates analytics tools including Google Tag Manager and Piano Analytics. Hosting is provided by OVH sas, a reputable French hosting provider. The site is mobile-optimized with a good user experience and clear navigation. Security-wise, the site uses HTTPS and domain-level protections like clientDeleteProhibited and clientTransferProhibited statuses, but lacks DNSSEC and explicit security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is primarily via forms, with no explicit emails or phone numbers listed. Overall, the website is professional, trustworthy, and well-aligned with its government mandate, but could improve security and privacy practices.

M

Mairie de Villeveyrac

villeveyrac.fr

0

The website www.villeveyrac.fr serves as the official digital presence of the Mairie de Villeveyrac, a local government entity in France. It provides residents and visitors with access to municipal news, upcoming events, public services, and citizen participation tools. The site is well-structured with multilingual support and integrates community-focused services such as urban planning, police municipal information, and youth services. The business model is centered on public service delivery and community engagement, positioning it as a key local government resource. Technically, the website employs modern web technologies including JavaScript frameworks, Matomo analytics for user tracking, and responsive design principles ensuring good mobile optimization. The site is built on the illiwap platform, which is specialized for municipal digital services. Performance is moderate with good SEO and accessibility basics, though some improvements could be made in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses secure input validation for phone numbers. However, it lacks explicit security headers, a cookie consent mechanism, and a vulnerability disclosure policy, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is not publicly available, likely due to privacy protection, which is common and justified for this type of entity. Overall, the website is trustworthy, professional, and serves its intended audience effectively. Strategic recommendations include enhancing privacy compliance with cookie consent, implementing security headers, and publishing a vulnerability disclosure policy to strengthen security posture and user trust.

The website ville-poussan.fr serves as the official online presence for the municipal government of Poussan, France. It provides residents and visitors with news, practical information, and community updates. The site is positioned as a small government entity's digital portal, focusing on local public service and information dissemination. The business model is typical of municipal websites, offering free access to public information and services. The website is well-branded and consistent with government standards, reflecting a trustworthy and official source.

The website www.ville-marseillan.fr serves as the official digital portal for the municipal government of Marseillan, France. It provides residents and visitors with access to municipal news, public service notifications, beach weather updates, and live webcam feeds. The site targets local citizens and tourists, offering essential government services and information. The business model is that of a government entity providing public information and services online. Technically, the site is built on WordPress CMS with a custom theme and uses modern web technologies including jQuery and Matomo for analytics. It incorporates accessibility features and multilingual support via Google Translate. The site is well-optimized for SEO and mobile devices, with good performance and structured data markup enhancing search visibility. From a security perspective, the site enforces HTTPS, includes standard security headers, and does not expose sensitive data. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. However, there is no explicit security policy or incident response information published, which could be improved. Overall, the website demonstrates a solid security posture and professional digital presence appropriate for a municipal government. The lack of WHOIS data is likely due to privacy protection, which is reasonable for this type of entity. Strategic recommendations include publishing a dedicated security policy, enhancing incident response transparency, and maintaining regular security audits to ensure ongoing protection.

S

Site de la commune de Loupian

loupian.fr

0

The website www.loupian.fr serves as the official online portal for the commune of Loupian, France. It provides residents and visitors with access to municipal information, administrative procedures, cultural events, and local services. The site is positioned as a trusted government resource with a clear focus on community engagement and transparency. The content is primarily in French and targets local citizens and stakeholders. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Colibri Page Builder Pro, ensuring good SEO and responsive design. The presence of a cookie consent banner and GDPR-compliant privacy policy reflects adherence to European data protection regulations. Security-wise, the site uses HTTPS but lacks visible advanced security headers, indicating room for improvement in hardening. No WHOIS data is available due to privacy protection, which is common for municipal domains. Overall, the site is legitimate, professional, and well-maintained, with moderate technical maturity and good privacy compliance.

M

Mairie de Gigean

ville-gigean.fr

0

The website ville-gigean.fr is the official online presence of the municipal government of Gigean, a commune in the Hérault department of France. It provides residents and visitors with municipal information, local news, event calendars, administrative procedures, and contact options. The site targets local citizens and stakeholders interested in community services and updates. The business model is public service oriented, with no commercial intent, focusing on transparency and community engagement. Technically, the site is built on Joomla CMS with modern frontend technologies including Bootstrap 5, jQuery, Vue.js, and popular UI libraries like Font Awesome and Slick Carousel. Hosting is provided by OVH, a reputable French hosting provider. The site demonstrates good mobile optimization, accessibility features, and SEO practices, though performance is moderate likely due to rich media and scripts. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms with high privacy settings. It uses reCAPTCHA for form protection and social sharing tools with minimal tracking. However, explicit security headers like CSP and X-Frame-Options are not evident, and no dedicated security or incident response policies are published. No vulnerabilities or suspicious content were detected. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR requirements. It serves its purpose as a municipal information portal effectively. Strategic recommendations include enhancing security headers, publishing security policies, and adding a vulnerability disclosure mechanism to improve transparency and resilience.

V

Ville de Balaruc-les-Bains

ville-balaruc-les-bains.com

0

The website ville-balaruc-les-bains.com serves as the official municipal portal for the town of Balaruc-les-Bains in France. It provides comprehensive information about the town's thermal spa services, cultural events, public services, urban planning, and social programs. The site targets residents, tourists, and local citizens, positioning itself as a key information hub for the community. The business model is that of a government entity providing public services and information. The website is well-branded and consistent with municipal identity. Technically, the site is built on Drupal 9 CMS with Bootstrap Barrio theme and uses modern web technologies including Font Awesome and Leaflet.js for maps. Google Tag Manager and reCAPTCHA are integrated for analytics and form security. The site is mobile optimized and accessible with good SEO practices. Hosting appears stable with a domain age since 2003, indicating maturity. From a security perspective, HTTPS is enabled and forms are protected with reCAPTCHA. However, DNSSEC is not enabled, and some security headers like Content-Security-Policy are missing. No vulnerability disclosure or security.txt file is present. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy found. Social media presence is strong, enhancing trust. Overall, the website is safe, professional, and trustworthy with moderate security posture and good business credibility. Recommendations include enhancing security headers, enabling DNSSEC, publishing privacy and security policies, and improving privacy compliance documentation.

M

Mairie de Saint-Hilaire-de-Brethmas

shb-bota.fr

0

The website shb-rando.fr serves as an informational and community resource for the commune of Saint-Hilaire-de-Brethmas in France, focusing on heritage, sports, biodiversity, and geology trails. It targets families, hikers, cyclists, and nature enthusiasts, providing detailed trail information, interactive maps, and local cultural content. The site is positioned as a local government or community service platform, supported by municipal and regional partners. Technically, the site is built on WordPress with common plugins such as WooCommerce, Yoast SEO, and WPBakery, hosted by OVH. It uses modern web technologies and is mobile-optimized with embedded OpenStreetMap maps for enhanced user experience. Security posture is moderate with HTTPS enabled and domain transfer protections, but lacks explicit security headers and privacy/cookie policies, which are compliance gaps. Analytics usage includes Google Analytics via Site Kit, with moderate user tracking. Overall, the site is professional, trustworthy, and serves its community well but should improve privacy compliance and security headers to enhance trust and regulatory adherence.

P

Place du Village

place-du-village.fr

0

Place du Village is a French SaaS provider specializing in communication solutions for local governments and municipalities. Their platform offers a unified interface to manage multi-channel communication and citizen engagement, targeting public administrations with a subscription model starting at 68 €HT per month. The website reflects a niche market positioning with a professional and consistent brand presence. Technically, the site is built on WordPress and leverages modern libraries such as Bootstrap 5, jQuery, and Mapbox GL JS, hosted behind Cloudflare for performance and security. Security posture is adequate with HTTPS and cookie consent implemented, but lacks explicit security policies and vulnerability disclosure mechanisms. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

O

Opéra national du Rhin

operanationaldurhin.eu

0

The Opéra national du Rhin website serves as the digital presence for a regional cultural institution specializing in opera and performing arts in France. It offers detailed event listings, ticketing options, and multimedia content to engage its audience. The site is built on modern web technologies including Roadiz CMS and Vue.js, providing a responsive and visually appealing user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy and security policies are not clearly presented. The absence of public WHOIS data is consistent with EURid's privacy policies and does not detract from the site's legitimacy. Overall, the website reflects a professional and trustworthy cultural organization with room for improvement in transparency and security documentation.

M

Mulhouse Expo SAEML

parcexpo.fr

0

Parc Expo de Mulhouse is a well-established event venue and exhibition center located in Mulhouse, France, founded in 1996. The company operates as Mulhouse Expo SAEML and offers modular, functional spaces for hosting salons, congresses, fairs, and cultural events. The website reflects a regional market position targeting event organizers and visitors in the Mulhouse area and surrounding regions. The business model centers on venue rental and event hosting services, supported by a comprehensive event agenda and partnerships with various event organizers. The site content is professionally presented in French, with clear navigation and consistent branding.

F

Fédération Hiéro Mulhouse

noumatrouff.fr

0

Noumatrouff is a cultural organization and music venue based in Mulhouse, France, operating as Fédération Hiéro Mulhouse. The website serves as a portal for concerts, rehearsal studio bookings, workshops, and membership subscriptions, targeting musicians and local music enthusiasts. The business model relies on event ticketing, studio rentals, and community engagement. The site links to partner platforms for ticket sales and studio reservations, indicating a collaborative ecosystem. Technically, the website is built on WordPress with common plugins for galleries, forms, and cookie management, reflecting a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and formal privacy policies. The absence of WHOIS data limits domain trust verification, though the website content and external references suggest legitimacy. Overall, Noumatrouff presents as a professional cultural entity with room for improvement in privacy and security transparency.

L

Le Squart Mulhouse

le-squart.fr

0

Le Squart Mulhouse is a small non-profit cultural association founded in 2016, focused on supporting artists in the Mulhouse region through professionalization of artistic projects, pedagogical workshops, and event organization. The website serves as an informational platform showcasing their services and mission to the local artistic community. Technically, the site is built on WordPress with common plugins such as Yoast SEO and SiteOrigin widgets, hosted by OVH, and demonstrates moderate performance and good mobile optimization. Security posture is basic with HTTPS assumed but lacking explicit security headers and privacy compliance documentation. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security measures.

L

La Kunsthalle, Centre d’Art Contemporain d’Intérêt National

kunsthallemulhouse.com

0

La Kunsthalle is a French contemporary art center operated by the city of Mulhouse, established since 2008. It serves as a cultural institution offering exhibitions, artist residencies, mediation programs, and publishing activities. The website targets the general public interested in contemporary art and is positioned as a nationally recognized center supported by public and regional cultural bodies. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Contact Form 7, and uses Google Analytics for visitor tracking. The site is moderately optimized for mobile and SEO, with a good content structure and navigation. Security-wise, the site uses HTTPS and domain registration protections but lacks DNSSEC and security headers, and does not provide explicit security or incident response policies. Privacy compliance is weak, with no cookie consent mechanism despite tracking scripts. Overall, the website is professional and trustworthy but could improve in privacy and security practices.

L

La Filature

lafilature.org

0

La Filature is a prominent cultural institution based in Mulhouse, France, hosting a variety of performing arts organizations including the Scène nationale, Orchestre symphonique de Mulhouse, Opéra national du Rhin, and a Médiathèque. It serves as a regional hub for theater, music, opera, dance, and library services, targeting a broad audience interested in cultural events. The website reflects a well-structured and professionally maintained digital presence with clear navigation and rich content showcasing upcoming events and organizational information. Technically, the website employs modern JavaScript frameworks such as StimulusJS and SwiperJS for interactive features and uses Google Tag Manager for analytics. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be improved. Performance is moderate, with no critical technical issues detected in the provided HTML content. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in the HTML. However, no explicit security headers were detected, and there is a lack of visible privacy, cookie, or incident response policies, which are important for compliance and user trust. The WHOIS data is unavailable, which slightly reduces domain trustworthiness but does not directly impact the legitimacy of the site given its professional content and clear contact information. Overall, La Filature's website is a reliable and professional platform for cultural engagement, with recommendations to enhance privacy compliance, security headers, and incident response transparency to further strengthen its security posture and user trust.

M

Mulhouse

mulhousecestvous.fr

0

Mulhouse C'est Vous is a French local government participatory platform operated by the Ville de Mulhouse, designed to facilitate citizen engagement, project collaboration, and community participation. The platform offers a variety of services including project proposals, consultations, event calendars, and newsletters targeting citizens, associations, municipal agents, and institutions within Mulhouse. The website is well-established since 2015 and maintains a consistent brand and professional content quality. Technically, it leverages modern web technologies such as React, Bootstrap, and Google APIs, integrated within a Symfony-based backend and the Cap Collectif participatory platform framework. Security posture is solid with HTTPS enforcement, CAPTCHA protection, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with comprehensive GDPR-aligned policies and a named Data Protection Officer. Overall, the site is trustworthy, well-maintained, and serves its public sector mission effectively.

L

Les Ateliers Grandis

lesateliersgrandis.fr

0

Les Ateliers Grandis is a French artisan manufacturer specializing in luxury clothing, with a strong heritage dating back to 1993. The company focuses on delivering refined, rare, and precious garments that reflect technical mastery and excellence in craftsmanship. Their market position is solid within the luxury fashion manufacturing sector, serving prestigious couture houses and emphasizing quality and tradition. The website reflects this positioning with professional design, clear navigation, and detailed business descriptions. Technically, the site is built on WordPress with modern plugins and libraries, optimized for mobile and SEO, and includes a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Overall, the site is trustworthy and professionally maintained, with clear contact information and social media presence supporting legitimacy.

V

Vacances Scolaires

vacances-scolaires.com

0

Vacances Scolaires is a specialized informational website dedicated to providing official French school holiday calendars for multiple years (2025-2027), covering metropolitan zones A, B, C, Corse, and overseas territories. The site targets parents, students, and educators seeking authoritative and up-to-date holiday schedules, offering downloadable PDFs and iCal files for easy integration into personal calendars. The business model relies primarily on advertising revenue and affiliate marketing partnerships. Technically, the site employs modern web technologies including Bootstrap 5, jQuery, FontAwesome, and Google Fonts, hosted on a reputable French hosting provider (o2switch). It integrates Google Adsense for monetization and Matomo for analytics, with a cookie consent mechanism ensuring GDPR compliance. Security posture is generally good with HTTPS enforced and basic protections, though minor backend PHP warnings and lack of explicit security headers suggest areas for improvement. The domain is newly registered in late 2023, consistent with the site's focus on future school years, and WHOIS data shows no suspicious patterns. Overall, the website is professional, trustworthy, and well-optimized for its niche audience.

Entreprendredanslorne.com is a regional business facilitation platform focused on supporting companies seeking to establish operations in the Orne department of Normandy, France. The website offers services including project accompaniment, real estate and land search, public aid identification, and networking with local actors. It positions itself as a key regional player providing a free and tailored support network for business implantation. The site is linked to regional government entities, enhancing its credibility. Technically, the website employs a modern front-end stack including Bootstrap 3.3.7, jQuery, Font Awesome, Google Fonts, and interactive components like FlexSlider and Owl Carousel. It integrates Google Analytics, Google Tag Manager, and SnapEngage chat for user engagement and analytics. Security measures include HTTPS with reCAPTCHA v3 on forms, but lack explicit security headers and cookie consent mechanisms. The security posture is moderate with good SSL configuration and secure form handling, but improvements are needed in security headers and privacy compliance. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and contact details suggest a legitimate regional business service. Overall, the site is professional and functional but would benefit from enhanced security and compliance transparency. Strategically, verifying domain registration and adding explicit privacy and security policies would strengthen trust. Enhancing security headers and cookie consent would improve compliance and user trust. Continued monitoring of third-party scripts and analytics is recommended to mitigate potential vulnerabilities.

P

Pays d'Argentan d'Auge et d'Ouche (P2AO)

p2ao.fr

0

Pays d'Argentan d'Auge et d'Ouche (P2AO) is a regional governmental entity focused on supporting local businesses and territorial development in the Argentan, Auge, and Ouche regions of France. The website serves as an informational portal providing event agendas and contact avenues for stakeholders. The business model is public administration with a focus on regional economic and community development. The site targets local businesses, residents, and regional partners. Technically, the website employs basic web technologies including jQuery and Google Analytics for user tracking. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. The absence of a CMS or modern frameworks suggests a simple, possibly custom-built site. No hosting provider or SSL configuration details were identified from the provided data. From a security perspective, the site uses a cookie consent banner indicating GDPR awareness but lacks visible privacy policies, terms of service, or security headers. WHOIS data is unavailable, which reduces domain trustworthiness. No WAF or blocking mechanisms were detected, and the site is accessible without restrictions. The security posture is moderate but could be improved by implementing HTTPS, security headers, and publishing clear privacy and incident response policies. Overall, the website is functional but basic, with room for improvement in content richness, security, and compliance documentation. The domain legitimacy is uncertain due to missing WHOIS data, but the content and contact information suggest a legitimate regional government presence.

F

France Travail

pole-emploi.fr

0

France Travail is a French governmental employment platform providing a comprehensive range of services including job offer searches, allocation and aid estimations, online registration for job seekers, and dedicated employer services. The website is well-branded, professionally designed, and targets job seekers and employers across France. It serves as a national public employment service with a large user base and extensive content offerings. Technically, the site uses modern web technologies including JavaScript frameworks, Dynatrace monitoring, and Piano Analytics for performance and user behavior tracking. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS enforced and secure form practices, though explicit security headers and incident response information are not visible. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site is trustworthy and safe, with no suspicious or adult content detected.

S

SHEMA

shema.fr

0

SHEMA is a French regional public-private mixed economy company specializing in urban development, public facility construction, and business real estate in Normandy. It serves local authorities and economic actors with a strong regional presence and a portfolio of ongoing projects. The website reflects a professional and well-structured digital presence with clear business information and modern technology use. The technical infrastructure is based on WordPress with performance optimizations and privacy compliance mechanisms in place. Security posture is good with HTTPS and cookie consent but lacks explicit security headers and incident response contacts. WHOIS data is missing, which slightly impacts trust but the overall legitimacy is supported by the website content and contact information. Strategic recommendations include enhancing security headers, publishing a security policy, and monitoring domain registration details.

A

AD Normandie

adnormandie.fr

0

AD Normandie is a regional economic development agency serving the Normandy region in France. The agency acts as a single point of contact for economic development and provides tailored support and aid to local businesses. The website reflects a professional government entity with a clear mission to assist companies in project formalization and implantation within Normandy. The digital infrastructure is built on a modern WordPress platform with SEO and analytics tools, indicating a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is trustworthy, well-branded, and compliant with GDPR requirements. No critical vulnerabilities or suspicious elements were detected.

D

Descartes Développement & Innovation

descartes-devinnov.com

0

Descartes Développement & Innovation (DDI) is a French organization focused on fostering innovation in sustainable urban development within the Paris-Est region. It operates as a technopole, providing information, promotion, networking, and project engineering services, alongside managing a fablab and an incubator. The website reflects a professional and modern digital presence built on WordPress with WooCommerce and Elementor, indicating a mature technical infrastructure. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though the absence of a public privacy policy and terms of service pages suggests room for compliance improvement. The lack of WHOIS data reduces domain trustworthiness, but the active social media presence and quality content support legitimacy. Overall, the site is well-positioned in its niche but should enhance transparency and compliance documentation.

The website at pepite3ef.fr is currently inaccessible due to a TYPO3 CMS configuration error related to the trusted hosts pattern, resulting in an HTTP 503 error page. This prevents access to any meaningful content or business information. The domain is registered through OVH, a reputable French registrar, with a creation date in 2014, indicating a mature domain age consistent with a small or medium-sized French entity. The hosting provider is OVH, and the CMS in use is TYPO3. No privacy, cookie, or terms of service policies are present, and no contact information or forms are accessible. The lack of accessible content and security headers limits the ability to fully assess the website's security posture or compliance status.

S

Santé publique France

santepubliquefrance.fr

0

Santé publique France is the official French national public health agency, providing authoritative information, surveillance, and prevention services related to public health. The website serves a broad audience including the general public, healthcare professionals, and policymakers. It is positioned as a key government institution in the healthcare sector in France, offering publications, studies, and health data. Technically, the site uses modern JavaScript libraries, Google reCAPTCHA for bot protection, and New Relic for performance monitoring, indicating a moderate level of digital maturity. The site is mobile-optimized and uses HTTPS, but lacks some advanced security headers and explicit privacy policy documentation in the provided content. Security posture is good with no evident vulnerabilities, but could be improved with better security headers and published incident response information. Overall, the site is trustworthy and professional, with a strong business credibility as a government entity.

I

Institut Technologique FCBA

fcba.fr

0

Institut Technologique FCBA is a French industrial technical center specializing in forestry, cellulose, wood construction, and furniture sectors. It provides a range of services including innovation support, environmental performance evaluation, training, laboratory testing, certification, and diagnostics. The organization targets professionals in these industries and holds recognized certifications such as Qualiopi, COFRAC, and ASI, positioning itself as a reputable technical institute in France. The website is built on WordPress with Elementor and uses modern web technologies including jQuery, Bootstrap, and various UI libraries. It features a cookie consent mechanism and is mobile-optimized with good navigation and content quality. However, some images have lazy loading errors, and explicit privacy and terms of service pages are not clearly found, indicating room for improvement in compliance and user experience. Security posture is moderate with HTTPS enabled and some security best practices observed, but lacks explicit security headers and a vulnerability disclosure mechanism. No WHOIS data was retrievable, limiting domain legitimacy verification, but the website content and structure suggest a legitimate and professional organization. Overall, the website is functional, professional, and trustworthy with recommendations to enhance privacy compliance, security headers, and user experience for improved trust and regulatory adherence.

I

Institut national de l’information géographique et forestière

ign.fr

0

The Institut national de l’information géographique et forestière (IGN) is a French government entity specializing in the production and dissemination of geographic and forestry data. The website serves a diverse audience including individuals, professionals, public policy actors, educators, and students. It offers a comprehensive range of cartographic services, data access, and applications, positioning itself as the authoritative national geographic data provider in France. The business model is public service-oriented, focusing on data accessibility and support for various user needs. Technically, the website is built on Drupal 10, leveraging modern web technologies such as JavaScript and CSS, with good mobile optimization and accessibility features. The site demonstrates moderate performance and good SEO practices. Security posture is strong with HTTPS enforced and appropriate security headers, although there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with privacy regulations including GDPR. The lack of publicly available WHOIS data is typical for .fr domains and does not detract from the legitimacy of the site. The presence of official contact information, social media channels, and comprehensive policies further enhance credibility. Strategic recommendations include enhancing security transparency and formalizing vulnerability disclosure mechanisms.

C

CHI Créteil

chicreteil.fr

0

The Centre Hospitalier Intercommunal de Créteil (CHI Créteil) is a large public healthcare institution serving the Créteil region in France. The website provides comprehensive information about the hospital's services, specialties, patient resources, and professional opportunities. It is well-positioned as a regional healthcare provider with a strong focus on accessibility, patient care, and medical expertise. The site also highlights research and teaching activities, indicating an integrated healthcare and academic mission. Technically, the website is built on WordPress with modern web technologies including jQuery, Slick Carousel, and Google Fonts. It uses Matomo analytics configured with privacy by design, and a robust cookie consent mechanism via Tarteaucitron, reflecting a mature approach to privacy compliance. The site is mobile-optimized and accessible, with clear navigation and professional design. From a security perspective, the site enforces HTTPS and employs cookie consent controls. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly present and should be implemented to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted. Overall, the website is trustworthy, professional, and compliant with GDPR and cookie regulations. The lack of WHOIS data is typical for .fr domains and does not detract from legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular updates to plugins and CMS to mitigate vulnerabilities.

A

Assistance publique - Hôpitaux de Paris (AP-HP)

aphp.fr

0

Assistance publique - Hôpitaux de Paris (AP-HP) is the largest public healthcare institution in Europe, operating 38 hospitals and serving millions of patients annually. The website provides comprehensive information on patient care, research, education, and innovation, targeting patients, healthcare professionals, researchers, and partners. The digital infrastructure is built on Drupal CMS with modern web technologies, ensuring good performance, accessibility, and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response details are not publicly available. WHOIS data is missing, which is unusual but likely due to AFNIC policies or privacy protection, not indicating malicious intent. Overall, the website is professional, trustworthy, and compliant with GDPR.

A

Anses - Agence nationale de sécurité sanitaire de l’alimentation, de l’environnement et du travail

anses.fr

0

Anses is the French national agency responsible for health safety in food, environment, and work sectors. It provides scientific expertise, risk assessment, regulatory decisions, and public communication. The agency holds a strong market position as a government authority with a large organizational size and a comprehensive digital presence. The website is built on Drupal 10 with modern frontend technologies and includes multilingual support. Privacy and cookie consent mechanisms are implemented effectively. However, WHOIS data is missing, which slightly impacts domain trustworthiness. The site demonstrates good security practices but lacks explicit security policy and incident response information.

É

École nationale des ponts et chaussées

enpc.fr

0

École nationale des ponts et chaussées is a prestigious French grande école specializing in engineering education, research, and professional training with a strong focus on ecological and digital transitions. The institution offers a wide range of programs including engineering degrees, masters, doctoral studies, and continuing education, supported by multiple research laboratories and international partnerships. The website reflects a mature digital presence with comprehensive content targeting students, researchers, and professionals. Technically, the site is built on Drupal CMS with modern JavaScript libraries and privacy-respecting analytics (Matomo). Security posture is strong with HTTPS, cookie consent mechanisms, and no visible vulnerabilities, although some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

SDIS34

sdis34.fr

0

SDIS34 is the official fire and rescue service for the Hérault department in France, providing essential public safety services including firefighting, rescue operations, prevention, and recruitment of volunteer and professional firefighters. The website serves as an information portal for residents and stakeholders, offering news, practical information, and access to services. The organization maintains a strong social media presence and uses modern web technologies to deliver content effectively. Technically, the website is built on WordPress with common plugins such as WPBakery Page Builder and Slider Revolution, integrating Google Maps for location services. The site is secured with HTTPS and employs standard security headers, reflecting a good security posture. Performance and mobile optimization are adequate, though accessibility could be improved. Security-wise, the site shows good practices like HTTPS enforcement and no visible vulnerabilities. However, the absence of explicit privacy, cookie, and terms of service pages, as well as missing WHOIS data, slightly reduce trust and compliance confidence. There is no visible incident response or vulnerability disclosure information. Overall, SDIS34's website is a professional and trustworthy public service platform with room for improvement in privacy compliance and transparency. Strategic recommendations include publishing comprehensive privacy and cookie policies, adding security and incident response information, and ensuring WHOIS data availability to enhance legitimacy and trust.

Tourisme Hérault operates an official regional tourism website promoting the Hérault region in Southern France. The site offers rich multimedia content, multilingual support, and detailed information about natural and cultural attractions, targeting tourists and holidaymakers. The business model focuses on tourism promotion and visitor engagement through surveys, videos, and inspirational content. Technically, the website is built on WordPress with Elementor and integrates modern analytics and tracking tools such as Google Tag Manager and Matomo. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers are not detected and no explicit incident response contacts are provided. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, the site is trustworthy and well-maintained but would benefit from improved transparency in domain registration and contact information.

M

Montpellier Tourisme

montpellier-tourisme.fr

0

Montpellier Tourisme operates as the official tourism promotion website for Montpellier, France, providing comprehensive information on local attractions, events, accommodations, and activities. The site targets tourists and visitors seeking to explore Montpellier and the surrounding region. It offers multi-language support and integrates booking and event management services to enhance user experience. Technically, the website employs a modern stack including WordPress CMS with a custom Woody theme, various JavaScript libraries, and third-party integrations such as Django Travel and touristic maps. The site is well-optimized for mobile devices and accessibility, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of publicly available WHOIS data and privacy policy reduces transparency slightly but does not detract significantly from the site's legitimacy. Overall, Montpellier Tourisme presents a professional, trustworthy, and user-friendly platform for tourism promotion.

The website 'Produire bio en Bretagne' serves as an informational and support platform dedicated to organic farming in the Brittany region of France. Operated by FRAB, it provides educational content, technical resources, testimonials, and event information to assist farmers considering or undergoing conversion to organic agriculture. The site is positioned as a regional authoritative resource with a clear focus on organic agriculture principles and practices. Technically, the website is built on WordPress using the Total theme and Visual Composer, with integrations such as Google Analytics and Revolution Slider. Hosting is provided by OVH, a reputable provider, and the domain registration is consistent with the business's history and location. Security posture is adequate with HTTPS enforced and some privacy considerations, though there is room for improvement in implementing security headers and explicit cookie consent mechanisms. Overall, the site is professional, well-branded, and trustworthy, targeting agricultural professionals and stakeholders in organic farming.

F

FNAB (Fédération Nationale d'Agriculture Biologique)

agribiolien.fr

0

Agribiolien.fr is a French-language online platform dedicated to organic farmers, providing a specialized marketplace for posting and searching bio-certified agricultural announcements such as sales of forage, land, animals, and agricultural equipment. The platform is supported by the FNAB (Fédération Nationale d'Agriculture Biologique) and partners with Agence Bio, positioning itself as a niche service within the organic agriculture sector in France. The website offers a user-friendly interface with search filters by region, department, and product categories, and includes a video presentation to assist users. Technically, the site employs standard web technologies including jQuery and Bootstrap, with moderate performance and good mobile optimization. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks advanced security headers and explicit incident response policies. The absence of WHOIS data suggests privacy protection, which is reasonable for this non-profit affiliated site. Overall, Agribiolien.fr demonstrates a solid business and technical foundation with room for security enhancements.

C

Chambres de Métiers et de l'Artisanat (CMA)

unmetierdeouf.fr

0

Un Métier de Ouf is a French educational platform launched in 2020, dedicated to promoting artisan trades such as mechanics, carpentry, cooking, and aesthetics. It targets young people and apprentices seeking career guidance in artisan professions. The website is affiliated with CMA France, a reputable organization supporting artisan trades. The platform offers video content and career resources to engage its audience and facilitate discovery of trades. Technically, the site is built using modern React and Next.js frameworks, hosted by OVH, and integrates analytics tools like Matomo, TikTok, and Facebook pixels. Privacy and cookie consent mechanisms are implemented, reflecting good compliance practices. Security posture is solid with HTTPS and no exposed vulnerabilities, though security headers and incident response policies could be improved. Overall, the site presents a professional, trustworthy, and user-friendly experience with clear branding and consistent content quality.