Security Directory

M

MSA

msa.fr

0

The website www.msa.fr/lfp represents the official online portal of the MSA (Mutualité Sociale Agricole), the French agricultural social security organization. It provides comprehensive social protection services including health insurance, family benefits, retirement pensions, and work accident coverage for agricultural workers and employers in France. The portal targets individuals, exploitants, employers, partners, and elected representatives within the agricultural sector. The business model is that of a government social security entity, serving a large user base with essential social services. The website is professionally designed with clear navigation and multiple service sections tailored to different user groups. Technically, the site is built on the Liferay CMS platform, utilizing modern JavaScript libraries such as YUI, jQuery, Bootstrap, and Clay components. It incorporates a secure login mechanism via OpenID Connect and includes a cookie consent banner, indicating attention to privacy compliance. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured navigation. From a security perspective, the site enforces HTTPS and uses secure authentication flows. While explicit security headers and policies are not visible in the HTML, the overall posture appears strong with no evident vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement in transparency and security communication. Overall, the website is a trustworthy and authoritative source for agricultural social security services in France. The lack of WHOIS data limits domain registration trust analysis but does not detract from the site's legitimacy given its government affiliation and professional presentation. Strategic recommendations include publishing privacy and security policies, adding security.txt for vulnerability reporting, and enhancing contact information for security incidents to strengthen trust and compliance.

T

Terre et Humanisme

terre-humanisme.org

0

Terre et Humanisme is a well-established French non-profit association dedicated to promoting agroecology and permaculture through education, solidarity projects, and expertise. With over 30 years of activity, it serves both individuals and professionals, leveraging a strong network of partners and animators. The website is professionally designed, content-rich, and provides multiple engagement channels including training, immersion stays, and an online store. Technically, the site is built on WordPress with modern plugins and integrations such as Google reCAPTCHA and Sendinblue for newsletters, hosted by Nuxit. Security posture is good with HTTPS and consent mechanisms, though improvements like DNSSEC and CSP headers are recommended. Overall, the site is trustworthy, compliant with GDPR, and provides a positive user experience.

F

Fondation pour la Nature et l’Homme

fondation-nature-homme.org

0

Fondation pour la Nature et l’Homme is a well-established French non-profit organization dedicated to environmental awareness and ecological solutions. The foundation operates multiple programs focused on biodiversity preservation, sustainable agriculture, responsible food consumption, and decarbonized mobility. It engages a broad audience including volunteers, donors, and citizens, leveraging digital platforms and partnerships to amplify its impact. The website reflects a mature digital presence with modern technologies and comprehensive content supporting its mission. Technically, the website is built on WordPress with advanced JavaScript frameworks like Alpine.js and HTMX, and integrates analytics tools such as Microsoft Clarity, Google Tag Manager, and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Security posture is good with HTTPS enforced and consent management implemented, though some security headers could be explicitly added for enhanced protection. The absence of WHOIS data limits domain registration trust verification, but the website's branding, certifications, and external references strongly support its legitimacy. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the foundation demonstrates a strong commitment to transparency, privacy compliance, and user engagement. Strategic recommendations include enhancing security headers, publishing a formal security policy and incident response information, and maintaining vigilance on third-party scripts. These steps will further strengthen trust and security posture.

O

ONERA

onera.fr

0

ONERA is the French national aerospace research center, established in 1995, with a strong market position as a leading government research entity in aerospace. The website reflects a mature digital presence with comprehensive content targeting researchers, industry professionals, and academic audiences. Technically, the site uses Drupal 10, Bootstrap 5, and Matomo analytics, ensuring modern standards and good performance. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though it lacks a dedicated security policy or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting ONERA's reputation as a credible research institution.

É

École normale supérieure Paris-Saclay

ens-paris-saclay.fr

0

École normale supérieure Paris-Saclay is a prestigious French Grande École specializing in higher education and research, particularly in fundamental sciences, engineering, and social sciences. It operates as part of the Université Paris-Saclay ecosystem and targets students, researchers, and academic partners. The website reflects a mature digital presence with comprehensive academic content, events, and testimonials, supporting its market position as a leading educational institution. Technically, the website is built on Drupal 9 with modern front-end libraries such as Bootstrap, jQuery, and Swiper, and employs Matomo analytics with privacy-conscious settings. The site is mobile-optimized, accessible, and SEO-friendly, indicating a well-maintained technical infrastructure suitable for its audience. From a security perspective, the site uses HTTPS and cookie consent mechanisms, but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or suspicious activities were detected. The WHOIS data confirms domain legitimacy and consistency with the institution's identity. Overall, the website presents a low-risk profile with strong compliance to privacy regulations and good user experience. Strategic improvements could include publishing security policies and enhancing security headers to further strengthen trust and resilience.

C

CentraleSupélec

centralesupelec.fr

0

CentraleSupélec is a prestigious French engineering school focused on delivering high-quality education and cutting-edge research. The institution offers a broad range of programs including bachelors, masters, doctorates, and executive education, supported by strong partnerships with industry and academia. The website reflects a mature digital presence with modern technologies such as Drupal 10, Matomo analytics, and a comprehensive cookie consent mechanism, ensuring compliance with GDPR and privacy standards. Security posture is solid with HTTPS and privacy-focused analytics, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and well-structured, serving a diverse audience including students, enterprises, researchers, and alumni.

T

TIMAC AGRO INTERNATIONAL

grasslandagro.com

0

TIMAC AGRO INTERNATIONAL is a well-established company specializing in soil, plant, and animal nutrition products, serving agricultural professionals globally. Founded in 1959 and headquartered in Saint-Malo, France, it operates as a subsidiary of Groupe Roullier. The company positions itself as a leader in sustainable agriculture solutions, offering fertilization, biostimulation, and animal production nutrition services. The website reflects a professional B2B business model targeting agribusinesses and farmers. Technically, the website is built on WordPress with Elementor, leveraging modern JavaScript libraries such as GSAP and jQuery. It integrates analytics tools including Matomo, Google Analytics (GA4), and Hotjar, with a robust cookie consent mechanism via Tarteaucitron, indicating good privacy compliance. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses cookie consent management, but lacks visible advanced security headers and does not publish a dedicated security policy or incident response contacts. The WHOIS data is missing, which reduces transparency about domain registration and ownership, though the website content and external references support legitimacy. Overall, the website is professional, secure, and privacy-conscious, but could improve transparency and security posture by publishing security policies and enhancing domain registration visibility.

L

Le Filament

le-filament.com

0

Le Filament is a small French technology company based in Toulouse, specializing in IT project management and integration of CRM and ERP tools, with a focus on open source solutions. The website reflects a professional and human-centric approach to digital transformation, targeting businesses seeking tailored IT services. The technical infrastructure is modern, utilizing the Hugo static site generator and hosted by Ikoula, a reputable French hosting provider. The site is well-structured, mobile-optimized, and SEO-friendly, though it lacks advanced accessibility features and some security best practices. Security posture is moderate; while HTTPS is presumably enabled (not explicitly confirmed), no security headers or vulnerability disclosures are present, and DNSSEC is not enabled. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced security and compliance documentation.

S

SAS NAAIA

naaia.ai

0

Naaia is a French-based SaaS company specializing in AI compliance, risk management, and governance solutions. Founded in 2022, it positions itself as a European leader and the first AIMS® provider, offering a platform to operationalize AI governance and compliance with global regulations. The company holds ISO 27001 and ISO 42001 certifications, reinforcing its commitment to security and AI management standards. The website is professionally designed, content-rich, and targets organizations deploying AI systems that require regulatory compliance and risk oversight. Technically, the website is built on WordPress with Elementor and integrates modern analytics and marketing tools such as HubSpot, Google Analytics, and Matomo. The hosting provider is Gandi SAS, and the domain registration details align well with the business identity. The site is mobile-optimized, accessible, and SEO-friendly, with a good performance profile. From a security perspective, the site enforces HTTPS, uses security headers, and demonstrates best practices through certifications and cookie consent mechanisms. However, DNSSEC is not enabled, and no explicit vulnerability disclosure or incident response contacts are provided. The absence of direct company emails or phone numbers on the site suggests reliance on contact forms for communication. Overall, Naaia presents a strong security posture and business credibility with minor areas for improvement in DNS security and transparency of incident response. The site content is safe for general audiences, with no adult or questionable material detected.

K

KaviAR Tech SAS

kaviar.app

0

KaviAR Tech SAS operates KaviAR.app, a cloud-based augmented reality platform combined with a mobile app that enables users to create interactive AR experiences without technical expertise. The company targets businesses and individuals seeking to enhance printed materials with digital content, democratizing augmented reality usage. Their market position is that of a niche SaaS provider focusing on ease of use and accessibility, supported by tiered subscription plans and a free trial. Technically, the website employs modern web technologies including Bootstrap, jQuery, and integrates marketing and analytics tools such as HubSpot and Google Analytics. The site is mobile optimized and well-structured, providing a professional user experience. Security posture is solid with HTTPS, reCAPTCHA Enterprise, and cookie consent mechanisms, though it lacks explicit security policies and advanced security headers. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and consistency. The site does not contain adult or questionable content and maintains good privacy compliance.

Artemisia Lawyers is a specialized law firm focused on environmental and human rights law, providing legal advice, assistance, and representation primarily to civil society actors in France and internationally. The firm offers services including legal consultancy, judicial representation, and practical training workshops, positioning itself as a boutique firm with a strong commitment to biodiversity, nature protection, and fundamental human rights. The website is professionally designed using the Jimdo CMS platform, featuring multilingual content and clear navigation, targeting associations and individuals engaged in environmental and human rights issues. Technically, the site uses standard Jimdo scripts and cookie control mechanisms, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and published security policies. WHOIS data is missing, raising concerns about domain registration legitimacy, though the website content and contact information appear professional and trustworthy. Overall, the site scores well on content quality and business credibility but should improve security practices and domain registration transparency.

M

Mon espace santé

monespacesante.fr

0

Mon espace santé is a French government-backed digital health platform designed to securely store and share personal and family health data. It serves over 20 million users and is positioned as a leading national health service. The platform offers key services including document storage, secure messaging with health professionals, and management of children's health profiles. Technically, the website uses modern JavaScript frameworks (Vue.js), is mobile optimized, and integrates privacy and cookie consent mechanisms. Security posture is strong with HTTPS, HDS certification for data hosting, and no visible vulnerabilities, though explicit security headers and incident response contacts could be improved. Overall, the platform demonstrates high professionalism, trustworthiness, and compliance with GDPR, making it a reliable service for French residents.

C

Commissariat à l’énergie atomique et aux énergies alternatives (CEA)

ceasciences.fr

0

The website represents the Direction de la Recherche Fondamentale (DRF) of the Commissariat à l’énergie atomique et aux énergies alternatives (CEA), a major French public research institution. It showcases extensive scientific research activities across multiple disciplines including physics, chemistry, biology, and health sciences, supported by a large community of over 6000 researchers. The site serves multiple audiences including researchers, institutional partners, journalists, and the general public, providing news, resources, and institutional information. The business model is focused on public research and innovation with strong ties to academic and industrial partners. Technically, the site is built on Microsoft SharePoint, leveraging standard web technologies and integrating Matomo analytics for user tracking and Google reCAPTCHA for bot protection. The infrastructure appears stable and professionally maintained, with moderate performance and basic mobile optimization. SEO and accessibility are adequately addressed, though some improvements could be made. From a security perspective, the site uses HTTPS and implements standard SharePoint security features such as form digest tokens. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident. Privacy compliance is good with a comprehensive GDPR-aligned privacy policy, but lacks a visible cookie consent mechanism. No incident response or vulnerability disclosure information is published. Overall, the website is trustworthy, professional, and aligned with the institutional identity of CEA. It poses low risk from a security and privacy standpoint but could enhance transparency and user consent mechanisms to improve compliance and user trust.

C

CEA-Leti

leti-cea.fr

0

CEA-Leti is a prominent French government research institute specializing in micro and nanotechnologies, focusing on applied research and innovation in wireless communication systems, biology and health, imaging, and micro-nano systems. The website reflects a well-established institution with a strong market position in technology research, supported by the Commissariat à l'Énergie Atomique et aux Énergies Alternatives (CEA). The site targets a broad audience including the general public, enterprises, journalists, and academic institutions. Technically, the website is built on Microsoft SharePoint, leveraging modern web technologies and analytics tools such as Matomo and Google reCAPTCHA for security. The security posture is solid with HTTPS enforced, though improvements could be made by adding security headers and cookie consent mechanisms. The absence of WHOIS data is noted but does not detract significantly from the site's legitimacy given its official nature and consistent branding. Overall, the site is professional, trustworthy, and serves as a comprehensive portal for CEA-Leti's research activities and partnerships.

C

CEA

prisonnier-quantique.fr

0

Le Prisonnier quantique is an educational interactive game developed and hosted by the French public research organization CEA. It aims to promote scientific and technical culture through a free browser-based adventure game targeting a general audience including students and educators. The website is well-branded with official CEA logos and partnerships, providing a trustworthy platform for educational content. Technically, the site uses standard web technologies with responsive design and integrates Matomo analytics for privacy-conscious user tracking. Security posture is adequate with HTTPS and no visible vulnerabilities, though security headers and explicit cookie consent mechanisms are missing. Contact information is limited to official CEA email addresses, supporting legitimacy but lacking phone or physical address details. Overall, the site is professional, secure, and suitable for its educational mission.

Terre Nourricière is a small French communication agency specializing in ethical and engaged communication services targeted at actors in environmental education, international solidarity, and peasant agriculture sectors. Their key offerings include web and mobile development, graphic design, video production, educational tools, and consulting/training services. The website presents a professional and consistent brand image with clear navigation and relevant content for their niche audience. Technically, the website uses modern front-end libraries such as Bootstrap 4.5.2, jQuery, Slick Carousel, and Typed.js, with Google Analytics for tracking. The site appears mobile-optimized and moderately performant. The CMS is likely SPIP based on URL patterns and form tokens. However, no advanced security headers or explicit privacy/cookie policies are present, and WHOIS data is unavailable, limiting domain transparency. Security posture is moderate with some best practices like honeypot anti-spam fields and CSRF tokens in forms, but lacks HTTP security headers and visible incident response contacts. Privacy compliance is weak due to missing policies and consent mechanisms. Overall, the site is safe and professional but would benefit from enhanced security and privacy measures. Recommendations include implementing security headers, publishing privacy and cookie policies with consent, improving WHOIS transparency, and adding incident response contacts to strengthen trust and compliance.

ZEDD is a small, French communication agency based in Grenoble specializing in responsible and sustainable communication services. The company positions itself as a pioneer in the Auvergne Rhône-Alpes region, offering consulting, creation, development, and maintenance services with a focus on eco-conception and digital responsibility. The website content is professionally presented in French, targeting organizations seeking sustainable communication solutions. Technically, the website uses modern web technologies including JavaScript, CSS, and SVG graphics, with the SPIP CMS platform. Hosting is local to Grenoble, leveraging a datacenter with a positive carbon footprint, reflecting the company's environmental values. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are present. No privacy or cookie policies are found, indicating gaps in GDPR compliance. Contact information is clearly provided, but no incident response or vulnerability disclosure mechanisms are visible. No tracking or advertising scripts were detected, suggesting minimal user tracking. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

A

AVISIA

avisia.fr

0

AVISIA is a French consulting firm specializing in data, artificial intelligence, and digital marketing solutions. Established since 2007, the company supports projects combining data and AI technologies to deliver decision-making solutions. The website reflects a professional and consistent brand presence targeting businesses seeking expert consulting in these domains. Technically, the site is built on WordPress using the Divi theme, incorporating modern web technologies such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible security headers and explicit privacy or security policies. WHOIS data is not publicly available, indicating privacy protection, which is common and justified for this business type. Overall, the site is trustworthy and professional but could improve transparency regarding privacy and contact information.

S

SNCF Group

groupe-sncf.com

0

SNCF Group is a leading global player in low-carbon mobility, specializing in passenger transport and freight logistics. The company operates internationally with a large workforce and a diversified portfolio of subsidiaries including SNCF SA, Keolis, and GEODIS. Their business model focuses on sustainable transportation solutions and mass transit services, positioning them as a world leader in their sector. The website reflects a mature digital presence with comprehensive content targeting various stakeholders such as job seekers, investors, journalists, suppliers, and travelers. Technically, the site leverages modern frameworks like Next.js and React, integrates advanced consent management and bot protection, and demonstrates good performance and accessibility standards. Security posture is strong with HTTPS and bot mitigation, though explicit security policies and incident response contacts are not published. The absence of WHOIS data is a notable anomaly but does not detract from the overall legitimacy indicated by the website content and branding. Strategic recommendations include enhancing transparency around security policies and improving WHOIS data availability for trust enhancement.

E

ENGIE

engie.fr

0

ENGIE France is a major energy company focused on accelerating the transition to a carbon-neutral world through renewable electricity and gas production, distribution, and infrastructure services. The website reflects a strong market position as a leader in solar, wind, and biomethane production in France, targeting individuals, professionals, enterprises, and public entities. The digital infrastructure uses modern technologies such as Tailwind CSS, GSAP, and Matomo analytics, with a custom ENGIE design system ensuring consistent branding and good user experience. Security posture is moderate with cookie consent implemented and no obvious vulnerabilities detected, though explicit security policies and headers are not evident. WHOIS data is unavailable likely due to privacy protection, but the website's professional presentation and linkage to official ENGIE domains support legitimacy. Overall, the site is well-designed, compliant with privacy regulations, and trustworthy, though improvements in security transparency and contact information availability are recommended.

C

CHRYSALIDE

cae29.coop

0

CAE 29 is a French cooperative organization under the legal entity CHRYSALIDE, founded in 2014, providing shared enterprise and employment cooperative services primarily in the Finistère region. The website serves as an informational and engagement platform for entrepreneurs and project holders seeking cooperative business support, administrative delegation, and training. The business model focuses on collective entrepreneurship and professional autonomy within a cooperative framework, positioning CAE 29 as a regional leader in this niche. Technically, the website is built on the SPIP CMS platform, hosted by Gandi SAS, and uses standard web technologies including JavaScript and CSS. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices and clear navigation. However, there is room for improvement in accessibility and modern security practices. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and explicit security headers. There is no cookie consent mechanism or detailed privacy policy, which may pose compliance risks under GDPR. No incident response or security policy information is published, and no analytics or tracking services are detected, indicating minimal user tracking. Overall, CAE 29 presents a trustworthy and professional online presence with a solid business foundation. Strategic improvements in security headers, DNSSEC, privacy compliance, and incident response transparency would enhance its security posture and regulatory adherence.

I

Interpole

mon-parcours-collaboratif.fr

0

Interpole is a small, community-driven educational platform based in France, focusing on collaborative work, digital tools, and commons creation. It integrates content from the 'Mon Parcours Collaboratif' project, providing resources and guides for collaborative project management and digital tool usage. The website uses YesWiki CMS with Bootstrap and FontAwesome, hosted by OVH, and presents good content quality and user experience. However, it lacks formal privacy, cookie, and security policies, and does not provide explicit contact information. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. The domain registration is consistent and legitimate, supporting trust in the platform. Overall, the website is safe, professional, and targeted at general audiences interested in collaborative digital work.

H

Hellowork

hellowork.com

0

Hellowork operates as a leading online job board and recruitment platform in France, offering a wide range of employment opportunities, CV management, job alerts, and recruitment services. The website targets job seekers and recruiters, positioning itself as a premier resource in the French employment market. The platform is well-branded and maintains a consistent professional image with strong social media integration and mobile app availability. Technically, the website employs modern web technologies including Turbo Frames, Tailwind CSS, and integrates multiple analytics and marketing tools such as Google Tag Manager, Piano Analytics, and Microsoft Clarity. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some security headers are missing. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, the absence of explicit security headers and lack of published security policies or incident response information indicate areas for improvement. The WHOIS data is unavailable, which raises questions about domain registration transparency but does not necessarily indicate illegitimacy given the site's professional presence. Overall, Hellowork presents a mature digital presence with strong business credibility and user engagement, though it would benefit from enhanced security transparency and domain registration clarity.

L

La Théorie du Boxeur

latheorieduboxeur.fr

0

La Théorie du Boxeur is a French documentary film project focusing on the impact of climate change on agriculture, particularly in the Drôme valley. The website serves as a platform to present the film and its investigative content about agricultural resilience and adaptation. The project appears to be a small-scale media initiative with a clear thematic focus on environmental and agricultural issues. The site is professionally designed using WordPress and the Divi theme, with good content relevance and user experience. However, the absence of WHOIS registrant data and lack of visible privacy or cookie policies limit the overall trust and compliance posture. Technically, the site uses modern web fonts and caching plugins but lacks visible security headers and detailed security configurations. No forms or direct contact information are present, which may hinder user engagement and trust. Overall, the site is safe for general audiences and provides valuable documentary content but would benefit from enhanced security and compliance features.

L

La Fabrique - Orange Business

eolas.fr

0

La Fabrique - Orange Business is a professional digital agency and web hosting provider focused on delivering sustainable, innovative, and high-performance digital solutions tailored to business needs. Positioned under the reputable Orange Business brand, it offers a comprehensive range of services including digital marketing strategy, web and e-commerce development, cloud hosting, and managed services. The website reflects a strong market position with clear branding, certifications, and a focus on trust and security. Technically, the website employs modern JavaScript libraries, a custom CMS, and integrates privacy-conscious analytics via Matomo Tag Manager without setting cookies. The site is mobile-optimized, accessible, and SEO-friendly, with a well-structured navigation and professional design. Cookie consent management is implemented using tarteaucitron.js, ensuring GDPR compliance. Security posture is solid with HTTPS enforced and secure form handling including CSRF tokens and CAPTCHA. However, explicit security headers are not evident, and no public security or incident response policies are published. WHOIS data for the subdomain is unavailable, but the domain is a subdomain of orange-business.com, supporting legitimacy. Overall, the website presents low risk with strong trust indicators, good privacy compliance, and professional business presentation. Strategic improvements include adding security headers, publishing a security policy, and providing direct contact information for incident response.

E

Even

even.fr

0

Even is a well-established agro-food cooperative group based in Brittany, France, with a long history dating back to 1997. The cooperative unites approximately 1,400 agricultural members and employs around 5,400 people, positioning itself as a significant player in the regional agro-food manufacturing sector. The website reflects a professional and consistent brand image, targeting agricultural producers, employees, and partners within the agro-food industry. The business model centers on cooperative principles, focusing on agricultural production, food processing, and brand management.

R

Réseau Haies

reseauhaies.fr

0

Réseau Haies France is a recognized national non-profit association dedicated to promoting trees, hedges, and agroforestry across France. It coordinates a network of 420 member organizations working on environmental and agricultural projects. The website is professionally designed using WordPress and the Divi theme, incorporating modern SEO and GDPR compliance tools. It features clear privacy and cookie policies with user consent mechanisms, and contact information including a Paris address and phone number. The technical infrastructure is solid, hosted by PLANETHOSTER, and uses standard web technologies including jQuery and Google Analytics. Security posture is good with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the site is trustworthy, compliant with privacy regulations, and serves its target audience effectively.

R

Réseau centres de soins de la faune sauvage

reseau-soins-faune-sauvage.com

0

The website 'Réseau des centres de soins de la faune sauvage' represents a French non-profit network coordinating wildlife care centers across metropolitan France and overseas territories. It serves as an informational and organizational platform for wildlife rehabilitation efforts, targeting a general audience interested in wildlife conservation. The site is built on WordPress using the Divi theme and incorporates SEO best practices via Yoast SEO, reflecting moderate digital maturity. Social media integration is evident, enhancing outreach and community engagement. However, the absence of WHOIS data raises concerns about domain registration legitimacy, which should be further investigated. Security posture is moderate with HTTPS implied but lacking explicit security headers and policies. Privacy compliance is weak due to missing privacy and cookie policies, and no direct contact information is provided on the homepage, limiting user trust and transparency. Overall, the site is functional and professionally presented but requires improvements in security, compliance, and domain legitimacy verification.

R

Réseau pour les Alternatives Forestières

alternativesforestieres.org

0

The Réseau pour les Alternatives Forestières is a French non-profit organization dedicated to promoting sustainable and alternative forestry practices. The website serves as a hub for community members, forest professionals, and associations interested in ecological forest management, offering training, events, publications, and a platform for collective forest management. The organization positions itself as a niche player focused on environmental stewardship and community engagement in forestry. Technically, the website is built on the SPIP CMS platform, utilizing modern JavaScript libraries such as jQuery, Leaflet for mapping, and Matomo for privacy-conscious analytics. The site is mobile-optimized with a good user experience and clear navigation, although accessibility features are basic. Cookie consent is managed via Tarteaucitron, reflecting compliance with GDPR requirements. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is unavailable due to query failure, likely indicating privacy protection, which is justified for this type of non-profit entity. Overall, the website presents a trustworthy and professional front with good content quality and privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen the security posture and user trust.

M

Mountain Wilderness France

mountainwilderness.fr

0

Mountain Wilderness France is a well-established non-profit organization dedicated to the protection and preservation of mountain environments. Founded in 1988, it operates primarily through volunteer engagement, advocacy, and educational initiatives to promote sustainable mountain use and conservation. The website reflects a mature digital presence with comprehensive content, clear navigation, and a strong focus on community involvement and environmental stewardship. Technically, the site uses modern web technologies including Craft CMS and Vue.js, with Matomo analytics for privacy-conscious user tracking. Security posture is generally good with HTTPS and CSRF protections, but lacks some security headers and cookie consent mechanisms. The absence of WHOIS data is a notable gap that impacts domain trustworthiness, though the organization's legitimacy is supported by its content and social media presence. Overall, the site is professional, trustworthy, and well-suited for its target audience of environmental advocates and volunteers.

R

Rivières Sauvages

rivieres-sauvages.fr

0

Rivières Sauvages is a French non-profit organization dedicated to protecting the last wild rivers in France and Europe through a conservation label and network. The website serves as an informational and engagement platform offering educational programs, scientific studies, publications, and multimedia content to support river conservation efforts. The organization targets environmental stakeholders, educators, and the general public interested in ecological preservation. Technically, the website is built on WordPress using modern plugins and themes, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and spam protection, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is partially met with a privacy policy but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with its mission, though improvements in security transparency and privacy mechanisms are recommended.

E

Emmaüs France

emmaus-france.org

0

Emmaüs France is a well-established non-profit organization dedicated to social inclusion and fighting exclusion through community support, reemployment, and ecological alternatives. Founded over 70 years ago, it holds a strong market position in France with a large network and a clear mission to empower vulnerable populations. The website reflects this mission with comprehensive content, clear navigation, and multiple engagement channels for donors, volunteers, and partners. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses privacy-respecting analytics (Matomo). It is hosted behind Cloudflare DNS and enforces HTTPS, ensuring a secure browsing experience. Security practices are good, with cookie consent mechanisms and domain transfer protections, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable digital presence for the organization.

C

Canopée

canopee-asso.org

0

Canopée is a French non-profit organization dedicated to protecting forests through expert investigations, advocacy, and citizen mobilization. Founded in 2018, it has established itself as a reference in forest protection with a small but agile team. The website reflects a mature digital presence with a WordPress CMS, modern analytics tools like Matomo and Microsoft Clarity, and a strong emphasis on privacy compliance via cookie consent and GDPR-aligned policies. Security posture is good with HTTPS and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data is mitigated by the professional and transparent nature of the site content and social proof. Overall, Canopée demonstrates a credible and trustworthy online presence aligned with its mission.

B

BLOOM Association

bloomassociation.org

0

BLOOM Association is a French non-profit organization dedicated to protecting the ocean, climate, and artisanal fishermen. Established in 2007, it operates as an advocacy NGO with a strong focus on scientific research, legal actions, citizen mobilization, and education. The website reflects a mature and professional digital presence with comprehensive content, including news, campaigns, events, and publications. The organization maintains active social media channels and provides donation and petition platforms through related domains. Technically, the site is built on WordPress with modern libraries and APIs, hosted by OVH sas, and optimized for SEO and mobile use. Security posture is good with HTTPS and domain protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is partial, with consent mechanisms present but no explicit privacy or cookie policy pages found. Overall, the site is trustworthy and well-positioned in its sector, with recommendations to enhance security headers, enable DNSSEC, and publish clear privacy and cookie policies.

8

82-4000 Solidaires

824000.org

0

82-4000 Solidaires is a French non-profit organization dedicated to providing access to high mountain leisure activities for people in situations of great precarity. The association organizes volunteer-led mountain stays in various French mountain regions, promoting solidarity, sharing, and human connection. The website is built on WordPress with a modern and responsive design, featuring rich content including event announcements, volunteer calls, and donation options. Technically, the site uses standard WordPress plugins and libraries, ensuring a stable and maintainable infrastructure. Security posture is good with HTTPS enforced, but lacks some security headers and formal policies such as privacy and cookie policies. WHOIS data is unavailable, limiting domain legitimacy verification. Overall, the site is professional and trustworthy but could improve privacy compliance and security transparency.

1

1% for the Planet

onepercentfortheplanet.fr

0

1% for the Planet is a globally recognized non-profit network that facilitates corporate philanthropy by encouraging companies to donate 1% of their annual revenue to approved environmental organizations. The website presents a professional and well-branded digital presence, targeting businesses and environmental nonprofits. It offers key services such as connecting companies with environmental causes and verifying donation commitments, positioning itself as a trusted intermediary in environmental philanthropy. Technically, the site is built on WordPress with modern optimizations including WP Rocket and Yoast SEO, ensuring fast performance, mobile responsiveness, and good accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit incident response policies are absent. The lack of WHOIS data slightly reduces trust but does not undermine the legitimacy indicated by the website content and branding. Overall, the site is professional, secure, and compliant with privacy regulations, serving a medium-sized non-profit entity in France.

C

Commissariat à l'Énergie Atomique et aux Énergies Alternatives (CEA)

cea.fr

0

The Commissariat à l'Énergie Atomique et aux Énergies Alternatives (CEA) is a major French governmental research organization focused on scientific and technological innovation in energy, defense, digital technologies, and health. The website reflects a well-established institution with a broad scope of research and innovation activities, targeting government, industry partners, researchers, and the general public. The site is professionally designed using Microsoft SharePoint, featuring multimedia content, clear navigation, and official branding. Technically, the site employs modern web technologies including HTTPS, Matomo analytics for privacy-conscious tracking, and Google reCAPTCHA for bot protection. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant. The WHOIS data is unavailable, likely due to AFNIC policies or privacy protection, but the domain and content strongly support legitimacy. Overall, the website is a trustworthy and authoritative source for information about CEA's research and innovation activities.

B

BRGM

brgm.fr

0

BRGM is the French national geological survey and a public institution specializing in geological research and management of soil and subsoil resources and risks. It holds a prominent position as the national reference in its sector, providing scientific and technical expertise to public and private stakeholders. The website reflects a mature digital presence built on Drupal 10, with privacy-conscious analytics via Matomo and a professional design optimized for accessibility and mobile devices. Security posture is strong with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. The absence of WHOIS data is a limitation but the domain and content align with a legitimate public entity. Overall, the site is trustworthy and serves its audience well.

U

Unicancer

unicancer.fr

0

Unicancer is a prominent French healthcare federation specializing exclusively in oncology, uniting 18 cancer treatment centers and affiliated establishments. The organization focuses on delivering comprehensive cancer care, patient support, and advancing clinical and translational research. Their market position is strong as the unique dedicated hospital network in France for cancer treatment, supported by a large workforce of over 25,600 professionals. The website reflects a mature digital presence with extensive content targeting patients, healthcare professionals, and researchers, emphasizing innovation and excellence in care. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, jQuery, and various JavaScript libraries for enhanced user experience. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which slightly impacts trust but is likely due to privacy protection. The website maintains comprehensive privacy and cookie policies compliant with GDPR. Social media presence on major platforms supports engagement and transparency. Overall, the site is professional, trustworthy, and well-aligned with its healthcare mission.

C

Centre Hospitalier Universitaire de Nîmes

chu-nimes.fr

0

The Centre Hospitalier Universitaire de Nîmes (CHU de Nîmes) is a major public university hospital serving the Gard region and neighboring departments in France. It provides comprehensive healthcare services including emergency care, consultations, hospitalizations, medical research, and professional training. The institution is large, with nearly 7,400 staff including medical and non-medical personnel, and operates across multiple sites. The website reflects a mature digital presence with a professional design, clear navigation, and accessibility features, targeting patients, healthcare professionals, researchers, and students. Technically, the website is built on the Drupal CMS platform, hosted by OVH, and incorporates modern web technologies such as Bootstrap and Swiper.js. It includes a cookie consent mechanism compliant with GDPR and uses Google Analytics for audience measurement. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site enforces HTTPS and employs cookie consent but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data confirms the domain's legitimacy with a long registration history and consistent registration details. Overall, the website demonstrates a strong security posture and compliance with privacy regulations, supporting the trustworthiness of the institution. Recommendations include enhancing security headers, publishing security policies, and adding a vulnerability disclosure mechanism to further improve security transparency.

É

École Nationale Supérieure de Chimie de Montpellier

enscm.fr

0

The École Nationale Supérieure de Chimie de Montpellier (ENSCM) is a reputable French public engineering school specializing in chemistry education and research. The website presents a professional and well-structured digital presence, targeting prospective students, researchers, and industry partners. It highlights the institution's long history since 1889, its international partnerships, and its position as the second leading chemistry engineering school in France. Technically, the site is built on WordPress, uses modern web technologies including jQuery and TinyMCE, and integrates Matomo analytics for user tracking. Security best practices such as HTTPS and security headers are implemented, though privacy and cookie policies are not clearly presented, indicating room for compliance improvement. Overall, the site is trustworthy, content-rich, and professionally maintained, supporting the institution's credibility and market position.

C

Campus France

campusfrance.org

0

Campus France is the official French government agency dedicated to promoting higher education and research opportunities in France to international students and researchers. The website serves as a comprehensive portal offering detailed information on study programs, research initiatives, scholarships, visa procedures, and student life in France. It targets international students, researchers, and institutional partners, positioning itself as a key facilitator of academic mobility and cooperation. Technically, the website is built on Drupal 10, leveraging modern web technologies such as jQuery UI and cookie consent management via tarteaucitron. The site is well-structured, mobile-optimized, and incorporates accessibility and SEO best practices. It integrates multimedia content including videos and interactive maps, enhancing user engagement. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms, and shows indications of standard security headers, although some headers could be explicitly verified or enhanced. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear GDPR-aligned policies and user consent management. Overall, Campus France's website demonstrates a high level of professionalism, trustworthiness, and technical maturity, supporting its mission as a government-backed educational promotion entity. The lack of WHOIS registrant details is typical for such domains and does not detract from its legitimacy. Strategic recommendations include enhancing explicit security headers and continuous monitoring of third-party scripts.

I

Institut de Recherche pour le Développement (IRD)

ird.fr

0

The Institut de Recherche pour le Développement (IRD) is a prominent French public research institute focused on sustainable development and scientific partnerships with countries in the Global South. The website reflects a mature digital presence with multilingual support, comprehensive content on research activities, and a strong emphasis on innovation and capacity building. The organization positions itself as a key player in international scientific cooperation and sustainable development research. Technically, the site is built on Drupal 10, leveraging modern analytics (Matomo) and cookie management tools (Tarteaucitron.js), ensuring compliance with privacy regulations such as GDPR. The website is mobile-optimized and exhibits good SEO and accessibility practices, though some improvements in accessibility compliance and security headers are recommended. Security-wise, the site uses HTTPS and cookie consent mechanisms effectively, but lacks explicit security policy documentation and incident response contacts. No vulnerabilities or suspicious activities were detected in the content or scripts. WHOIS data is not publicly available, consistent with French domain registration norms, and does not raise legitimacy concerns. Overall, the IRD website demonstrates a strong security posture, professional content quality, and good privacy compliance, making it a trustworthy and authoritative source in its domain.

I

Inserm

inserm.fr

0

Inserm is the French National Institute of Health and Medical Research, a leading public biomedical research organization dedicated exclusively to human health. It operates as a government-affiliated entity with a strong focus on advancing scientific knowledge, innovation in treatments, and public health research. The website reflects a mature digital presence with comprehensive content targeting both the general public and research professionals. The technical infrastructure is modern, leveraging WordPress CMS, CDN hosting, and privacy-respecting analytics. Security posture is strong with HTTPS enforcement and secure form handling, though some security headers could be explicitly confirmed or enhanced. Privacy compliance is robust with clear policies and consent mechanisms. Overall, Inserm's website demonstrates high professionalism, trustworthiness, and alignment with its public mission.

I

Inria

inria.fr

0

Inria is a well-established French national research institution specializing in computer science and applied mathematics. The website reflects a professional and consistent brand identity, targeting researchers, academics, and industry partners. The technical infrastructure is modern, leveraging Drupal 10 CMS and privacy-conscious Matomo analytics, with a cookie consent mechanism implemented via tarteaucitron.js. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements could be made by adding security headers and publishing explicit security policies. Overall, the domain registration and website content are consistent and legitimate, supporting a high trust level.

I

Ifremer

ifremer.fr

0

Ifremer is the French national institute dedicated to oceanographic research, focusing on marine ecosystem protection, sustainable resource management, and marine data sharing. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with a government research entity. Technically, the site uses Drupal CMS with modern JavaScript libraries and SVG graphics, optimized for mobile and accessibility. Security posture is strong with HTTPS, security headers, and no evident vulnerabilities, though explicit security policies and incident response information are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy and professional, serving a broad audience including scientists, policymakers, and the public.

Q

Quae

quae-open.com

0

Quae-Open is an educational platform providing open access to scientific books primarily in the natural sciences domain. The website offers a catalog of over 300 books available for free download in PDF and ePub formats, targeting researchers, academics, and authors. The platform supports multilingual access (English and French) and includes author support and newsletter subscription features. Technically, the site uses modern web technologies including jQuery, Bootstrap, Matomo analytics, and Google Tag Manager, with a responsive design and good SEO practices. Security posture is solid with HTTPS and CSRF protections, but lacks some advanced security headers and explicit privacy policy documentation. The absence of WHOIS data for the domain is a notable concern for legitimacy and trust, although the site links to a known publisher domain, mitigating some risk. Overall, the site is functional, professional, and trustworthy for its educational purpose but would benefit from improved transparency and security disclosures.

Domorrow is a family philanthropic endowment fund established in 2020 by the family of Bruno Rousset, operating under the parent company Evolem. The fund supports projects focused on ecological transition and sustainable agriculture, targeting non-profit organizations and project leaders in these sectors. The website is professionally designed using WordPress with modern SEO and privacy-compliant features, including a cookie consent mechanism and a comprehensive privacy policy. The technical infrastructure is robust, hosted by Hosteur SARL, and employs privacy-respecting analytics via Matomo. Security posture is good with HTTPS enforced, though some security headers and explicit policies are missing. No contact emails or phone numbers are directly listed, with contact primarily via a support form. Overall, the site is trustworthy, well-branded, and aligned with its stated mission.

E

ENOWE

enowe.com

0

ENOWE is a French family investment structure founded in 2013, focused on supporting entrepreneurial projects with a strong commitment to positive social and environmental impact. The company positions itself as a responsible investor emphasizing innovation, growth, and excellence. The website reflects a professional and consistent brand image, targeting entrepreneurs and investors interested in sustainable and impactful ventures. The business model revolves around providing investment and support to projects aligned with their values of audacity, trust, benevolence, and rigor. Technically, the website is built on WordPress with modern performance optimizations such as WP Rocket and lazy loading. It uses Yoast SEO for search engine optimization and includes structured data for enhanced search presence. The site is mobile optimized and loads quickly, providing a good user experience. Hosting is provided by OVH sas, a reputable provider. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks advanced security headers and explicit security policies. No cookie consent mechanism or detailed privacy compliance statements are present, which may pose compliance risks under GDPR. No incident response or vulnerability disclosure information is publicly available. The WHOIS data is consistent with the business history, showing no privacy protection and a domain age appropriate for the company. Overall, the website is professional and trustworthy but could improve in privacy compliance and security transparency. Strategic recommendations include implementing cookie consent, publishing security policies, enabling DNSSEC, and adding security headers to enhance trust and compliance.