Security Directory

C

Chronopost

chronopost.fr

0

Chronopost is a leading French express parcel delivery company serving both individual and professional customers. The website offers comprehensive information about their services, including parcel tracking, online postage, and specialized delivery options such as Shop2Shop. The company is part of the Geopost group, which is reflected in the website branding and footer links. Technically, the website is built on Drupal 10 with modern libraries and includes cookie consent and tracking mechanisms. Security posture is good with HTTPS and secure forms, though explicit security headers and incident response contacts are not published. The absence of WHOIS data limits domain trust assessment but the website content and branding strongly indicate legitimacy. Overall, the site is professional, user-friendly, and compliant with privacy regulations.

A

Artel

artel-solutions.biz

0

Artel is a French company founded in 2017 specializing in telematics solutions, likely targeting businesses in transportation and fleet management sectors. The website analyzed is primarily a login portal for their telematics platform, indicating a B2B service model focused on vehicle tracking and fleet management. The company's market position appears niche, serving specialized telematics needs. Technically, the website uses AngularJS and Angular Material frameworks and is hosted on AWS infrastructure, suggesting a modern but somewhat dated frontend technology stack. The site lacks public-facing content such as privacy policies, cookie consent mechanisms, or terms of service, which limits transparency and compliance visibility. Security posture is basic with no detected security headers or advanced protections, and no incident response or vulnerability disclosure information is available. Overall, the website is functional but lacks comprehensive security and privacy features, which could impact trust and compliance.

A

Arval BNP Paribas

arval.com

0

Arval BNP Paribas is a leading global provider of full-service vehicle leasing and innovative mobility solutions, operating as part of the BNP Paribas Group. The company targets businesses and fleet managers seeking sustainable and efficient vehicle leasing options, emphasizing corporate social responsibility and sustainable mobility. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with its corporate identity. Technically, the site is built on Drupal 10, integrates Google Tag Manager for analytics, and uses OneTrust for cookie consent management, indicating a modern and privacy-aware infrastructure. Security posture is strong with HTTPS enforcement, Content Security Policy with nonce, and cookie consent mechanisms, although explicit security policies and incident response contacts are not prominently published. The absence of WHOIS data is a notable anomaly but does not detract significantly from the site's legitimacy given the strong corporate signals and external references. Overall, the site is professional, secure, and compliant with privacy regulations, serving its business audience effectively.

E

ESTIA

estia.fr

0

ESTIA is a reputable French engineering school specializing in generalist and international trilingual engineering education. It is a member of the Groupe ISAE and affiliated with the CCI Bayonne Pays Basque. The institution offers a broad range of engineering programs, including preparatory cycles, bachelor, master, and specialized master's degrees, with a strong emphasis on international partnerships and research innovation. The website reflects a professional and well-established educational entity with comprehensive content and clear navigation. Technically, the website is built on TYPO3 CMS, uses modern analytics tools like Matomo and Google Analytics, and implements cookie consent mechanisms compliant with GDPR. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The WHOIS data is unavailable, likely due to privacy protection, but the domain and website content align with a legitimate educational institution. Overall, ESTIA demonstrates a strong security and compliance posture with clear privacy policies, certifications, and contact information. The site is trustworthy and professionally maintained, serving its educational mission effectively.

C

CitizenPlane

citizenplane.com

0

CitizenPlane is a technology company providing an operating system and flight distribution platform tailored for airlines and tour operators. Their flagship products, Zenith and Air, enable airlines to optimize revenue, manage offers, and distribute flights through major online travel agencies and metasearch engines. The company positions itself as a global player with offices in France, Singapore, Brazil, and Panama, serving hundreds of airline customers worldwide. The website reflects a professional and modern digital presence built on Webflow, with strong branding and clear messaging focused on the airline industry. Technically, the website employs modern web technologies including Webflow CMS, Google reCAPTCHA for form security, and Amazon S3 for asset hosting. The site is mobile-optimized, fast-loading, and well-structured for SEO. However, some security best practices such as explicit security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, the site uses HTTPS and includes CAPTCHA protections on forms, indicating a baseline security posture. The absence of WHOIS data for the domain is a concern, suggesting either recent registration or privacy protection, which slightly reduces trustworthiness. No critical vulnerabilities or exposed sensitive data were detected. Privacy and terms of service documents are provided, indicating attention to compliance, though cookie consent is lacking. Overall, CitizenPlane's website presents a credible and professional business with a solid technical foundation. Strategic improvements in security headers, cookie consent, and transparency around domain registration would further strengthen trust and compliance.

N

Notino, s.r.o.

notino.fr

0

Notino.fr is a large European e-commerce retailer specializing in perfumes, cosmetics, and beauty products. The website offers a wide range of products with fast delivery and virtual try-on features, targeting consumers in France. The company presents itself professionally with consistent branding and comprehensive privacy and cookie policies. Technically, the site uses modern frameworks such as React and integrates multiple analytics and marketing tools, ensuring good performance and SEO optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly available. WHOIS data is not accessible, likely due to privacy protection, which is common for commercial sites. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

R

Regeneron

regeneron.fr

0

Regeneron is a leading biotechnology company dedicated to the invention, development, and commercialization of transformative medicines for serious diseases. The website reflects a mature and professional digital presence, leveraging Salesforce Experience Cloud and modern web technologies to deliver a rich user experience. The company targets patients, healthcare professionals, and the scientific community with comprehensive content and clear navigation. Technically, the site employs a robust tech stack including Salesforce LWR, Google Tag Manager, and OneTrust for privacy compliance, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, strict Content-Security-Policy headers, and no detected vulnerabilities, although explicit security policies and incident response information are not publicly available. Overall, the site demonstrates high business credibility and compliance with GDPR and cookie regulations, making it a trustworthy and professional online presence.

U

Ubisoft Entertainment S.A.

ubisoftconnect.com

0

Ubisoft is a leading global video game publisher and developer, operating the Ubisoft Connect platform which provides a multi-platform ecosystem for player services including game management, social features, rewards, and cross-platform progression. The website is professionally designed, mobile-optimized, and uses modern web technologies such as React and Algolia for search. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy and legal policies are comprehensive and GDPR compliant, with clear links to data protection officer resources. WHOIS data is unavailable, likely due to registry restrictions or privacy measures, but the website's branding and external references strongly support legitimacy. Overall, Ubisoft Connect represents a mature, enterprise-level digital service platform with a high level of trust and professionalism.

L

Lexip

lexip.co

0

Lexip is a French-based e-commerce company specializing in premium gaming accessories and peripherals, including controllers, headsets, keyboards, mice, and limited edition collector items. Positioned as one of the main French manufacturers in this niche, Lexip targets professional and enthusiast gamers seeking high-quality gaming hardware. The website is built on a modern WordPress infrastructure utilizing WooCommerce for e-commerce capabilities, Elementor for design, and integrates marketing automation tools such as Sendinblue and Klaviyo. The site demonstrates good content quality, branding consistency, and a professional user experience, although explicit privacy and cookie policies are not readily found. From a security perspective, the website enforces HTTPS and uses security plugins like Wordfence, but lacks visible security headers and explicit incident response or security policy information. No WHOIS data is available due to privacy protection, which is common for commercial sites but limits domain trust verification. The site does not exhibit any adult or questionable content and is accessible without WAF or blocking mechanisms. Overall, Lexip presents a credible and professional e-commerce platform with moderate technical maturity and security posture. Improvements in privacy compliance documentation, security header implementation, and clearer contact information would enhance trust and compliance.

F

Fulllife

full.life

0

Fulllife is a French e-commerce company specializing in eco-responsible streetwear apparel targeted at the gaming community. The website presents a professional and consistent brand image with a focus on sustainability and gaming culture. The business operates primarily online using a Magento-based platform, integrating various marketing and analytics tools such as Google Tag Manager, Klaviyo, and Adobe Commerce SDK. The domain is registered with Scaleway SAS in France since 2018, aligning well with the company's profile and market presence. Technically, the website employs a modern e-commerce stack with responsive design and moderate performance. However, there is room for improvement in security practices, including enabling DNSSEC, implementing security headers, and publishing comprehensive privacy and cookie policies. No WAF or blocking mechanisms were detected, indicating full accessibility. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and formal incident response or vulnerability disclosure information. Privacy compliance is weak due to missing policies and consent mechanisms, which could expose the company to regulatory risks. Overall, the website is functional and credible but would benefit from enhanced security and privacy compliance measures to strengthen trust and regulatory adherence.

U

Ubisoft Entertainment

forhonorgame.com

0

Ubisoft Entertainment operates the official website for the game 'For Honor', a multiplayer melee action game available on multiple platforms including PlayStation, Xbox, and PC. The website serves as a comprehensive hub for game information, updates, community engagement, and digital sales. Ubisoft is a well-established global game publisher with a strong market position and a large enterprise footprint. The website demonstrates a mature technical infrastructure leveraging modern web technologies such as React, Google Tag Manager, and OneTrust for consent management, ensuring a performant and user-friendly experience. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance evident through detailed policies and cookie consent mechanisms. No critical vulnerabilities or suspicious activities were detected. WHOIS data for the domain is unavailable, likely due to registry or privacy policies, but the website's trustworthiness is supported by multiple trust signals and official branding. Overall, the site is professional, secure, and compliant, serving its target audience effectively.

U

Ubisoft

assassinscreed.com

0

Ubisoft is a leading global video game developer and publisher, with the Assassin's Creed franchise being one of its flagship properties. The website serves as a comprehensive portal for fans and gamers, offering detailed information about the games, news updates, merchandise, and community engagement. The site is well-branded, professionally designed, and optimized for both desktop and mobile platforms, reflecting Ubisoft's strong digital maturity. Technically, the site leverages modern web technologies including React, Contentful CMS, and integrates third-party services such as Algolia for search and YouTube for video content. Security best practices are observed with HTTPS enforcement and appropriate security headers, although WHOIS data is not publicly available due to registry restrictions, which is common for large brands. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Overall, the site demonstrates a high level of professionalism, trustworthiness, and user engagement.

U

Ubisoft Entertainment

rainbow6.com

0

Ubisoft Entertainment is a leading global video game developer and publisher, known for its flagship title Tom Clancy's Rainbow Six Siege X. The company operates an extensive digital platform offering multiplayer tactical shooter experiences across multiple platforms including PC, PlayStation, and Xbox. Ubisoft maintains a strong market position with a large enterprise footprint and multiple international subsidiaries. The website reflects a mature digital infrastructure leveraging modern web technologies such as React and Google Tag Manager, with comprehensive privacy and cookie management aligned with GDPR requirements. Security posture is robust with HTTPS enforcement and security headers, though public security policies and incident response contacts are not prominently disclosed. WHOIS data is unavailable likely due to registry restrictions, but the website's branding and external references strongly support its legitimacy. Overall, Ubisoft demonstrates a high level of professionalism, technical maturity, and compliance suitable for its industry and audience.

V

Visma

visma.fr

0

Visma is a leading provider of cloud software solutions designed to simplify and transform the daily operations of accounting firms and businesses across Europe and Latin America. The company offers a broad portfolio of SaaS products targeting enterprises, accounting offices, and entrepreneurs, emphasizing innovation and ease of use. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site leverages modern JavaScript libraries, Webflow CMS, and CDN hosting to deliver fast and responsive user experiences. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance evidenced by detailed privacy and cookie policies. However, the absence of WHOIS registration data is a notable anomaly that warrants further verification. Overall, Visma's website demonstrates a high level of professionalism, trustworthiness, and technical sophistication suitable for an enterprise-grade software provider.

I

International World Wide Web Conference Committee

iw3c2.org

0

The International World Wide Web Conference Committee (IW3C2) is a small, non-profit organization founded in 1994 and incorporated in 1996 under Swiss law, historically responsible for managing the WWW Conference series. Since 2022, the organization transitioned its mission to managing funds for awards related to conference publications, ceasing its association activities in 2025 with ACM/SIGWEB assuming responsibility. The website serves primarily as an archival and informational resource for the Web research community, hosting conference archives and award information. Technically, the website is built on basic HTML, CSS, and JavaScript without modern frameworks or CMS, hosted by OVH sas. The site is accessible and moderately optimized for mobile and SEO, though it lacks advanced accessibility features and modern performance optimizations. Security posture is basic, with HTTPS enabled but missing DNSSEC and security headers. No privacy or cookie policies are published, and no contact or incident response information is provided. Overall, the security posture is adequate for an informational archival site but would benefit from improvements in security headers, DNSSEC, and privacy compliance. The domain registration is consistent and trustworthy, reflecting the organization's long history and legitimacy. No adult or questionable content is present, making the site safe for general audiences. Strategic recommendations include enhancing security configurations, publishing privacy and cookie policies, and improving mobile and accessibility features to align with modern standards and user expectations.

Z

ZML

zml.ai

0

ZML is a technology company specializing in high performance AI inference solutions that enable deployment of any AI model on any hardware platform. The company positions itself as an open-source leader with a strong community presence on GitHub and Discord, targeting developers and enterprises seeking efficient AI model serving. Their platform emphasizes performance, hardware agnosticism, and ease of deployment. Technically, the website is built on modern frameworks like Next.js and React, hosted with Cloudflare DNS and CDN services, and integrates analytics tools such as HubSpot and Google Tag Manager. Security posture is solid with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy and cookie policies exist but are basic, and no terms of service are found. Overall, the site is professional, well-designed, and trustworthy with moderate user tracking and marketing integrations.

S

samusocial International

samu-social-international.com

0

Samusocial International is a well-established non-profit organization founded in 1998, dedicated to combating social exclusion in major cities worldwide. The organization acts as an initiator and incubator for aid services targeting highly excluded populations. The website reflects a mature digital presence with multilingual support, comprehensive content, and active social media engagement. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and user interaction, hosted by Nuxit with a domain age consistent with the organization's history. Security posture is good with HTTPS and reCAPTCHA usage, though some security headers and DNSSEC are missing. Privacy compliance is basic, lacking explicit cookie consent mechanisms despite tracking. Overall, the site is professional, trustworthy, and serves its non-profit mission effectively.

G

Génération Mer

generationmer.org

0

Génération Mer is a French non-profit organization dedicated to the preservation and protection of the oceans. The website serves as a platform for raising awareness, organizing workshops, seminars, literary and poetry contests, and sharing educational resources. It targets a general audience interested in environmental issues and ocean conservation. The organization positions itself as a community-driven movement with partnerships including Lions International and Bibliothèques sans frontières. Technically, the website is built on WordPress using the Elementor page builder, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though security headers and explicit privacy policies are lacking. The WHOIS data is unavailable or privacy protected, which is common for non-profits but slightly reduces trust. Overall, the website is professional and trustworthy, but improvements in privacy compliance and security best practices are recommended.

L

Le Labo des histoires

labodeshistoires.com

0

Le Labo des histoires is a French non-profit association dedicated to promoting creative writing among youth aged 6 to 25. It operates nationally with over 3000 workshops annually and offers training for facilitators. The website is professionally designed using WordPress and modern web technologies, with good SEO and mobile optimization. Security posture is solid with HTTPS and domain protection flags, though it lacks DNSSEC and security headers. Privacy and cookie policies are missing, representing compliance gaps. Contact is primarily via a web form, and social media presence is strong. Overall, the site reflects a credible and established organization with room for improvement in privacy and security disclosures.

N

Nicotine+

nicotine-plus.org

0

Nicotine+ is an open source software project providing a graphical client for the Soulseek peer-to-peer network. The project targets users of Soulseek and open source contributors, offering a lightweight and feature-rich alternative client. The website is well structured with good SEO metadata and clear information about the software, its development, and community involvement. The domain is long-standing and registered with OVH in France, consistent with the project's history. Technically, the site uses Jekyll for static site generation, Python and GTK for the client software, and is hosted by OVH. The website performance is moderate with basic mobile optimization and accessibility. No CMS beyond Jekyll is detected. The site lacks advanced security headers and DNSSEC is not enabled, which are areas for improvement. No analytics or tracking scripts are present, indicating minimal user tracking. Security posture is moderate; the site uses HTTPS but lacks security headers and DNSSEC. The Soulseek protocol itself is unencrypted, which is disclosed on the site. No privacy or cookie policies are provided, representing a compliance gap. No contact information or incident response contacts are listed, limiting transparency. Overall, the website is trustworthy and professional for an open source project but should improve privacy and security practices to enhance compliance and user trust.

A

Arsys Internet S.L.U.

arsys.fr

0

Arsys Internet S.L.U. is a well-established European technology company specializing in domain registration, web hosting, cloud services, and managed IT solutions. With over 25 years of experience, Arsys targets businesses and individuals primarily in France, Spain, Portugal, and English-speaking markets. Their offerings include domain sales, professional email, WordPress and ecommerce hosting, VPS and dedicated servers, and comprehensive cloud solutions with a focus on European data sovereignty. Technically, the website demonstrates a mature digital infrastructure with modern web technologies, responsive design, and integration of advanced analytics and error monitoring tools such as Sentry and Tune. The presence of structured data enhances SEO and business transparency. The hosting environment appears robust, likely leveraging their own or Ionos infrastructure, ensuring fast performance and good accessibility. From a security perspective, the site enforces HTTPS and uses secure cookie settings, with no visible vulnerabilities or exposed sensitive data. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR. Overall, Arsys presents a trustworthy and professional online presence with strong business credibility and technical maturity. The lack of WHOIS data due to privacy protection slightly reduces domain trust but is justified for this business type. Strategic recommendations include enhancing security header implementation, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen security posture and customer trust.

I

Inpart

inpart.io

0

Inpart is a specialized platform focused on facilitating science partnering within the biopharma, scientific, and academic sectors. The company positions itself as a trusted partner offering an end-to-end platform that enables connection, networking, and execution of deals among scientific decision-makers and research entities. The website demonstrates a professional and modern digital presence, leveraging advanced web technologies such as SvelteKit and integrating analytics tools like Google Tag Manager and Google Analytics. Structured data is well implemented to enhance SEO and business visibility. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks explicit security headers and published security policies, which could be improved to strengthen trust and compliance. Privacy compliance indicators such as privacy and cookie policies are not found in the provided content, representing an area for enhancement. Overall, the website is well designed, accessible, and trustworthy, with a moderate to high security posture and a clear business focus on healthcare and technology sectors.

I

Inpart

in-part.com

0

Inpart operates as a specialized SaaS platform facilitating scientific partnering, primarily targeting the biopharma, scientific, and academic sectors. The company positions itself as a trusted partner offering solutions to connect, network, and execute collaborations efficiently. Their market presence is supported by a global vetted network including top R&D firms and academic institutions, emphasizing their role in accelerating innovation and commercialization in healthcare and biotechnology. Technically, the website leverages modern web technologies such as SvelteKit and integrates Google Tag Manager for analytics, indicating a contemporary and maintainable digital infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience and discoverability. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks explicit security headers and published privacy or cookie policies, which are important for compliance and trust. No incident response or vulnerability disclosure information is provided, which could be improved to enhance security posture and transparency. Overall, the website is professional, trustworthy, and well-designed, with a moderate to high security posture. The absence of WHOIS registrant data is mitigated by consistent business information and structured data on the site. Strategic improvements in privacy compliance and security best practices are recommended to further strengthen trust and regulatory adherence.

G

Gustave Roussy

gustaveroussy.fr

0

Gustave Roussy is a leading European cancer center specializing in oncology treatment, research, and patient support. The website reflects a mature organization with a strong focus on innovation, patient care, and clinical research. It serves patients, healthcare professionals, researchers, and donors with comprehensive information and services including clinical trials, education, and fundraising. Technically, the site is built on Drupal 7 with modern tracking and consent tools like Matomo and Cookiebot, ensuring GDPR compliance and user privacy. The security posture is solid with HTTPS and cookie consent, though improvements in security headers and vulnerability disclosure are recommended. Overall, the site is professional, trustworthy, and well-structured, supporting Gustave Roussy's market position as a premier cancer institute.

C

Cure51

cure51.com

0

Cure51 is a specialized TechBio company focused on cancer research and drug discovery by leveraging a unique database of cancer survivors known as Outliers. The company collaborates with leading international oncology centers and renowned scientific leaders to develop precision medicine tools and novel therapeutic targets. Their market position is that of an innovative and credible player in the healthcare and biotechnology sectors, with a strong emphasis on scientific rigor and partnerships. Technically, the website is built on a modern React and Next.js stack, hosted and registered via Cloudflare, and uses Matomo for privacy-conscious analytics. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR indicators. Overall, Cure51 presents a trustworthy and professional online presence with minor security and compliance improvements recommended to enhance trust and resilience.

H

HEC Paris

hec.edu

0

HEC Paris is a globally recognized business school offering a wide range of educational programs including Master's degrees, MBA, Executive Education, and specialized masters. The institution targets students, academics, and business professionals worldwide, maintaining a strong market position through comprehensive program offerings and international partnerships. The website reflects a mature digital presence with a professional design, clear navigation, and mobile optimization. Technically, it is built on Drupal CMS with modern analytics and consent management tools, ensuring compliance with privacy regulations such as GDPR. Security posture is solid with HTTPS enforcement and privacy-focused analytics, though explicit security headers could be improved. The absence of WHOIS data is a notable anomaly but does not detract from the overall legitimacy and professionalism of the site. Contact is primarily facilitated through web forms rather than direct emails or phone numbers. Overall, the site demonstrates a high level of digital maturity and trustworthiness.

Fluux is a realtime messaging platform offering Software as a Service (SaaS) built on industry standards such as XMPP and MQTT. Owned and operated by ProcessOne, a French technology company founded in 2016, Fluux targets developers and businesses requiring scalable, robust realtime communication infrastructure. The platform supports a variety of use cases including dashboard analytics, connected devices, data processing, user chat, bots, and machine learning integration. The website presents a professional and consistent brand image aligned with its parent company, ProcessOne, and highlights trusted clients and open source technology foundations. Technically, the site uses modern JavaScript libraries, Google Analytics with fingerprinting, and responsive design, indicating a mature digital presence. Security posture is good with TLS 1.3 and AES256 encryption claims, but lacks explicit published security policies and security headers. Privacy compliance is limited by absence of explicit privacy and cookie policies. Overall, Fluux demonstrates a solid business and technical foundation with room for improvement in transparency and security documentation.

W

Webamp · Winamp 2 in your browser

webamp.org

0

Webamp.org is a niche technology website offering a browser-based reimplementation of the classic Winamp 2 media player using HTML5 and JavaScript. The site targets general users interested in retro media player experiences without requiring software installation. The business model appears to be open source or community-driven with no direct monetization evident. The domain is registered since 2018 with a long expiry date and hosted on reputable NS1 nameservers, indicating a stable technical foundation. The website employs modern web technologies and tracking tools such as Google Analytics and Tag Manager but lacks visible privacy or cookie policies and explicit consent mechanisms. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and formal policies. Overall, the site is safe and professional but would benefit from enhanced privacy compliance and transparency.

C

codecalm

tabler.io

0

Tabler is a well-established open source project and commercial provider of responsive HTML admin templates and UI kits based on Bootstrap 5. The company, codecalm, founded in 2018 and based in France, offers a rich set of UI components, layouts, icons, and illustrations targeting developers and designers building web applications and dashboards. The website demonstrates a high level of technical maturity, leveraging modern frameworks such as Next.js and Bootstrap 5, and integrates multiple analytics platforms for user insights. Security posture is solid with HTTPS enforced and domain registration protections in place, though some improvements in security headers and privacy compliance (notably cookie consent) are recommended. Overall, the site is professional, trustworthy, and well-positioned in the UI kit market.

L

Le collectif du « Conseil du Langage Neutre »

pronoms.fr

0

Pronoms.fr is a French-based, volunteer-driven, open-source project focused on promoting inclusive and non-binary language through examples of personal pronouns and neutral language usage. It offers users the ability to create and share personalized pronoun cards, supports multiple languages, and fosters community engagement through social media and a dedicated queer calendar. The project is positioned as a niche educational and social inclusion resource within the LGBTQ+ community and language activism space. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with integration of Shopify for e-commerce functionalities. It leverages Cloudflare for DNS and possibly CDN services, uses Google Fonts and Font Awesome for UI, and employs Plausible Analytics for privacy-respecting visitor tracking. The site is well-optimized for mobile devices, accessible, and SEO-friendly, reflecting a mature digital infrastructure for a small community project. From a security perspective, Pronoms.fr enforces HTTPS, implements key security headers, and avoids exposing sensitive data. However, it lacks a visible cookie consent mechanism and formal security or incident response policies, which are recommended for compliance and transparency. No vulnerabilities or suspicious activities were detected, indicating a strong security posture for its scale. Overall, Pronoms.fr presents a trustworthy, professional, and community-oriented platform with excellent content quality and technical implementation. Strategic improvements in privacy compliance and formal security documentation would further enhance its credibility and user trust.

O

OVH SAS

equestria.social

0

Equestria.social is a niche Mastodon social network instance catering to fans of little ponies, providing a federated social media platform for community interaction. The site leverages the Mastodon platform version 4.3.10 and is hosted by OVH SAS, a reputable French hosting provider. The website presents a consistent and professional branding aligned with Mastodon's open-source social networking ethos. Technical infrastructure is modern, utilizing React and SVG graphics, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain status protections, though DNSSEC is not enabled and security headers are absent. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. No direct contact information or incident response policies are visible on the explored page. Overall, the site is trustworthy and well-maintained, serving a small but active user base within the Mastodon fediverse.

The website onenetbeyond.org is currently inaccessible or blocked, presenting only a minimal placeholder page with the message: 'You have reached this page because your request could not be properly identified.' This prevents any meaningful extraction of business or service information from the site itself. The domain is registered to Associazione AI ODV, a French organization, with a long registration history dating back to 2005, indicating an established entity. However, the lack of accessible content and absence of privacy, cookie, or contact information significantly limit the ability to assess the business model or market position. From a technical perspective, no information about the technology stack, CMS, or hosting beyond the nameservers is available. The site appears to be hosted on servers related to investici.org. No security headers or SSL configuration details were provided, and no analytics or tracking technologies were detected. The minimal content and lack of metadata suggest poor SEO and user experience. Security posture evaluation is constrained by the lack of accessible content and technical data. No privacy policies, incident response contacts, or security frameworks are evident. The domain registration data is consistent and legitimate, but the absence of website content and security best practices lowers the overall trust and security score. The site is likely behind a generic blocking mechanism or misconfigured server, resulting in a low AI score and high risk for users seeking information. Overall, the website requires significant improvements in accessibility, content provision, security policies, and compliance documentation to be considered trustworthy and professional.

E

Elena Rossini

elenarossini.com

0

Elena Rossini's website serves as a professional portfolio and advocacy platform for her work as an Italian filmmaker, photographer, and diversity advocate based in Paris, France. The site highlights her notable documentary 'The Illusionists' and her activism focused on social justice and media representation. The business model centers on freelance filmmaking, content creation, and educational outreach through blogs and newsletters. The website is well-positioned within a niche market of socially conscious media production and advocacy, targeting film enthusiasts and diversity supporters. Technically, the site is built on WordPress using the Salient theme and WPBakery Page Builder, with SEO optimization via Yoast SEO and analytics through Plausible Analytics. Hosting is supported by a CDN, and the site is mobile-optimized with good performance. However, there is room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS with a secure domain registration status but lacks DNSSEC and security headers. There are no visible vulnerabilities or exposed sensitive data. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Contact information is available, but no formal security or incident response policies are published. Overall, the website is professional, trustworthy, and content-rich, with minor gaps in privacy compliance and security best practices. Strategic improvements in these areas would enhance user trust and regulatory adherence.

M

Mopigames

mopigames.gay

0

This website represents a personal portfolio and blog for an individual developer known as Mopigames, a lesbian MtF transgender girl living in France. The site serves as a personal branding platform with links to social media and community sites, targeting a general audience interested in technology and personal content. The domain is newly registered in 2024 with privacy protection, consistent with the personal nature of the site. Technically, the site uses standard HTML, CSS, and JavaScript with Cloudflare DNS services. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but no additional security headers or policies present. No privacy, cookie, or terms of service policies are found, indicating low privacy compliance. Contact information is clearly provided via email and social media links. No forms or data collection mechanisms are present, reducing risk exposure. The content is safe for general audiences with no adult or explicit material detected. Overall, the site is a small personal project with moderate professionalism and trustworthiness. Security and privacy improvements are recommended to enhance compliance and user trust.

M

Mastodon Hostux

hostux.social

0

Mastodon Hostux is an independent Mastodon social networking instance based in France, established in 2017. It targets users interested in federated social media, privacy, and free software, offering microblogging services within the fediverse. The platform is managed by individuals named alarig and valere and hosts approximately 489 active users. The website uses modern web technologies including Ruby on Rails and React, providing a responsive and user-friendly experience with good content relevance and navigation clarity. However, privacy compliance is basic, with no detected cookie consent or terms of service pages, which may pose regulatory risks in GDPR jurisdictions. Security posture is moderate with HTTPS enforced but lacks DNSSEC and security headers. The domain registration is consistent and legitimate, supporting trust in the platform's authenticity.

M

mizu.js | Lightweight HTML templating library for any-side rendering

mizu.sh

0

The website mizu.sh presents an open-source JavaScript/TypeScript library named mizu.js, designed for lightweight HTML templating across multiple runtimes including browsers, Deno, Node.js, and Bun. The project emphasizes simplicity, flexibility, and cross-platform compatibility, targeting developers seeking an efficient templating solution without the overhead of complex frameworks. The site offers detailed documentation, interactive playgrounds, and code examples demonstrating server-side rendering and static site generation capabilities. Technically, the site is well-structured, mobile-optimized, and uses modern web technologies, hosted by OVH SAS with a recently registered domain. Security posture is moderate, with domain registration protections but lacking DNSSEC and security headers. Privacy compliance is minimal, with no visible privacy or cookie policies. Overall, the site is professional and trustworthy for its niche audience but could improve security and privacy transparency.

R

RaRu.Re

raru.re

0

RaRu.Re is a small, community-driven Mastodon instance hosted in France, providing decentralized social media services within the Fediverse. The platform is operated by a small team of administrators and funded primarily through personal contributions and voluntary tips. The website offers clear information about its community, federation policies, and operational transparency, targeting Mastodon users seeking a cozy, friendly social media environment. Technically, the site runs Mastodon version 4.4.2 on a Ruby on Rails backend, hosted on Scaleway servers in Paris. The frontend uses modern JavaScript modules with integrity checks, and the site is mobile-optimized with good navigation and design quality. However, some accessibility and SEO features are basic, and no cookie consent mechanism is implemented despite having a privacy policy. From a security perspective, HTTPS is enforced with good SSL configuration, and daily backups are performed. Federation moderation policies help manage nuisance communities. However, the absence of explicit security headers and published incident response policies indicates room for improvement. Direct messages are explicitly noted as insecure for sensitive communication. Overall, RaRu.Re presents a trustworthy and well-maintained community Mastodon instance with moderate technical maturity and a good security posture. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance its risk profile and user trust.

S

Sebastien HELLEU

weechat.org

0

WeeChat.org is the official website for WeeChat, a mature, open-source, extensible chat client primarily focused on IRC and Jabber protocols. Founded in 2005 and maintained by Sebastien HELLEU, the project targets technical users and developers seeking a customizable, lightweight chat client with multi-server support and scripting capabilities. The website reflects a strong community-driven model with donation support and active development evidenced by recent version releases and roadmap events. Technically, the site is built on modern web standards using Bootstrap and jQuery, hosted by OVH sas in France, and optimized for performance and mobile responsiveness. Security posture is adequate with HTTPS usage and CSRF protection on forms, but lacks DNSSEC and explicit security headers, and no published security or privacy policies were found. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the project. Recommendations include enhancing security headers, publishing privacy and cookie policies, and adding vulnerability disclosure information to improve trust and compliance.

O

ooooooooooooooooooo

oooooooooooooo.ooo

0

The website at https://oooooooooooooo.ooo/ presents as a minimal placeholder page with no meaningful business content or contact information. The domain is registered through OVH with a creation date in 2016 and is hosted behind Cloudflare DNS services. The site lacks privacy policies, cookie consent mechanisms, terms of service, and any security or incident response disclosures. Technically, the site uses basic JavaScript and Google Fonts but does not implement modern security headers or DNSSEC. The content is limited to repeated characters and does not provide any business or service information, resulting in low trust and credibility scores. Overall, the site appears to be either a test or placeholder domain rather than an active business presence.

U

updown.io – Website monitoring, simple and inexpensive

updown.io

0

updown.io is a small technology company founded in 2012, offering simple and inexpensive website monitoring services primarily targeted at website owners, developers, and IT professionals. The business model is SaaS-based, focusing on uptime and performance monitoring. The website presents a professional and consistent brand image with good design quality and user experience, although it lacks visible privacy and cookie policies as well as contact information in the provided content. Technically, the site uses modern web standards with HTTPS enabled and DNS hosted by Constellix, but DNSSEC is not enabled, and security headers are not evident. The security posture is moderate with room for improvement in security best practices and compliance documentation. WHOIS data shows a consistent and legitimate domain registration with a long registration period and no suspicious patterns, supporting business credibility. Overall, the website is functional and trustworthy but would benefit from enhanced privacy compliance and security disclosures.

The website brodokk.space serves as a personal homepage for an individual known as Brodokk, who identifies as a Fennec fox persona. The site highlights personal and professional programming activities, server management, and participation in various online communities and projects. The content is straightforward, primarily textual with some images, and links to multiple social media and community platforms. The website is small-scale and targeted at a general audience interested in technology and creative online communities. From a technical perspective, the site is built with basic HTML and CSS, hosted by Gandi SAS, and does not use any advanced frameworks or CMS. The site is moderately optimized for mobile devices and accessibility but lacks advanced SEO and performance optimizations. No analytics or advertising technologies are detected, indicating a privacy-conscious or minimalistic approach. Security posture is basic; the domain uses HTTPS (implied by the URL), but no DNSSEC is enabled, and no security headers are present. There are no forms or data collection points, reducing attack surface but also limiting user interaction. The WHOIS data is transparent and consistent with the website's personal nature, with no privacy protection used. No privacy or cookie policies are present, which is a compliance gap. Overall, the website is low risk, safe for general audiences, and serves as a personal portfolio and community hub. Strategic recommendations include improving security headers, adding privacy and cookie policies, enabling DNSSEC, and enhancing mobile and accessibility features to improve user experience and compliance.

E

eldritch.cafe

eldritch.cafe

0

Eldritch.cafe operates as an independent Mastodon instance providing decentralized social media services primarily targeting queer, feminist, and anarchist communities, with a focus on French-speaking users. The platform emphasizes community moderation, inclusivity, and amplifying marginalized voices. It maintains a small but active user base and is hosted by Fedi Monster in France. The website content is bilingual and includes detailed moderation guidelines, credits, and legal notices consistent with French law. Technically, the site runs on a Glitch-soc fork of Mastodon, leveraging modern web technologies such as React and JavaScript. The infrastructure is moderately performant and mobile-optimized, though accessibility and SEO features are basic. Hosting and domain registration are consistent and legitimate, with HTTPS enabled and domain transfer protections in place. However, DNSSEC is not enabled, and security headers are absent, indicating room for improvement in security hardening. From a security perspective, the instance enforces clear community rules prohibiting hateful conduct, harassment, misinformation, and illegal content. While no explicit security policy or incident response contacts are published, the moderation team is transparent and active. Privacy compliance is adequate with a privacy policy present, but the absence of a cookie consent mechanism is a minor gap. No vulnerabilities or suspicious patterns were detected in the analysis. Overall, eldritch.cafe presents a trustworthy, community-driven social media platform with a solid technical foundation and clear governance. Strategic enhancements in security headers, cookie consent, and incident response transparency would further strengthen its security posture and compliance standing.

L

lymkwi

vulpinecitrus.info

0

VulpineCitrus is a personal blog operated by an individual named lux, a PhD student with interests in networking, programming (notably Rust), Linux development, and cycling. The website serves as a platform for sharing technical knowledge, personal writings, and photography. It targets a general audience interested in technology and personal insights rather than commercial customers. The business model is non-commercial, focusing on content sharing and community engagement. The site is small-scale and niche, with a consistent brand identity and clear contact information.

S

SensioLabs

sensiolabs.com

0

SensioLabs is a well-established technology company founded in 2006, recognized as the creator of the Symfony PHP framework. The company specializes in providing expert consulting, training, and software products focused on Symfony and PHP development. Positioned as a leader in the Symfony ecosystem, SensioLabs serves developers and enterprises seeking to accelerate their web and e-commerce projects with Symfony expertise. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content about their services and products. Technically, the site employs modern JavaScript frameworks and analytics tools, hosted by a reputable registrar, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain transfer protections, though some security headers and explicit policies could be improved. Overall, SensioLabs demonstrates high business credibility and trustworthiness with visible client logos and a strong community footprint.

S

Soblow Xaselgio

xaselgio.net

0

Indigo's den is a personal blog operated by Soblow Xaselgio, an individual based in France, focusing on niche topics such as technology, self-hosting, and personal reflections with a unique branding as an indigo dragoness. The website is built using the Hugo static site generator and hosted by OVH sas, featuring a clean, well-structured design with good mobile optimization and fast performance. The site integrates decentralized social media links and supports webmentions, reflecting a modern and privacy-conscious approach. Security posture is solid with HTTPS enabled and resource integrity checks, though it lacks DNSSEC and visible security headers. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the site is trustworthy and well-maintained for a personal blog but could improve compliance and security headers.

I

Ipregistry

ipregistry.co

0

Ipregistry is a technology company specializing in IP address data services, including geolocation and threat intelligence. Established in 2019 and based in France, it serves over 23,000 organizations globally, offering scalable API solutions for IP data enrichment, fraud prevention, and cybersecurity. The company positions itself as a reliable and accurate provider in the IP data market, supported by a strong customer base and professional branding. Technically, Ipregistry leverages modern web technologies, Cloudflare CDN for hosting and security, and provides a fast, mobile-optimized user experience. The website integrates JSON-LD structured data, uses Crisp chat for customer engagement, and employs Cloudflare analytics for performance monitoring. The technical infrastructure reflects a mature and well-maintained digital presence. From a security perspective, the site enforces HTTPS, uses Cloudflare protections, and implements secure input validation. However, DNSSEC is not enabled, and explicit security policies or incident response contacts are not published. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, Ipregistry presents a low-risk profile with a professional, trustworthy online presence. Strategic recommendations include enabling DNSSEC, publishing a security policy and incident response contacts, and adding a security.txt file to enhance vulnerability disclosure transparency.

X

XCG Consulting

xcg-consulting.fr

0

XCG Consulting, a subsidiary brand under Orbeet, specializes in ERP software integration and consulting services, with a strong focus on the Odoo platform. Founded in 2008, the company offers tailored software solutions to improve business processes for enterprises seeking comprehensive management systems. The website presents a professional and clear depiction of their services, targeting businesses in France and potentially broader markets. Technically, the site employs modern JavaScript libraries and analytics tools, with good mobile optimization and SEO practices, though some security enhancements are recommended. Security posture is moderate, with HTTPS enforced but lacking DNSSEC and explicit security headers. Privacy compliance is basic, with privacy and cookie policies present but no explicit consent mechanisms. Overall, the site is trustworthy and credible, with transparent WHOIS data aligning with the business entity. Strategic improvements in security and privacy policies would enhance the company's digital maturity and trustworthiness.

The website stunprotocol.org represents an open source project named STUNTMAN, which provides a STUN server implementation for NAT traversal and WebRTC applications. The project is authored by John Selbie and has been active since 2012. It offers downloadable binaries and source code for multiple platforms including Unix/Linux, MacOS, and Windows (via Cygwin). The site targets developers and organizations requiring STUN server software and related client libraries. The business model is based on open source distribution under the Apache 2.0 license, positioning itself as a niche technology provider in the networking software space. Technically, the website uses a combination of C++ for the server software and React 17 with JavaScript for the frontend interface. Hosting appears to be on Amazon AWS infrastructure, inferred from DNS nameservers. The site includes Google Analytics for traffic monitoring but lacks cookie consent mechanisms. Mobile optimization and accessibility are basic but functional. The site design is simple and consistent, focusing on content delivery rather than advanced UI/UX features. From a security perspective, the domain is registered since 2012 with consistent WHOIS data and no privacy protection, indicating transparency. However, the site lacks DNSSEC, security headers, and explicit HTTPS enforcement details, which are areas for improvement. No privacy or cookie policies are present, which impacts compliance with GDPR and other privacy regulations. The use of Google Analytics without consent mechanisms further reduces privacy compliance. No incident response or vulnerability disclosure policies are found. Overall, the website is a legitimate, small-scale open source project site with good business credibility and moderate technical implementation. Security posture and privacy compliance require enhancements to meet modern standards. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and improving consent mechanisms to enhance trust and compliance.

F

Framasoft

joinpeertube.org

0

JoinPeerTube.org is the official website for PeerTube, a decentralized, open-source video hosting platform developed by the French non-profit organization Framasoft. The platform offers an alternative to centralized Big Tech video services by enabling users to create independent video hosting sites interconnected via a federated network using ActivityPub. The website clearly targets users and content creators interested in privacy-respecting, ad-free, and community-driven video hosting solutions. Technically, the site is built with modern web technologies including Vue.js, WebRTC, and ActivityPub protocols, and is hosted by Gandi SAS. The site is well optimized for mobile and desktop, with excellent design and user experience. Security posture is good with HTTPS enforced and minimal tracking, but lacks explicit security headers and published security policies. Privacy compliance is limited by the absence of explicit privacy and cookie policies. Overall, the domain registration and WHOIS data align well with the organization’s identity, supporting high legitimacy and trustworthiness.

Smol Pub is a small, privacy-focused blogging platform launched in 2021, offering users a minimalistic service to manage posts via web and command line interfaces. It supports multiple protocols including Web, Gemini, and Gopher, and emphasizes no JavaScript, ads, or tracking technologies. The platform targets users seeking simple, privacy-conscious blogging solutions with features like image storage, custom CSS, and custom domain SSL support. Technically, the site uses basic HTML and CSS without advanced frameworks or CMS, hosted under a registrar in France with DNS services from DNSimple. Performance and mobile optimization are basic but functional. Security posture is moderate with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is minimal, limited to a single email address. Overall, the site is legitimate and consistent with its business profile but would benefit from enhanced security and compliance documentation.