Security Directory

F

Fondation L'Oréal

forwomeninscience.com

0

The website forwomeninscience.com represents the Fondation L’Oréal's initiative in partnership with UNESCO to promote and support women in science globally. It features comprehensive programs including international awards and regional initiatives aimed at empowering women scientists and encouraging young girls to pursue scientific careers. The site is well-branded, professionally designed, and provides rich content including multimedia and detailed program descriptions. Technically, the site uses modern web technologies such as Google Tag Manager, reCAPTCHA, and OneTrust for cookie consent, ensuring a good level of user experience and privacy compliance. Security posture is solid with HTTPS and anti-bot measures, though explicit security policies and incident response contacts are not published. The absence of WHOIS data is a notable anomaly, potentially indicating privacy protection or registry issues, which slightly impacts trustworthiness. Overall, the site is a credible and authoritative resource in its domain, with room for improvement in transparency of security and contact information.

O

Optimum by Shiftmove

optimum-automotive.com

0

Optimum by Shiftmove is a European specialist in connected vehicle and mobility solutions, offering a comprehensive 360° platform for car fleet management. The company provides modular and scalable SaaS solutions that help businesses and public organizations optimize fleet costs, reduce carbon footprint, and improve operational efficiency. Since its integration into SHIFTMOVE in 2024, Optimum has expanded its offerings to include employee travel and goods management. The website demonstrates a mature digital presence with modern technologies, strong branding, and clear business messaging. Security posture is good with HTTPS and privacy compliance via Usercentrics CMP, though explicit security policies and incident response information are not publicly available. The domain WHOIS data is missing or privacy protected, which slightly reduces trust but does not outweigh the professional presentation and business legitimacy. Overall, Optimum presents as a credible and professional fleet management solution provider with a solid technical foundation and compliance awareness.

The Courage Foundation is an established international non-profit organization founded in 2013, dedicated to supporting whistleblowers and journalists who face persecution. The website serves as a platform for advocacy, fundraising, and public awareness campaigns, particularly focusing on high-profile cases such as Julian Assange. The organization targets activists, supporters of press freedom, and the general public interested in human rights. Technically, the site is built on WordPress with common plugins for contact forms and donations, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, and no formal privacy or cookie policies are published. Contact information is limited but includes verified email addresses and social media links. Overall, the site is professional, trustworthy, and content is safe for general audiences.

A

Abilian SAS

abilian.com

0

Abilian SAS is a French-based small technology company specializing in open source software solutions focused on collaboration, business process management, and information management. Established in 2004, the company targets public sector organizations, higher education institutions, associations, and enterprises. Their business model centers on publishing innovative open source software to accelerate development and improve competitiveness for their clients. The website reflects a niche market position with a professional and consistent brand presence, supported by active social media channels and a GitHub repository indicating ongoing development activity. Technically, the website employs modern JavaScript libraries such as htmx and hyperscript, uses FontAwesome for icons, and integrates analytics tools like Matomo and Umami. The site is custom-built without a common CMS, hosted likely under the domain registrar Gandi SAS. Performance and mobile optimization are moderate to good, with basic accessibility and SEO features. However, some security best practices such as DNSSEC and security headers are missing, and no explicit cookie consent or privacy policy pages are present, indicating room for improvement in compliance. From a security perspective, the site uses HTTPS and has domain transfer protections, but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious content were detected. The overall security posture is moderate but could be enhanced by implementing recommended security headers, cookie consent, and transparency around data protection. Overall, Abilian.com presents as a trustworthy, professional business website with solid technical foundations but with some gaps in privacy compliance and security transparency. Strategic improvements in these areas would strengthen their risk profile and user trust.

O

oldbytes.space

oldbytes.space

0

OldBytes.space is a niche Mastodon instance dedicated to retrocomputing enthusiasts and related communities. It operates as a small, community-driven social media platform within the fediverse, leveraging Mastodon Glitch Edition software. The instance is hosted on dedicated servers by Hetzner with media assets hosted separately on Wasabi, indicating a technically sound infrastructure. The website content is well organized, providing clear information about the community, rules, and donation options. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the domain registration is stable and trustworthy, supporting the legitimacy of the service.

F

FédiMon

fedi.monster

0

Fedi.monster is an ethical, anarcho-communist collective providing hosting services for fediverse social media instances such as Mastodon, Pixelfed, and GoToSocial. The organization focuses on affordable, reliable, and community-driven hosting without reliance on corporate or predatory entities. Their market position is niche, targeting communities and individuals seeking ethical and non-commercial social media hosting solutions. The business operates transparently with finances managed via OpenCollective and offers flexible pricing plans with daily backups and export options. Technically, the website uses standard HTML5, CSS frameworks like Pure.css and Fork Awesome, and JavaScript for interactivity. The site is mobile-optimized with good design and navigation but lacks advanced frameworks or CMS. Performance is moderate with basic SEO and accessibility features. Hosting provider details are not explicitly stated, but the domain registrar is Key-Systems LLC. Security posture is moderate; the domain has clientTransferProhibited status but lacks DNSSEC and security headers. No privacy or cookie policies are published, and no incident response or vulnerability disclosure policies are evident. The site does not use analytics or tracking scripts, enhancing privacy but limiting business intelligence. Overall, the site is safe with no adult or explicit content. The overall risk is moderate with recommendations to improve DNS security, publish privacy and cookie policies, implement security headers, and establish incident response contacts to enhance trust and compliance.

M

Mapstodon.Space

mapstodon.space

0

Mapstodon.Space is a niche Mastodon instance dedicated to the cartography and geospatial community, providing a federated social networking platform based on Mastodon version 4.4.1. The platform targets enthusiasts and professionals interested in mapping and geospatial topics, fostering community engagement through user-generated content. The website is hosted in France and operated by an identified administrator, reflecting a small but active user base. Technically, the site leverages modern web technologies including React and Rails, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are absent. Privacy compliance is basic, with a privacy policy present but lacking cookie consent mechanisms and terms of service. Overall, the site demonstrates a consistent brand and trustworthy domain registration, but could improve in security and compliance transparency.

K

Kidrive

kidrive.fr

0

Kidrive is a French website offering a free platform for managing sports clubs and associations, focusing on collective sports such as basketball, volleyball, football, and handball. It targets club leaders, team managers, coaches, players, and parents, providing tools for member administration, legal guardians management, match scheduling, messaging, and collective task organization. The business operates as a small entity founded in 2017, with a niche market position in amateur sports club management in France. Technically, the website employs a modern frontend stack including jQuery, Bootstrap 4, Google Analytics, and Font Awesome, hosted by Scaleway. The site is mobile-optimized with good SEO practices but has moderate performance. Security-wise, HTTPS is enforced, and login forms use POST methods; however, the absence of security headers and privacy/cookie policies indicates room for improvement in security and compliance. The security posture is moderate with no critical vulnerabilities detected but lacks advanced protections such as CSP and anti-CSRF tokens. Privacy compliance is weak due to missing policies and consent mechanisms. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the site is professional and trustworthy but should enhance privacy and security practices. Recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, improving form security, and publishing incident response and vulnerability disclosure information to strengthen trust and compliance.

I

Cabinet infirmier de Faye d'Anjou | Bellevigne-en-Layon

infirmiers.site

0

The website represents a small local healthcare provider specializing in nursing services in Faye d'Anjou, France. It offers a range of nursing care including injections, dressings, blood tests, sutures, and hygiene care both at home and at the cabinet. The business is conventioned with French health insurance entities and accepts third-party payment, targeting residents in Bellevigne-en-Layon and surrounding communes. The website is professionally designed with responsive layout and clear navigation, though it lacks privacy and cookie policies which are important for compliance. Technically, it uses modern frameworks such as Bootstrap and jQuery, and integrates Google Analytics and Tag Manager for user tracking. Security posture is moderate but can be improved by enabling DNSSEC, adding security headers, and enforcing HTTPS. Contact information is clearly presented, but no email or social media presence is visible. Overall, the site is functional and trustworthy for its local healthcare niche but requires enhancements in privacy and security compliance.

Lulu's blog is a personal technical blog authored by Philippe Lucidarme, focusing on robotics, computer science, Arduino, Linux, sensors, actuators, and web development. The site serves a niche audience of technology enthusiasts, students, and hobbyists seeking educational content and practical tutorials. The business model is primarily content publishing supported by donations via PayPal and Tipeee. The website is hosted by Scaleway SAS and uses modern web technologies including Bootstrap, jQuery, Google Analytics, and Hotjar for analytics and user behavior tracking. Consent management for GDPR is implemented via InMobi's CMP, although explicit privacy and cookie policies are not published. Security posture is good with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Overall, the site is trustworthy, professionally maintained, and provides high-quality content with moderate tracking and advertising.

A

Astorg Partners

astorg.com

0

Astorg Partners is a well-established private equity firm specializing in investments across technology, healthcare, business services, and industrial sectors. The firm emphasizes a unique approach centered on listening and alignment with management teams to unlock value. With €23 billion in assets under management and over 26 years of investment experience, Astorg holds a strong market position in Europe and the US. The website reflects a professional and trustworthy image, providing detailed information about investments, team, and sustainability efforts. Technically, the site employs modern JavaScript libraries, multimedia content, and analytics tools, hosted on a performant CDN infrastructure. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is well addressed with cookie consent mechanisms and clear policies. Overall, the site demonstrates high professionalism and business credibility, though the lack of WHOIS data slightly impacts trust assessment.

É

Éditions Françaises de Guides

facilities.fr

0

Facilities.fr is a specialized French website dedicated to facility management, targeting professionals responsible for general services and non-production procurement. The site offers a comprehensive directory of service providers, practical information, market trends, and a printed guide, positioning itself as a niche leader in the facility management information sector in France. The business model revolves around content provision, advertising, and subscription services such as newsletters and guides. Technically, the site is built on WordPress with modern libraries like Bootstrap and jQuery, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and vulnerability disclosure practices could be enhanced. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a medium-sized business audience effectively.

D

Décideurs Magazine - Accédez à toute l’actualité de la vie des affaires : politique, stratégie, finance, RH, innovation - DECIDEURS MAGAZINE - Accédez à toute l’actualité de la vie des affaires : stratégie, finance, RH, innovation

decideurs-magazine.com

0

Décideurs Magazine is a French business media publication providing comprehensive news and analysis across multiple sectors including politics, strategy, finance, human resources, and innovation. The website serves a professional French-speaking audience with a broad range of content including articles, rankings, events, and e-commerce for magazine sales. Technically, the site is built on Joomla CMS with modern frameworks like Bootstrap and jQuery, and integrates multiple analytics and advertising platforms such as Matomo, Google Tag Manager, Quantcast, and Smart AdServer. Security posture is moderate with HTTPS enforced and CSRF protections in forms, but lacks visible security headers and explicit privacy or cookie policies. WHOIS data is unavailable, which slightly reduces trustworthiness but the site content and branding indicate a legitimate media entity. Overall, the site is professional and content-rich but would benefit from improved transparency and security practices.

E

EcoRéseau Business

ecoreseau.fr

0

ÉcoRéseau Business is a French media company focused on delivering news and analysis related to entrepreneurship, innovation, and environmental topics. The website positions itself as a niche media outlet serving entrepreneurs and innovators with relevant digital and societal updates. The business model revolves around content publishing and possibly membership services, as indicated by the use of MemberPress plugin. The company appears to be relatively new, founded around 2022, and targets a specialized audience in France. Technically, the website is built on WordPress with a modern tech stack including WooCommerce, various marketing and event plugins, and integration with Google Tag Manager and Brevo for marketing automation. The site is mobile optimized and has good SEO practices implemented via Yoast SEO. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities detected in the content. However, the absence of security headers and lack of published privacy or cookie policies indicate areas for improvement. The WHOIS data is missing or unavailable, which reduces trustworthiness from a domain registration perspective. Overall, the website is professional and safe for general audiences but would benefit from enhanced privacy compliance and clearer contact information.

L

Le nouvel Econnomiste

lenouveleconomiste.fr

0

Le nouvel Economiste is a French media company specializing in economic, political, and management news and analysis. It operates a professional news website offering subscription-based digital and print content, podcasts, and advertising services. The site targets professionals, business leaders, and policy makers interested in in-depth economic and political coverage. The company maintains a consistent brand presence with active social media channels and partner services such as legal formalities and event listings. Technically, the website is built on WordPress with modern technologies including jQuery, Yoast SEO, and push notification services. It demonstrates good SEO, mobile optimization, and accessibility standards. Security posture is solid with HTTPS enforcement and secure form handling, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, supporting user consent mechanisms. WHOIS data is not publicly available due to AFNIC policies, but the domain is active and professionally maintained, indicating legitimacy.

D

Test de sécurité / Security check...

digitalcmo.fr

0

The website digitalcmo.fr is currently inaccessible due to a Web Application Firewall (WAF) security challenge page served by Tiger Protect WAF on the o2switch hosting platform. This challenge page blocks access to the actual website content, preventing any meaningful analysis of the business, services, or compliance information. The domain is registered with GANDI since 2011, indicating a mature and legitimate domain age consistent with a stable business presence. However, no business or contact information, privacy policies, or terms of service are accessible on the page. The technical infrastructure includes common JavaScript libraries such as jQuery and CryptoJS, but no CMS or marketing technologies are detectable due to the blocked content. Security posture cannot be fully assessed, but the presence of a WAF indicates some level of security protection. Overall, the site’s content quality, privacy compliance, and business credibility cannot be evaluated beyond the WAF challenge.

S

Syntec Conseil

syntec-conseil.fr

0

Syntec Conseil is a professional organization representing the consulting industry in France, providing industry news, events, member services, and career resources. The website positions itself as a trusted source for consulting professionals and students interested in consulting careers. The domain is well-established since 2016 and aligns with the organization's business claims. Technically, the website is built on WordPress with a modern tech stack including SEO and analytics tools, delivering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible platform. Overall, the website demonstrates a professional and trustworthy digital presence suitable for its target audience.

C

CMIT

cmit.fr

0

CMIT is a French non-profit club dedicated to enriching and promoting marketing and communication functions within the IT sector in France. The organization offers events, publications, and networking opportunities targeted at marketing professionals in technology. The website reflects a professional presence with a clear focus on its niche audience and provides structured data to enhance search engine visibility. The domain is well-established since 2009, reinforcing the organization's credibility. Technically, the website is built on WordPress and employs common marketing and analytics tools such as Google Analytics, Google Tag Manager, and Twitter tracking pixels. The site uses HTTPS exclusively and enforces secure connections. However, some technologies like jQuery are outdated, and there is a lack of advanced security headers, which could be improved. The site is moderately optimized for performance and mobile devices. From a security perspective, the website shows good basic practices such as HTTPS enforcement and no visible sensitive data exposure. However, it lacks visible privacy and cookie policies, security incident response contacts, and vulnerability disclosure information, which are important for compliance and trust. No security challenges or WAF blocks were detected, allowing full content access. Overall, CMIT's website is a credible and professional platform for its target audience but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

C

CESP

cesp.org

0

CESP is a French non-profit organization serving as the industry body for advertising and media players focused on audience measurement and media campaign effectiveness. It holds a recognized market position by auditing currency measurement systems across multiple media types including internet, TV, press, out-of-home, radio, and cinema. The website reflects a mature digital infrastructure built on WordPress with modern plugins and analytics tools, demonstrating good technical and SEO practices. Security posture is solid with HTTPS and consent management, though some security headers could be improved. The absence of WHOIS registrant data is mitigated by consistent branding and professional content, indicating legitimacy. Overall, CESP presents a trustworthy and professional online presence aligned with its industry role.

A

ADETEM

adetem.org

0

ADETEM is a well-established French marketing association founded in 1999, serving marketing professionals through clubs, thematic groups, and events. The website is built on a modern WordPress platform using Elementor and WooCommerce, indicating a mature digital infrastructure. The site is professionally designed with good navigation and mobile optimization, targeting marketing professionals and business executives in France. Security posture is adequate with HTTPS and Cloudflare DNS, but lacks DNSSEC and explicit security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

C

Cyberwatch

cyberwatch.fr

0

Cyberwatch.fr is a French cybersecurity company specializing in vulnerability supervision and compliance control, targeting businesses seeking to manage cybersecurity risks effectively. The website presents a professional and modern design built on WordPress with the Divi theme, optimized for performance and mobile responsiveness. The technical infrastructure includes modern web technologies and performance optimization plugins, indicating a mature digital presence. Security posture is strong with HTTPS enforced and cookie consent mechanisms aligned with GDPR regional requirements; however, explicit privacy policies and security incident response information are absent, representing areas for improvement. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

e Foundation is a non-profit organization based in France focused on developing privacy-enabled, open source smartphone operating systems and cloud services. Their flagship product, /e/OS, is a deGoogled Android-based OS designed to protect user data and privacy. The organization also offers Murena workspace cloud accounts and sells smartphones preloaded with /e/OS through partner Murena. The website positions e Foundation as a niche leader in privacy-conscious mobile technology with a growing international community of developers and users. Technically, the website is built on WordPress with Elementor and uses Matomo analytics configured for privacy. The site is well-structured, mobile-optimized, and professionally designed, though it lacks some advanced privacy compliance features such as cookie consent banners and explicit security policies. Security posture is strong with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and published incident response information. Overall, the domain registration data aligns well with the organization's identity, supporting legitimacy and trustworthiness.

C

CNLL

cnll.fr

0

CNLL is a French association representing and federating companies in the open source software sector. Established since 2009, it serves as a key organization for over 200 companies and 8 regional clusters, promoting open source innovation and competitiveness in France. The website provides comprehensive information about the association's mission, positions on industry topics, news, and events. Technically, the site uses modern frameworks like Bootstrap and jQuery, with analytics tools such as Matomo and Ackee, hosted by Abilian SAS. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks published privacy and cookie policies, which impacts compliance. Overall, the site is professional, trustworthy, and well-maintained, serving its target audience effectively.

R

reseaufraqsup

fraq-sup.fr

0

The website www.fraq-sup.fr represents a francophone network focused on quality assurance agencies in higher education. It serves as a niche platform for educational quality stakeholders primarily in France and other French-speaking regions. The site is built on the Wix platform, leveraging Wix's CMS and associated technologies, including Sentry for error monitoring and Wix InstantSearchPlus for search functionality. The technical infrastructure is modern and benefits from Wix's hosting and performance optimizations, with good mobile responsiveness and basic SEO features. From a security perspective, the site enforces HTTPS and employs some JavaScript-based security hardening techniques. However, it lacks explicit security headers and visible security or privacy policies, which could be improved. The absence of WHOIS data and registrant information is a concern for domain legitimacy and trust, although the website content and structure appear professional and relevant to its educational mission. Overall, the site is functional and serves its target audience adequately but would benefit from enhanced transparency regarding privacy, security policies, and contact information to improve trust and compliance. The domain's registration status should be clarified to ensure long-term legitimacy and operational continuity.

S

Stuart

stuart.com

0

Stuart is a leading European urban logistics company specializing in instant, same-day, and next-day delivery solutions for businesses across various sectors including restaurants, grocery, retail, and professional services. The company positions itself as a key player in the urban delivery market, leveraging technology to provide efficient and scalable delivery services. The website reflects a mature digital presence with a modern tech stack primarily based on Vue.js and HubSpot CMS, supported by extensive analytics and marketing tools. Security posture is strong with HTTPS enforcement and security headers, though there is room for improvement in publishing explicit security policies and vulnerability disclosure mechanisms. Overall, Stuart demonstrates a professional and trustworthy online presence aligned with its business objectives.

L

La Fabrique VingtCinq

vingtcinq.io

0

La Fabrique VingtCinq is a French digital agency specializing in bespoke web design and development services tailored for SMEs and large enterprises in the industrial and service sectors. Established in 2010 and operating under the parent company e-reflex, the agency has built a solid market position with a portfolio of notable clients including Fnac Darty, Primagaz, and Cartier. Their business model focuses on delivering high-value, custom digital projects with a strong emphasis on technical consulting and operational excellence. Technically, the website leverages modern web technologies such as React and Gatsby, hosted likely on AWS infrastructure, and employs privacy-conscious analytics via Plausible. The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital presence. However, some security best practices like DNSSEC and security headers could be improved. From a security standpoint, the site uses HTTPS with a good SSL configuration and does not expose sensitive data. While no explicit security or incident response policies are published, the overall posture is solid. Privacy compliance is supported by a comprehensive privacy policy, though cookie consent mechanisms are absent, which is a minor compliance gap. Overall, the website is professional, trustworthy, and well-aligned with the business's stated identity. The domain registration data corroborates the legitimacy and maturity of the business. Strategic improvements in security headers and cookie consent would enhance compliance and security posture further.

C

CYBIAH

cybiah.eu

0

CYBIAH is a cybersecurity support program coordinated by Campus Cyber, targeting SMEs, social economy actors, and local governments in the Île-de-France region. It offers comprehensive cybersecurity services including awareness, maturity evaluation, personalized diagnostics, and tailored solutions, fully funded by the European Union and regional partners. The website is professionally designed, multilingual (French and English), and provides clear information about the program, partners, and contact options. Technically, the site is built on WordPress with modern libraries and privacy-conscious analytics (Matomo, Hubspot). Security measures include HTTPS, reCAPTCHA on forms, and cookie consent mechanisms. No critical vulnerabilities or suspicious patterns were detected. Overall, the site reflects a mature digital presence aligned with its mission and audience.

I

Ikoula

ikoula.com

0

Ikoula is a well-established French hosting and IT management company founded in 1998, offering a broad portfolio of services including dedicated servers, VPS, web hosting, domain registration, SSL certificates, backup solutions, cybersecurity, and collaborative suites such as Microsoft 365 and Zimbra. The company operates proprietary data centers in France and holds ISO 27001 and ISO 50001 certifications, underscoring its commitment to security and energy management. The website is professionally designed, mobile-optimized, and provides comprehensive information tailored to business clients, reflecting a mature digital presence. Technically, the site leverages Drupal CMS, modern analytics tools, and cookie consent management, ensuring compliance and user experience. Security posture is strong with HTTPS enforced and proactive support, though explicit security headers and incident response contacts could be improved. Overall, Ikoula presents a trustworthy and credible business with a solid market position in the French hosting sector.

V

Videolabs

videolabs.io

0

Videolabs is a specialized technology company based in France, known as the expert team behind VLC. They provide professional multimedia solutions, custom development, and consulting services primarily targeting businesses and developers requiring advanced multimedia capabilities. Their market position is that of a niche expert with over 10 years of experience and a solid client base exceeding 50 customers. The website reflects a professional and consistent brand image with clear service offerings and client case studies. Technically, the website is built using the Hugo static site generator, leveraging modern JavaScript libraries such as Glide.js and AOS for UI effects, and uses Plausible Analytics for privacy-focused user tracking. The site is mobile optimized and performs moderately well, with good SEO practices and basic accessibility features. Hosting and domain registration are managed through Gandi SAS, a reputable registrar. From a security perspective, the website enforces HTTPS and has domain transfer protections in place. However, it lacks DNSSEC, security headers, and published security policies such as privacy, cookie, or incident response policies. No forms or data collection mechanisms were detected, reducing some risk. The absence of vulnerability disclosure and security.txt files indicates room for improvement in transparency and security maturity. Overall, the website is trustworthy and professional with a strong business credibility score. The main risks relate to compliance gaps in privacy and cookie policies and missing security best practices. Strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and establishing incident response contacts to enhance security posture and regulatory compliance.

W

WMH Project

wmhproject.com

0

WMH Project is a mission-driven European communication group specializing in non-media communication services including event management, incentive travel, influence, spatial design, and brand image creation. Established in 2019, it positions itself as a leader in sustainable and socially responsible communication, targeting corporate clients, brands, and institutions. The website reflects a professional and modern digital presence with strong branding consistency and clear service offerings. Technically, the site is built on WordPress with modern technologies such as Tailwind CSS and Swiper.js, hosted by PlanetHoster Inc., and includes GDPR-compliant cookie consent mechanisms and Matomo analytics for privacy-conscious tracking. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a mature digital infrastructure and compliance with privacy regulations, supporting the credibility and trustworthiness of the business.

I

INRIA

ocaml.org

0

OCaml.org is the official website for the OCaml programming language, managed by INRIA, a reputable French research institute. The site serves as a comprehensive resource hub for developers, educators, and industrial users interested in OCaml, offering installation guides, documentation, package management, community engagement, and news updates. The website demonstrates a strong market position with endorsements from industry leaders such as Facebook, Microsoft, and Bloomberg, and recognition through prestigious awards. Technically, the site employs modern web technologies including Alpine.js, HTMX, and analytics tools like PostHog and Plausible, delivering a fast, mobile-optimized, and accessible user experience. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements like DNSSEC and enhanced security headers could be implemented. Privacy compliance is well addressed with clear policies, though cookie consent mechanisms are minimal. Overall, the site is professional, trustworthy, and well-maintained, reflecting the maturity and credibility of the OCaml ecosystem.

D

Daniel Veillard

libvirt.org

0

The libvirt.org website represents an established open source project focused on providing a virtualization API toolkit supporting multiple hypervisors and platforms. The project is mature, founded in 2006, and maintained by Daniel Veillard, with a clear focus on developers and users of virtualization technologies. The site provides comprehensive technical documentation, community engagement links, and security vulnerability reporting mechanisms, positioning it as a trusted resource in the virtualization ecosystem. Technically, the website uses standard web technologies (HTML, CSS, JavaScript) with moderate performance and basic mobile optimization. Security posture is adequate with domain transfer protection and a security response team, but lacks advanced security headers and DNSSEC. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve compliance and security best practices.

Le Printemps des Études is a professional event organizer specializing in marketing, communications, and research industry gatherings. The website presents a well-established annual tradeshow with conferences, meet-ups, and exhibitions tailored to industry professionals. The business targets a specialized audience including CEOs, marketing officers, research managers, and innovation leaders. The website is built on WordPress using the Divi theme, with moderate performance and good mobile optimization. Security posture is average with no detected advanced security headers or explicit privacy policies, and WHOIS data is unavailable, which slightly reduces trust. Overall, the site is professional and content-rich, supporting a medium-sized event business in France.

I

IOKI PARIS

iokiparis.com

0

IOKI PARIS is a small French retail brand specializing in creative, unisex, oversized, and eco-responsible kidswear for children aged 6 months to 8 years. The website is professionally designed using the Wix platform, offering a good user experience and mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy. The site lacks visible privacy and cookie policies, as well as contact information, which impacts trust and compliance. Security measures include HTTPS and some script-based protections, but security headers and incident response contacts are missing. Overall, the website presents a moderate risk profile with room for improvement in compliance and transparency.

W

WMH Project

wmhproject.fr

0

WMH Project is a French-based communication group specializing in non-media communication services, positioning itself as one of the European leaders in this sector. Their core offerings include event management, incentive travel, influence marketing, spatial design, and brand image production. The company emphasizes sustainable and eco-conscious practices, reflected in their website's eco-design and corporate mission. The website is professionally designed, multilingual, and optimized for performance and accessibility, indicating a mature digital infrastructure. Technically, the site leverages WordPress CMS with modern frameworks and tools such as Tailwind CSS, Swiper.js, and HubSpot integrations, supported by PLANETHOSTER hosting. Security posture is solid with HTTPS and GDPR-compliant cookie consent, though there is room for improvement in publishing explicit security policies and headers. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance, suitable for corporate clients and partners.

T

Team for the Planet

team-planet.com

0

Team for the Planet is a not-for-profit organization dedicated to combating climate change by creating and financing innovative businesses globally. The website positions the company as a citizen-driven movement with a strong community of shareholders and innovators. Their business model focuses on crowdfunding and direct investment in climate solutions, emphasizing transparency and open-source principles. Technically, the website employs modern frameworks such as Turbo and StimulusJS, integrates analytics tools like Matomo and Plausible, and demonstrates excellent design and mobile optimization. Security posture is solid with HTTPS and CSRF protections, though improvements like DNSSEC and security headers are recommended. Overall, the site is professional, trustworthy, and well-aligned with its mission.

L

LÉVÉNEMENT

levenement.org

0

LÉVÉNEMENT is a professional association representing French event communication agencies, with approximately 100 member agencies and a Club of Partners. The website serves as a hub for industry information, agency directories, employment opportunities, and sector publications. It targets agencies, partners, and professionals within the French event communication sector. Technically, the site is built on WordPress using Elementor and several Jet plugins, hosted by OVH sas, and employs modern SEO practices with Rank Math. The site is mobile-optimized and performs moderately well. Security posture is adequate with HTTPS enabled and domain protections like clientDeleteProhibited status, but lacks DNSSEC and visible security headers. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy or terms of service pages detected. Overall, the domain registration details align well with the website's business purpose, indicating legitimacy and trustworthiness.

Olyzon.tv is a newly established French technology company specializing in AI-driven Connected TV (CTV) advertising solutions. The company offers an agentic platform that automates media planning, enables program-level contextual targeting, and delivers immersive multi-format creative activations. Positioned as an innovative player in the CTV advertising market, Olyzon.tv targets global brands seeking scalable, transparent, and effective advertising channels. The website reflects a modern technical infrastructure built on Nuxt.js, TailwindCSS, and hosted on Netlify with AWS for backend services. Privacy and compliance are well addressed with comprehensive GDPR-aligned policies and cookie consent mechanisms. Security posture is solid with HTTPS and domain protection, though some enhancements like security headers and incident response disclosures could improve trust. Overall, the site is professional, user-friendly, and trustworthy, supporting Olyzon.tv's market positioning as a cutting-edge advertising technology provider.

M

Mastodon

mastodon.xyz

0

Mastodon.xyz operates as an independent Mastodon instance within the federated social networking ecosystem known as the fediverse. It provides an open platform primarily targeting English and French speaking users, offering microblogging and social networking services without ads or algorithms. The website is built on the Mastodon platform version 4.3.4, leveraging modern web technologies including React and WebSockets for real-time interactions. Hosted by OVH in France, the domain is well-established since 2017 and shows consistent registration data, supporting its legitimacy. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms and terms of service. No contact information or incident response details are publicly available. Overall, the site presents a professional, community-driven social network with good technical implementation and moderate privacy compliance.

S

Sylvain Hellegouarch

defuze.org

0

defuze.org is a personal/professional website representing Sylvain Hellegouarch, primarily serving as a landing page linking to social media profiles such as Mastodon, GitHub, and LinkedIn. The site is minimalistic, built using the Astro framework, and hosted with DNS services from Google Cloud. The domain is well-established since 2004, registered in France, and shows no suspicious registration patterns. The website lacks privacy, cookie, and terms of service policies, and does not provide direct contact information or forms, indicating a low level of data collection and user interaction. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Overall, the site is safe, professional, and targeted at a general audience with no adult or questionable content.

H

Havas

havasgroup.fr

0

Havas is a leading global communications group with a strong presence in France, offering a wide range of services including consulting, creative, media, and corporate communications. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting brands, businesses, and people. Technically, the site is built on WordPress with modern libraries and includes privacy-conscious analytics and cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response details are absent. Overall, the site is trustworthy and professionally maintained, supporting Havas's market position as a major player in the media and communications industry.

C

Comexposium

comexposium.fr

0

Comexposium is a large event organization company primarily serving French and international markets. Their website is professionally designed using WordPress with SEO and performance optimizations. The company focuses on organizing exhibitions and community events, targeting businesses and professionals. The technical infrastructure is modern but lacks visible advanced security headers and explicit privacy or cookie policies in the provided content. The security posture is generally good with HTTPS enabled and no obvious vulnerabilities, but improvements in security headers and privacy compliance are recommended. The absence of WHOIS data raises some concerns about domain registration transparency, though the website content and branding suggest legitimacy. Overall, the site is functional and professional but could enhance trust and compliance transparency.

A

agence black lemon

blacklemon.net

0

Agence black lemon is a Paris-based creative agency specializing in storytelling and live experience production. It operates as part of the international group The Wonder Society, enhancing its market position with global partnerships. The website reflects a modern, multimedia-rich design targeting businesses seeking creative agency services. The technical infrastructure relies on jQuery and fullpage.js with custom CSS animations, hosted via Nuxit, indicating a moderate level of digital maturity. Security posture is average with domain transfer protections but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional but could improve in security and compliance to enhance trust and regulatory adherence.

The domain azilis.fr is registered since 2005 and hosted via online.net, indicating a stable and long-term registration. However, the website currently serves only a 404 Not Found error page with no accessible content, metadata, or business information. This lack of content prevents any meaningful analysis of the company's services, market position, or technical infrastructure. The absence of HTTPS and security headers further reduces the security posture of the site. No privacy, cookie, or terms of service policies are present, indicating non-compliance with GDPR and other privacy regulations. Overall, the website appears inactive or misconfigured, which significantly impacts trust and credibility.

L

LDR : Lever de rideau

ldr.fr

0

LDR : Lever de rideau is a French event communication agency established in 1990, specializing in creating impactful and useful events. With a medium-sized team of approximately 50 experts, the agency organizes around 280 events annually across France and internationally. Their business model focuses on combining utility with emotion, business, and engagement, supported by strong commitments to corporate social responsibility, including ISO 20121 certification and partnerships with notable organizations such as the French Handisport Federation. The website reflects a professional and consistent brand image, targeting corporate clients seeking event communication services. Technically, the website is built on WordPress using the Avada theme, enhanced with Yoast SEO and jQuery, and hosted by OVH. It integrates modern web technologies including Vimeo for video content and Axeptio for cookie consent management. The site demonstrates good SEO practices, mobile optimization, and moderate performance. However, accessibility features are basic and could be improved. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, showing a long-standing domain registration with a reputable registrar. Overall, the security posture is solid but could benefit from enhancements in security headers and transparency. The overall risk assessment is low, with the site presenting a trustworthy and professional front. Strategic recommendations include implementing comprehensive security headers, publishing security policies and vulnerability disclosure information, enhancing accessibility, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

The website www.loreal-paris.fr is currently inaccessible beyond a Cloudflare Turnstile security challenge page, which blocks automated access and requires human verification. This prevents retrieval of substantive website content, metadata, or business information. The domain is associated with L'Oréal, a globally recognized cosmetics and beauty company headquartered in France. Due to the WAF challenge, no direct contact information, policies, or detailed business data are accessible from the provided HTML content. The domain WHOIS data is unavailable from the AFNIC server, likely due to privacy protection or data restrictions, which is common for large brands to protect registrant information. The presence of Cloudflare as a security provider indicates a strong security posture, but the inability to access the actual website content limits the depth of analysis.

H

HOMERUN (formerly Rosbeef!)

rosbeef.fr

0

HOMERUN, formerly known as Rosbeef!, is a creative agency based in France specializing in consulting and advertising services. The company focuses on cultural innovations and cross-channel communications to create value and spark conversations. The website reflects a professional and modern digital presence with rich multimedia content, strong branding, and active social media engagement. The agency has received notable awards and certifications, indicating a reputable market position. Technically, the website is built using modern frameworks like Astro and GSAP, hosted by OVH SAS, and optimized for performance and mobile devices. Security posture is adequate with HTTPS enabled and domain protections, but lacks DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and well-maintained, suitable for its target audience of businesses seeking creative consulting and advertising solutions.

H

Halloween Agency

halloween.fr

0

Halloween Agency is an established French communication agency specializing in event management, social media, brand activation, influence, and staffing services. Founded in 1998, the agency operates primarily in France with offices in Paris and Toulouse, targeting businesses seeking comprehensive communication solutions. The website reflects a professional and modern digital presence, leveraging Vue.js and Nuxt.js frameworks, hosted by OVH, and integrating Google Analytics and Tag Manager for analytics and marketing purposes. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacking some advanced security headers and explicit privacy and terms policies. Overall, the site demonstrates a mature business with a solid market position but could improve compliance and security transparency.

A

Autodistribution

autodistribution.fr

0

Autodistribution is a leading French retailer specializing in automotive spare parts, operating over 350 physical stores and offering online ordering with free in-store pickup. The website presents a professional and consistent brand image targeting vehicle owners and automotive professionals. The technical infrastructure leverages modern web technologies including Angular framework, cloud-based CDN delivery, and integrates standard marketing and consent management tools. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is safe, well-optimized for SEO and mobile, and compliant with GDPR requirements through clear privacy and cookie policies. The absence of WHOIS data slightly reduces trust but does not detract significantly from the site's legitimacy given its market presence and professional presentation.

Air France is a leading French airline offering flight booking services to over 230 destinations worldwide. The website serves as the official platform for ticket reservations, travel deals, and customer support, targeting general travelers and business customers. The site reflects Air France's strong market position as part of the Air France-KLM group, with a consistent brand presence and comprehensive service offerings. Technically, the website employs modern web technologies including Angular and Material Design components, ensuring a responsive and accessible user experience. The infrastructure supports good performance and SEO optimization, with mobile-friendly design and accessibility features. Security posture is robust, with HTTPS enforced, strong security headers, and cookie consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR adherence and a visible data protection officer contact. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility, suitable for an enterprise-level airline service. Strategic recommendations include publishing a public incident response policy and vulnerability disclosure framework to enhance transparency and security readiness.