Security Directory

F

FEFFS (Festival Européen du Film Fantastique de Strasbourg)

strasbourgfestival.com

0

The Festival Européen du Film Fantastique de Strasbourg (FEFFS) is a well-established cultural event in France, focusing on fantastic cinema and related genres. The website serves as an information hub for festival programming, awards, and events, targeting cinephiles and the general public interested in genre films. The site is built on WordPress with modern plugins and fonts, hosted by OVH sas, and demonstrates good technical maturity with HTTPS and responsive design. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is moderate with SSL enabled but missing security headers and DNSSEC. Overall, the website is professional and trustworthy but could improve compliance and security practices.

A

ARTUS Théâtre Universitaire de Strasbourg

artusasso.fr

0

ARTUS Théâtre Universitaire de Strasbourg is a small, non-profit university theatre association based in Strasbourg, France. It offers theatrical productions, workshops, auditions, and cultural events primarily targeting university students and theatre enthusiasts. The website is multilingual and professionally translated, reflecting a commitment to accessibility for international audiences. The business model focuses on community engagement and cultural enrichment rather than commercial profit. Technically, the website is built on WordPress with common plugins such as Yoast SEO and Contact Form 7, hosted by OVH. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features. SEO is well implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS and a cookie consent mechanism but lacks advanced security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy present but no detailed GDPR compliance or incident response information. Overall, the website is trustworthy and professional, with a solid business presence and technical foundation. Strategic improvements in security policies and privacy transparency would enhance its posture and compliance.

A

Alsace Tech

alsacetech.org

0

Alsace Tech is a regional network of higher education institutions in Alsace, France, specializing in engineering, architecture, management, and design education. The website serves as a portal for students, companies, and partners to access information about the member schools, programs, events, and collaborative opportunities. The network positions itself as a key regional player in education with a focus on multidisciplinary and international programs. Technically, the website is built on WordPress with a mature set of plugins including Yoast SEO, Revolution Slider, and Max Mega Menu. It uses modern web technologies such as Bootstrap and jQuery and integrates Google Analytics and Tag Manager for user tracking. The site is mobile-optimized and has good SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is unavailable, which slightly impacts trust but the professional presentation and partner affiliations support legitimacy. Overall, Alsace Tech's website is a well-structured, professional educational network portal with moderate technical sophistication and a good security baseline. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and compliance.

A

Alliance française Strasbourg Europe

afstrasbourg.eu

0

Alliance française Strasbourg Europe is a small educational and cultural organization dedicated to promoting the French language and culture in Europe. The website is built on WordPress and uses common web technologies such as Google Analytics and Google Tag Manager for tracking. The content is minimal and mostly placeholder, indicating a basic web presence without extensive information or engagement features. Security posture is limited with no detected security headers and unknown SSL configuration. Privacy and cookie policies are absent, which is a compliance gap. No contact information or incident response details are provided, limiting user trust and support options. Overall, the website serves as a basic informational portal for the organization but requires improvements in security, privacy compliance, and content richness to enhance credibility and user experience.

A

AFGES

afges.org

0

AFGES is a well-established non-profit organization founded in 1999, serving as the primary representative body for students in the Alsace region of France. It holds a major position in student representation and provides key services such as a hotline for student rights defense and AGORAé centers offering food and material aid to financially struggling students. The website is built on a modern WordPress platform with Elementor, ensuring a good user experience and mobile optimization. However, it lacks some privacy compliance features such as cookie consent and explicit privacy policy details. Security posture is moderate with HTTPS enabled and domain protections in place, but missing DNSSEC and security headers. Overall, the site is trustworthy and professional, targeting students and stakeholders in education and social aid.

C

Coze - L'Agenda Culturel Alsacien

coze.fr

0

Coze.fr is a well-established regional cultural magazine and event listing platform focused on the Alsace region in France. It offers a comprehensive agenda of cultural events including concerts, exhibitions, festivals, and artist features, targeting residents and visitors interested in local culture. The website is professionally designed with consistent branding and regularly updated content, positioning it as a trusted media source in its niche. Technically, the site is built on WordPress with common plugins such as Yoast SEO and uses modern JavaScript libraries like Flickity for carousels. It integrates Google Analytics and Facebook Pixel for tracking and marketing purposes. The site is mobile-optimized and SEO-friendly, though some accessibility features could be improved. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks security headers and explicit cookie consent mechanisms, which are recommended for enhanced protection and GDPR compliance. The absence of WHOIS data reduces trust slightly but the professional nature of the site and its social media presence support its legitimacy. Overall, Coze.fr presents a low-risk profile with good business credibility and technical implementation. Strategic improvements in security headers, privacy compliance, and incident response documentation would further strengthen its posture.

D

Delcros

delcros.fr

0

Delcros is a French company specializing in surface treatment of stainless steel and aluminum parts, with a history dating back to 1965. The company offers a range of industrial services including chemical pickling, passivation, electrolytic polishing, tribofinition, microblasting, and anodization. Recently acquired by ANODUR, Delcros has expanded its market presence and is recognized for compliance with nuclear industry standards such as ISO 9001:2015 and ISO 19443:2018. The website targets professional clients in the energy sector and emphasizes quality and reactivity as key differentiators. Technically, the website is built on WordPress using Elementor and Yoast SEO, with modern web technologies and a cookie consent mechanism implemented via Tarteaucitron. Security posture is adequate with HTTPS enforced, but lacks visible security headers and explicit privacy policy documentation. No contact emails or phone numbers are directly visible, which may impact user trust and compliance. Overall, the site is professional and well-structured, but could improve transparency and security practices.

G

GIO Notaires

gio-notaires.fr

0

GIO Notaires is a professional alliance of nine certified or ISO-certification-pursuing notarial offices in France, offering a wide range of legal and notarial services including family law, business law, wealth management, and real estate. The group emphasizes proximity, adaptability, and performance, serving clients primarily in Ile-de-France and other regions with a team of 24 notaries and 180 collaborators. The website is built on WordPress with Elementor and integrates modern technologies such as Google Maps and cookie consent mechanisms, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS and cookie consent in place, though security headers are not detected and could be improved. The absence of WHOIS data is likely due to privacy protection, which is justified for this type of professional service. Overall, the website presents a trustworthy and professional image with comprehensive contact information and compliance with GDPR.

P

Poissonnerie des Halles

poissonneriedeshalles.fr

0

Poissonnerie des Halles is a small local business based in Reims, France, specializing in seafood retail and restaurant services. The website promotes their fish, shellfish, and crustacean sales alongside dining options and event catering. The business also highlights partnerships with related entities such as L'Etal, Le Bocal restaurant, Le Triporteur mobile restaurant, and La Maison d'Oléron vacation rental, indicating a diversified local ecosystem. The website content is well structured, professionally designed, and targets local customers and visitors interested in seafood and dining experiences. Technically, the website uses a modern but basic technology stack including Bootstrap, jQuery, FontAwesome Pro, and Google Fonts. The site is mobile optimized and SEO friendly with proper meta tags and Open Graph data. However, no CMS or hosting provider information is evident. Performance is moderate with no major technical issues detected. Accessibility is basic but functional. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which reduces compliance with GDPR and best practices. No forms or user data collection mechanisms are present, minimizing attack surface but also limiting engagement. The WHOIS data is missing, which raises concerns about domain legitimacy and registration status. No WAF or blocking mechanisms are detected, and the site is fully accessible. Overall, the website is a good representation of a small local seafood business with moderate technical maturity but with room for improvement in security, privacy compliance, and domain legitimacy verification. Strategic recommendations include adding privacy and cookie policies, implementing security headers, verifying domain registration, and enhancing trust signals.

A

Association des Centraliens de Lyon (ACL)

technica-magazine.fr

0

Technica Magazine is a professional publication serving the alumni and engineering community of Centrale Lyon. It offers specialized content including dossiers, articles, and newsletters focused on engineering, career development, and alumni activities. The website demonstrates a solid technical infrastructure using modern JavaScript libraries and frameworks, with good mobile optimization and SEO practices. Security measures include HTTPS enforcement, CSRF tokens, and hCaptcha for form protection, reflecting a mature security posture. However, the absence of WHOIS data and explicit security policies slightly reduce transparency and trust. Overall, the site is professional, compliant with GDPR, and trustworthy for its target audience.

F

Fondation Oeuvre Notre-Dame

oeuvre-notre-dame.eu

0

The Fondation de l’Œuvre Notre-Dame is a historic non-profit organization dedicated to the preservation, restoration, and promotion of the Strasbourg Cathedral. The website serves as an educational and informational platform, offering rich multimedia content, historical insights, and visitor information. It also supports fundraising through a boutique and patronage programs. Technically, the site is built on WordPress with WooCommerce, employing modern web technologies and good SEO and accessibility practices. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers could be improved. Privacy compliance is partial, with cookie consent implemented but no explicit privacy policy page found. WHOIS data is unavailable, limiting domain trust verification, but the professional presentation and content quality support legitimacy. Overall, the site is well-positioned as a trusted cultural heritage resource with room for improvement in transparency and security hardening.

A

AFM-Téléthon

afm-telethon.com

0

AFM-Téléthon is a prominent French non-profit organization dedicated to combating rare diseases through family support, research funding, and public awareness. The organization operates a comprehensive digital platform that facilitates donations, volunteer engagement, and dissemination of scientific and patient information. Their market position is strong within the healthcare non-profit sector in France, supported by multiple research subsidiaries and partners. Technically, the website is built on Drupal CMS with modern analytics and consent management tools, ensuring GDPR compliance and a good user experience across devices. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the website reflects a mature, trustworthy, and professionally managed digital presence aligned with its mission.

G

Genapi

genapi.fr

0

Genapi is a French software and service provider specializing in comprehensive solutions for notarial studies, including act drafting, accounting, IT infrastructure, human resources, real estate, urban planning, training, and digital communication. The company operates as a subsidiary or brand under the parent company Septeo, with a strong market presence and over 30 years of experience. The website is professionally designed, fully accessible, and targets notaries and related professionals in France. Technically, the site leverages modern web technologies such as Webflow CMS, HubSpot forms, and various analytics and marketing tools, hosted on a reliable CDN infrastructure. Security posture is strong with HTTPS enforcement, input validation, and consent management, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the domain is legitimate despite the lack of WHOIS data, as it is a subdomain of a known corporate domain. The site demonstrates good privacy compliance and business credibility, making it a trustworthy platform for its target audience.

K

KUHN

kuhn.fr

0

KUHN is a well-established manufacturer of agricultural machinery and equipment based in France, serving a global market with multiple localized websites. The company offers a wide range of products for large-scale farming, forage harvesting, livestock, and landscape maintenance. The website demonstrates a mature digital presence with structured navigation, professional design, and integration of analytics and marketing tools such as Piwik PRO and HubSpot. However, the absence of explicit privacy and cookie policies, as well as missing security headers, indicates areas for improvement in compliance and security posture. The WHOIS data is unavailable, likely due to privacy protection, but the website content and branding strongly support legitimacy. Overall, KUHN's website is professional and trustworthy, with moderate technical performance and good mobile optimization.

P

Pandra

pandra.app

0

Pandra is a French technology company operating a SaaS platform that requires user authentication via a login page. The website is built using modern web technologies including Angular, CKEditor, Chart.js, and integrates Google Analytics and Stripe for analytics and payment functionalities. The platform targets a general audience and appears to be a small-sized business with a focus on providing digital services. The website content is primarily in French and includes a link to legal information hosted on a subdomain. Security posture is moderate with HTTPS enforced but lacks visible security headers and comprehensive privacy or cookie policies on the login page. No contact information or incident response details are provided, which limits transparency. The domain registration is privacy protected, which is common for tech startups, and no suspicious patterns were detected. Overall, the website is functional but could improve in privacy compliance and security best practices.

C

Centrale Méditerranée Alumni

centraliens-marseille.fr

0

Centrale Méditerranée Alumni operates as a professional alumni network for graduates and students of Centrale Méditerranée, a French engineering school. The platform offers a comprehensive suite of services including member directories, event calendars, job boards, and news updates, fostering community engagement and career development. The website is well-branded and targets alumni, students, and recruiters within the educational sector in France. Technically, the site leverages modern web technologies such as Vue.js, Google Analytics, and Google Maps API, ensuring a responsive and interactive user experience. The presence of OAuth-based single sign-on options enhances user convenience and security. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be improved. From a security perspective, the website enforces HTTPS and uses secure login forms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no vulnerability disclosure or security.txt files are published. Privacy compliance is strong with visible privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a trustworthy and professional online presence for the alumni community, with moderate technical sophistication and a solid security posture. Recommendations include enhancing security headers, publishing vulnerability disclosure information, and continuing to monitor third-party scripts for vulnerabilities.

E

emlyon business school

em-lyon.com

0

emlyon business school is a prestigious and long-established European business school founded in 1872, offering a wide range of business education programs including Grande Ecole, Bachelors, Masters, MSc, MBA, and executive education. The school holds triple accreditation (EQUIS, AACSB, AMBA), underscoring its high academic standards and global recognition. It serves a diverse international student body across multiple campuses in Lyon, Shanghai, Paris, and Mumbai. The website reflects a mature digital presence with a modern Drupal CMS, responsive design, and comprehensive content tailored to prospective students and professionals. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Tag Manager for analytics and marketing, and Didomi for GDPR-compliant cookie consent management. The site is well-optimized for SEO and accessibility, with clear navigation and structured data enhancing search engine understanding. Security posture is strong with HTTPS enforced and domain locking status flags, though DNSSEC is not enabled, representing an area for improvement. From a security and compliance perspective, the site demonstrates good privacy practices with explicit privacy and cookie policies, consent mechanisms, and no detected vulnerabilities or suspicious domains. However, explicit security policies and incident response contacts are not published, which could be enhanced to improve transparency and trust. Overall, the site is safe, professional, and trustworthy, serving its educational mission effectively.

C

Ctrl-a

ctrla.fr

0

Ctrl-a is a French digital ecosystem composed of multiple specialized agencies focused on building a just, useful, and responsible digital environment. Their services span digital strategy, UX/UI design, open source development, accessibility audits, ecodesign, data protection, and communication. The company positions itself as a leader in ethical and sustainable digital services, serving clients in the public, private, and non-profit sectors. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, the site uses modern web standards with good mobile optimization and accessibility features, though no CMS or hosting provider details are evident. Security posture is moderate with HTTPS implied but lacking explicit security headers and incident response information. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, but no cookie consent mechanism was detected. WHOIS data is missing, which reduces trustworthiness but the website content and client references support legitimacy. Overall, Ctrl-a demonstrates a mature digital presence with room for improvement in security transparency and privacy mechanisms.

F

Fédération des Aveugles et Amblyopes de France

aveuglesdefrance.org

0

The Fédération des Aveugles et Amblyopes de France is a French non-profit organization advocating for the full citizenship and rights of blind and visually impaired individuals. The website serves as an informational and advocacy platform, targeting persons with blindness and low vision in France. It provides key services related to support and rights advocacy. The organization has an established presence since 2014, with a medium-sized operational scale. Technically, the website is built on WordPress, utilizing the Yoast SEO plugin for search optimization and integrates analytics tools such as Piwik PRO and Google Tag Manager. The hosting is provided by Gandi SAS, a reputable registrar and hosting provider. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, it lacks DNSSEC, security headers, and explicit security or incident response policies on the website. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms. No vulnerability disclosure or data protection officer information is provided. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security hardening, and transparency regarding data protection and incident response to improve its security posture and user trust.

E

ENSTA Alumni

ensta.org

0

ENSTA Alumni is a well-established French alumni association dedicated to graduates and students of ENSTA, focusing on fostering professional networking, career support, and promoting the school's disciplines. The website is professionally designed, content-rich, and provides multiple services including news, events, job offers, and member directories. Technically, the site uses a modern JavaScript stack with libraries such as jQuery, Bootstrap, and cookie consent management via tarteaucitron. Security measures include HTTPS, CSRF tokens, and hCaptcha for form protection, although HTTP security headers are not evident. The absence of WHOIS data limits domain trust assessment, but the website's content and structure indicate a legitimate and professional organization. Privacy compliance is well addressed with cookie consent and GDPR considerations.

T

Télécom Paris Alumni

telecom-paris-alumni.fr

0

Télécom Paris Alumni is a professional alumni association serving graduates of Télécom Paris, providing a comprehensive platform for networking, career development, events, and community engagement. The website offers access to an extensive alumni directory, job and internship listings, mentoring programs, and a mobile application to facilitate member interaction. The organization targets alumni, students, and companies connected to Télécom Paris, positioning itself as a key player in the educational and non-profit sectors in France. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Leaflet for mapping, and various user interface libraries. It integrates security features such as HTTPS, CSRF tokens, and hCaptcha for bot protection. Privacy compliance is well addressed with a detailed cookie and privacy policy, user consent mechanisms, and GDPR adherence. Analytics and marketing tools like Google Analytics and LinkedIn Insight are used with transparency. Security posture is strong with encrypted connections and secure form handling, though there is room for improvement by adding explicit security headers and publishing incident response policies. The absence of WHOIS data for the domain is a concern for domain legitimacy verification but does not detract significantly from the overall trustworthiness given the professional content and consistent branding. Overall, the website presents a secure, professional, and user-friendly platform for its community, with recommendations to enhance security headers and formalize vulnerability disclosure processes to further strengthen trust and compliance.

K

KEDGE Alumni

kedgebs-alumni.com

0

KEDGE Alumni operates as a large, well-established alumni network for KEDGE Business School graduates, providing career services, networking events, and professional development resources. The website is professionally designed, mobile-optimized, and uses modern web technologies including jQuery, Bootstrap, and Leaflet.js for interactive maps. Security measures such as HTTPS, CSRF tokens, and hCaptcha are implemented, enhancing the site's security posture. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. However, the absence of WHOIS data raises concerns about domain registration legitimacy, which should be further investigated. Overall, the site presents a trustworthy and professional platform for alumni engagement.

E

ESSEC Alumni

essecalumni.com

0

ESSEC Alumni operates as the official alumni network for ESSEC Business School, providing a comprehensive platform for graduates, students, faculty, and recruiters to connect, engage, and access career and lifelong learning services. The website is well-branded, professionally designed, and offers a variety of services including event management, job boards, mentoring, and community clubs. Technically, the site leverages modern web technologies such as Vue.js, Google Tag Manager, and Matomo analytics, ensuring a responsive and interactive user experience. Security posture is solid with HTTPS enforced and secure login mechanisms, although some security headers could be improved. Privacy compliance is evident with clear privacy and cookie policies and GDPR considerations. However, the absence of WHOIS data for the domain introduces a trust concern that should be addressed. Overall, the site is a credible and valuable resource for the ESSEC community.

E

emlyon alumni

emlyonforever.com

0

emlyon alumni is a professional community platform dedicated to the members of emlyon business school, providing networking, career support, events, and mentoring services. The website is well-branded, bilingual (French and English), and offers a variety of resources to alumni and partners. Technically, it uses modern web technologies including Vue.js, Google Analytics, and Google Maps API, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and SSO authentication, though some security headers and explicit policies are not evident. The absence of WHOIS data reduces transparency but the site content and branding suggest legitimacy. Overall, the platform supports a medium-sized educational community with a focus on engagement and career development.

E

EDHEC Business School

edhec.edu

0

EDHEC Business School is a prominent French higher education institution specializing in business and management education with campuses in Lille, Paris, Nice, and international locations. The website presents a comprehensive offering of degree programs including BBA, Grande École, Masters of Science, MBA, and Executive Education, targeting students, recruiters, and academic partners. The site is built on Drupal 11, employs modern web technologies, and integrates Google Tag Manager and a consent management platform (Axeptio) to address privacy compliance. Security posture is moderate with HTTPS usage but lacks visible security headers and explicit security policies. WHOIS data is missing, which raises concerns about domain registration transparency but does not detract from the professional presentation and trustworthiness of the site content. Overall, the website is well-designed, accessible, and professionally maintained, serving a large educational institution audience.

E

ESCP Alumni

escpalumni.org

0

ESCP Alumni is a well-established international alumni association for ESCP Business School graduates, offering a broad range of services including networking, career development, events, and community engagement. The website reflects a professional and consistent brand image, targeting alumni, students, and professionals connected to the school. The association maintains multiple international offices, indicating a large and global presence. Technically, the website employs modern web technologies such as jQuery, Bootstrap 5, and various JavaScript libraries for UI and user interaction. It uses HTTPS with hCaptcha for bot protection and cookie consent management, demonstrating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and integrates anti-bot measures. However, HTTP security headers are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the website is trustworthy, secure, and professionally managed. The lack of WHOIS data is due to privacy protection, which is reasonable for this type of organization. Strategic recommendations include enhancing HTTP security headers, publishing a security policy, and adding a vulnerability disclosure channel to further strengthen security posture.

P

Ponts Alumni

ponts.org

0

Ponts Alumni is a well-established non-profit alumni association for graduates of the École Nationale des Ponts et Chaussées in France. The organization provides a comprehensive range of services including networking, career support, business partnerships, events, and publications to its members worldwide. The website reflects a professional and consistent brand image targeting alumni, students, and partners. Technically, the site employs modern JavaScript libraries and frameworks, uses secure HTTPS connections, and integrates anti-bot measures such as hCaptcha. Privacy and cookie policies are clearly presented with GDPR compliance and user consent mechanisms. Security posture is strong with secure forms and CSRF protections, though some security headers could be improved. The WHOIS data is privacy protected, which is justified for this type of organization. Overall, the site is trustworthy, well-maintained, and serves its community effectively.

H

HEC Alumni

hecalumni.fr

0

HEC Alumni operates as the official alumni network for HEC Paris, serving over 80,000 graduates worldwide. The website provides a comprehensive platform for networking, career development, events, and lifelong learning, targeting alumni, students, and recruiters. The digital infrastructure leverages modern web technologies including Vue.js, Google Analytics, and various social media integrations, reflecting a mature digital presence. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are absent. The lack of WHOIS data introduces some uncertainty regarding domain registration legitimacy, but the website's professional content and affiliation with HEC Paris support its credibility. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations, making it a trusted resource for its community.

C

Centrale Méditerranée

centrale-marseille.fr

0

Centrale Méditerranée is a reputable French engineering school providing high-level scientific education from Bachelor to Doctorate levels, emphasizing responsible engineering, digital transformation, and international exposure. The institution maintains strong partnerships with academic and industry players and offers a broad range of programs including Grande École engineering, Bachelor, Masters, Doctorate, and continuing education. The website is professionally designed, well-structured, and accessible, reflecting the institution's commitment to quality education and research. Technically, the website is built on Drupal 10 CMS, utilizing modern JavaScript libraries such as Swiper.js for UI components and Matomo for privacy-respecting analytics. The site implements cookie consent management via tarteaucitron.js, indicating compliance with privacy regulations. Security headers and HTTPS are properly configured, enhancing the site's security posture. While the WHOIS data is not publicly available due to privacy protection, the website content and affiliations strongly indicate legitimacy. No critical security vulnerabilities or compliance gaps were detected. However, the site lacks explicit security policy and incident response information, which could be improved to enhance transparency and trust. Overall, Centrale Méditerranée's digital presence is robust, secure, and compliant, supporting its mission as a leading educational institution. Strategic recommendations include publishing a security policy, incident response contacts, and vulnerability disclosure information to further strengthen trust and security culture.

C

Centrale Méditerranée

centrale-mediterranee.fr

0

Centrale Méditerranée is a reputable French engineering school offering a range of educational programs from Bachelor to Doctorate levels, emphasizing high scientific standards, innovation, and international exposure. The institution maintains a strong market position with numerous international partnerships and a clear focus on research and professional training. Technically, the website is built on Drupal 10, employs modern JavaScript libraries such as Swiper.js, and uses Matomo for privacy-conscious analytics. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not published. Overall, the website reflects a trustworthy and professional educational institution with good privacy compliance and user experience.

E

emundi

emundi.fr

0

emundi is a French-based consulting and training company specializing in responsible digital transformation. It operates as part of the Ctrl-a group, a recognized pioneer in sustainable and accessible digital practices in France. The company offers services including digital maturity diagnostics, expert mobilization across various digital responsibility domains, operational project management, and training programs focused on eco-design, accessibility, AI responsibility, data protection, and sustainable procurement. The website reflects a professional and consistent brand image aligned with its mission to promote efficient, durable, and inclusive digital solutions. Technically, the website is built using modern web technologies such as Vue.js and ES modules, with optimized images and responsive design ensuring excellent performance and accessibility. However, there is no explicit CMS or hosting provider identified. The site lacks some security headers and cookie consent mechanisms, which are recommended for enhanced security and compliance. From a security perspective, the site uses HTTPS but does not display advanced security headers or incident response policies. No forms or sensitive data collection points are present on the homepage, reducing immediate risk. The WHOIS data is unavailable, which limits domain trust verification, but the affiliation with Ctrl-a and professional content provide positive legitimacy signals. Overall, emundi presents a trustworthy and professional digital presence with room for improvement in security headers, privacy compliance mechanisms, and transparency regarding security policies. The domain's WHOIS absence is a concern but does not outweigh the positive business and technical indicators observed.

T

Temesis

temesis.com

0

Temesis is a French consulting and training company specializing in digital accessibility, eco-design, and GDPR compliance. Positioned as a niche expert in responsible digital services, Temesis offers consulting, auditing, and training to organizations aiming to improve the inclusivity and environmental impact of their digital services. The company is part of the Ctrl-a group and holds the Qualiopi certification for training quality. The website is professionally designed, mobile-optimized, and accessible, reflecting the company's expertise in accessibility and responsible digital practices. Technically, the site is built using the Hugo static site generator, ensuring fast performance and modern web standards. However, no CMS or hosting provider details are evident, and no analytics or tracking scripts were detected, indicating a privacy-conscious approach. Security posture is moderate; while HTTPS is implied by the URL, no security headers or explicit security policies are found. The absence of privacy and cookie policies is a notable gap in compliance. WHOIS data is unavailable, which raises questions about domain registration legitimacy, though the website content and business information appear professional and trustworthy. Overall, Temesis presents a strong business and technical profile with room for improvement in privacy compliance and security transparency.

N

numerik-ea

numerik-ea.fr

0

numerik-ea is a French digital agency specializing in accessible web solutions, certified as an entreprise adaptée, emphasizing inclusion of people with disabilities in digital professions. Founded in 2016 and part of the ctrla group, it offers services including digital accessibility audits, website creation and redesign, content management, and marketing campaigns such as newsletters and SMS. The agency targets organizations seeking inclusive digital services and positions itself as a pioneer in accessible digital agency services in France. The website is professionally designed, mobile-optimized, and SEO-friendly, built on WordPress with modern plugins and themes. Security posture is good with HTTPS enforced, but lacks some security headers and explicit incident response policies. Privacy compliance is partially met with a clear privacy policy but no cookie consent mechanism. WHOIS data is unavailable, slightly reducing domain trustworthiness, but the professional presentation and client references support legitimacy. Overall, the site demonstrates a mature digital presence with room for security and privacy improvements.

S

Smart Agence

smartagence.com

0

Smart Agence is a French digital consulting agency specializing in UX design and digital transformation, founded in 2004. The agency offers a comprehensive range of services including digital strategy, UX research and design, and project animation, targeting businesses and organizations seeking to enhance digital engagement. Technically, the website is built using modern frameworks such as Next.js and React, with a WordPress backend for blog content, delivering fast performance and excellent mobile optimization. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response contacts are absent. Overall, the website presents a professional and trustworthy digital presence, though the lack of WHOIS data reduces domain trustworthiness. Strategic recommendations include publishing security and incident response policies and enhancing transparency around vulnerability disclosures.

R

Reims Légend’R

reims-legend-r.fr

0

Reims Légend’R is a regional promotional brand dedicated to enhancing the attractiveness and visibility of the Grand Reims territory in France. The website serves multiple audiences including tourists, businesses, students, and cultural participants by providing news, events, and resources related to economic development, culture, innovation, and tourism. Technically, the site is built on TYPO3 CMS and leverages modern JavaScript libraries such as jQuery, Photoswipe, and Slick Carousel, with Matomo analytics for user tracking and a robust cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and privacy controls in place, though some security headers and explicit incident response policies are absent. The WHOIS data is unavailable, which limits domain legitimacy verification, but the professional presentation and consistent branding suggest a trustworthy official entity. Overall, the site is well-structured, accessible, and provides valuable regional information with moderate tracking and good privacy practices.

Reims Campus is a city-supported platform dedicated to student life in Reims, France. It provides comprehensive information on education, housing, transport, health, student associations, and civic engagement. The website serves as a centralized hub for students to access resources and stay informed about local events and opportunities. The platform is positioned as a public service initiative backed by the city of Reims and Grand Reims, targeting students and young adults in the region. Technically, the website employs modern web technologies including Bootstrap 5 and Google Fonts, ensuring responsive design and good mobile optimization. The site is well-structured with clear navigation and professional design elements. However, there is no evidence of advanced CMS usage or analytics tools in the provided content. Performance is moderate, and accessibility features are basic but present. From a security perspective, the site uses HTTPS but lacks visible security headers and cookie consent mechanisms, which are important for compliance with EU regulations. No vulnerability disclosure or incident response information is published. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the official branding and content quality support trustworthiness. Overall, the website is a reliable and professional resource for its target audience but would benefit from enhanced security practices and privacy compliance measures to improve its risk posture and user trust.

L

La maison de l'habitat – Reims

lamaisondelhabitat-reims.fr

0

La Maison de l'Habitat – Reims is a community-focused organization providing housing services and support to residents of the Grand Reims territory. The website serves as an informational and service portal, offering assistance with housing procedures, renovation, and property accession. It targets a broad audience including youth, students, families, seniors, and professionals, positioning itself as a local government or non-profit entity dedicated to housing facilitation. Technically, the website is built on WordPress with common plugins such as LayerSlider and Contact Form 7, indicating a standard CMS infrastructure. The site is mobile-optimized and presents a professional design with clear navigation. Performance is moderate, and SEO practices are adequately implemented. However, some accessibility features could be improved. From a security perspective, the site uses HTTPS, but lacks visible security headers and does not provide explicit privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is present. The WHOIS data is missing, which reduces trust in domain legitimacy, although the website content and social media presence suggest a legitimate entity. Overall, the website is functional and professional but would benefit from enhanced security practices, privacy compliance documentation, and improved transparency regarding domain registration to strengthen trust and compliance.

R

Reims Tourisme et Congrès

reims-tourisme.com

0

Reims Tourisme et Congrès operates as the official tourism organization for the city of Reims, France, providing comprehensive visitor information, event promotion, and accommodation services. The website serves as a key digital platform to attract tourists and support local hospitality businesses, positioning itself as a trusted regional tourism authority. The business model focuses on destination marketing and cultural promotion, targeting tourists, event organizers, and local stakeholders. Technically, the website is built on WordPress with WooCommerce integration, leveraging modern web technologies such as Google Analytics, Matomo, and Rocket Lazy Load for performance optimization. The site demonstrates good mobile responsiveness and basic accessibility features, with a moderate performance profile. SEO and content quality are well managed, supporting effective visitor engagement. From a security perspective, the site enforces HTTPS and includes several security headers, reflecting a good security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information including a Data Protection Officer email. However, the absence of public WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, though the website content and branding strongly indicate a legitimate and professional operation. Overall, the website presents a low-risk profile with strong business credibility and adequate technical and security controls. Strategic recommendations include enhancing security headers, publishing a security.txt file, and improving accessibility to further strengthen trust and compliance.

F

Fondation Oeuvre Notre-Dame

oeuvre-notre-dame.org

0

The Fondation de l’Œuvre Notre-Dame website represents a well-established non-profit organization dedicated to the preservation and promotion of the Strasbourg cathedral, a cultural heritage site with historical significance dating back to the 13th century. The foundation offers educational resources, visitor experiences, and fundraising opportunities, positioning itself as a key player in cultural heritage preservation with UNESCO recognition. Technically, the website is built on WordPress with WooCommerce for e-commerce functionality, employs modern JavaScript libraries, and integrates privacy-focused cookie consent mechanisms. Security posture is strong with HTTPS and reCAPTCHA usage, though some security headers are not explicitly detected. The absence of explicit privacy policy and WHOIS data slightly reduces trust but does not undermine the overall professionalism and legitimacy of the site. No adult or questionable content is present, making it safe for general audiences.

V

Ville et Eurométropole de Strasbourg

strasapp.eu

0

StrasApp is an official mobile application developed for the residents and visitors of the City and Eurométropole of Strasbourg, France. It provides real-time access to municipal services, notifications, event agendas, and personalized dashboards to enhance daily life in the metropolitan area. The website serves as a promotional and informational portal linking to the app stores and official city resources. The business model is a public service offering free access to digital municipal services, positioning StrasApp as a key digital tool for local governance and citizen engagement. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Matomo analytics with a strong emphasis on privacy and consent management via Tarteaucitron.js. The site is mobile-optimized and accessible, with features such as contrast toggling to support users with disabilities. Hosting and analytics are managed through trusted providers, and the site maintains good SEO and performance standards. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms that comply with GDPR. However, explicit security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the official nature of the site, registered through a reputable registrar, and the site links to official social media and city domains, reinforcing trustworthiness. Overall, StrasApp's website demonstrates a high level of professionalism, privacy compliance, and user-centric design. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contact information to further strengthen trust and security posture.

O

Office eurométropolitain de tourisme, des loisirs et des congrès de Strasbourg

visitstrasbourg.fr

0

The website www.visitstrasbourg.fr serves as the official online presence of the Office eurométropolitain de tourisme, des loisirs et des congrès de Strasbourg, a public tourism office dedicated to promoting Strasbourg and its surrounding region. It provides comprehensive information on local attractions, events, leisure activities, and offers services such as the Strasbourg City Card. The site targets tourists, visitors, and event attendees, positioning itself as a key regional tourism resource. The business model is primarily informational and promotional, supported by public funding and tourism-related services. Technically, the website is built on the WordPress CMS platform, utilizing the Elementor page builder and several plugins including Rank Math SEO and GDPR cookie consent tools. The infrastructure supports modern web standards with responsive design, SEO optimization, and moderate performance. The site integrates tracking and analytics tools such as Google Analytics and Facebook Pixel, with user consent mechanisms in place to comply with GDPR. From a security perspective, the website enforces HTTPS, employs standard security headers, and implements cookie consent banners. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a security.txt file and explicit incident response contacts suggests room for improvement in vulnerability disclosure and incident management readiness. Overall, the website presents a professional, trustworthy, and user-friendly platform for tourism promotion. The lack of publicly available WHOIS data for the domain slightly reduces transparency but does not detract significantly from the site's legitimacy. Strategic recommendations include enhancing accessibility, publishing security policies, and establishing formal vulnerability disclosure channels to further strengthen security posture and user trust.

V

Ville et Eurométropole de Strasbourg

strasbourgaimesesetudiants.eu

0

The website 'Strasbourg aime ses étudiants' is a public service platform managed by the Ville et Eurométropole de Strasbourg, aimed at supporting and informing students studying in Strasbourg and its surrounding communes. It provides comprehensive information on housing, transport, cultural events, student aid, and integration activities. The platform is well-positioned as a local government initiative with strong partnerships and a clear target audience of students. Technically, the site is built on the Liferay CMS platform, utilizing modern web technologies such as React, Swiper.js, and Bootstrap, delivering a good user experience with mobile optimization and moderate performance. Security posture is solid with HTTPS enforcement and standard security headers, though it lacks explicit published security policies or incident response contacts. Privacy compliance is addressed with visible cookie consent mechanisms and links to privacy policies, reflecting good GDPR adherence. Overall, the site is trustworthy, professional, and serves its public service mission effectively.

S

Septeo Notaires

mondossiernotairepro.fr

0

Mondossiernotairepro.fr is a professional web portal operated by Septeo Notaires, designed to allow notaries and related professionals to track the progress of their dossiers. The platform offers services such as dossier tracking, document management, notifications, and appointment scheduling integration. The business targets professional users in the French real estate and notary sector, positioning itself as a niche SaaS provider with a medium-sized operation founded in 2017. The website is well-branded and consistent with the parent company Septeo, reflecting a focused business model serving the legal and real estate industry. Technically, the site uses modern web technologies including ASP.NET MVC, JavaScript, and CSS, hosted likely via DNSimple with a moderate performance profile. Mobile optimization and user experience are good, though accessibility features are basic. Security posture is adequate with HTTPS and anti-CSRF tokens implemented, but lacks some security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data is consistent and legitimate, supporting the trustworthiness of the site.

G

Genethon

genethon.com

0

Genethon is a medium-sized non-profit organization specializing in the research and development of gene therapy treatments for rare diseases, including neuromuscular, liver, immune system, and eye disorders. The organization is positioned as a leading European entity in this specialized healthcare sector, supported by partnerships with recognized institutes such as AFM-Telethon and the Biotherapies Institute for Rare Diseases. Their website reflects a professional and content-rich platform aimed at patients, researchers, and healthcare professionals. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Matomo analytics, ensuring good SEO and privacy-respecting user tracking. The site is mobile-optimized and provides a clear navigation structure. Cookie consent mechanisms are implemented in compliance with GDPR, enhancing user privacy and transparency. From a security perspective, the site enforces HTTPS and uses cookie consent banners but lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be investigated further. Overall, the website demonstrates a solid digital presence with good privacy and security practices but would benefit from enhanced transparency in security policies and verification of domain registration details.

H

Haut-Bailly

haut-bailly.com

0

Château Haut-Bailly is a renowned French winery specializing in Grand Cru Classé wines from the Pessac-Léognan appellation. The website showcases a premium brand with a focus on terroir, precision winemaking, and luxury hospitality services including vineyard tours, tastings, guest accommodations, private dining, and event hosting. The digital presence is well-developed with modern technologies such as WordPress CMS, Yoast SEO, and Google Tag Manager, ensuring good performance, SEO, and mobile responsiveness. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and policies are lacking. The absence of WHOIS registration data is a concern for domain legitimacy but does not detract from the professional presentation and trust signals on the site. Privacy compliance is partial, with cookie consent mechanisms but no clear privacy or cookie policy pages. Overall, the site is a high-quality digital asset for a luxury hospitality and wine business, with room for improvement in transparency and security documentation.

E

Ecedi

ecedi.fr

0

Ecedi is a French digital communication agency founded in 2001, specializing in responsible and ethical web communication services. The agency serves a diverse clientele including non-profits, public sector entities, and private organizations, emphasizing accessibility, social inclusion, and eco-design in its projects. Ecedi is part of the Ctrl-a group, which includes several partner agencies. The website demonstrates a mature digital presence with comprehensive service offerings ranging from strategy and conception to production and maintenance, supported by a modern technology stack including Drupal, WordPress, and various web frameworks. Technically, the website employs modern web technologies and frameworks, with good mobile optimization, accessibility, and SEO practices. The use of FriendlyCaptcha for form protection and Matomo for analytics indicates a focus on privacy and security. However, explicit security headers and cookie consent mechanisms are not evident, suggesting areas for improvement in security posture and privacy compliance. From a security perspective, the site uses HTTPS and anti-bot measures but lacks visible security headers and an incident response policy. The WHOIS data is unavailable, which reduces domain registration trustworthiness, though the website content and business information appear legitimate and professional. Overall, the site scores well on content quality and business credibility but should enhance security and privacy features. Strategically, Ecedi should focus on improving security headers, publishing a security policy, and implementing explicit cookie consent to strengthen compliance and trust. The agency's strong market position in responsible digital communication and its reputable client base provide a solid foundation for growth and enhanced digital maturity.

A

Advency

advency.fr

0

Advency is an independent French digital agency specializing in Drupal-based web development, mobile applications, and custom digital solutions. Founded in 2013 and based in Toulouse and Paris, the agency offers a comprehensive suite of services including UX/UI design, maintenance, hosting, and strategic consulting. Their client portfolio includes notable organizations such as Météo France and Airbus, indicating a strong market position in the technology sector. The website reflects a professional and user-centric approach with rich content and clear navigation.

S

Septeo Notaires

mondossiernotaire.fr

0

Mondossiernotaire.fr is a professional client portal operated by Septeo Notaires, providing French notary clients with a platform to track the progress of their dossiers. The website offers services such as document upload/download, notifications, and appointment scheduling, targeting individuals engaged in real estate and notarial processes. The domain is well-established since 2016, indicating a mature presence in its niche market. Technically, the site is built on ASP.NET MVC with a modern JavaScript stack including jQuery and FontAwesome. It employs HTTPS with anti-forgery tokens for secure login forms, demonstrating a good baseline security posture. However, the absence of explicit security headers and privacy/cookie policies suggests room for improvement in compliance and defense-in-depth. Security-wise, the site shows moderate maturity with secure form handling and encrypted connections but lacks visible incident response contacts or vulnerability disclosure mechanisms. The use of Google Analytics indicates moderate user tracking, but privacy compliance is limited due to missing policies. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced privacy disclosures, security headers, and clearer contact information to improve compliance and user trust.

L

Les Authentiques Vignerons de Mardeuil

vigneronsmardeuil.fr

0

Les Authentiques Vignerons de Mardeuil is a collective of local winemakers in Mardeuil, France, offering visitors the opportunity to discover and taste their champagnes throughout the year. The website serves as a platform to showcase individual winemakers, their locations, opening hours, and services such as tastings and vineyard visits. The business targets wine enthusiasts and tourists interested in authentic local wine experiences. Technically, the website uses modern web technologies including JavaScript and CSS, is mobile optimized, and employs HTTPS with valid SSL certificates. However, it lacks some security headers and privacy compliance documentation such as privacy and cookie policies. The absence of WHOIS data limits domain trust assessment, but the site content and contact information appear professional and consistent with a small local business. Overall, the site demonstrates a moderate level of digital maturity with room for improvement in security and compliance.