Security Directory

C

Center for Technology & Society

cts.wien

0

The Center for Technology & Society (CTS) is an inter-university and interdisciplinary cooperation platform based in Vienna, Austria, involving prominent academic institutions such as TU Wien, FH Campus Wien, FH Technikum Wien, and Universität Wien. It focuses on research, teaching, and societal engagement addressing technological and social challenges like climate change and digital transformation. The platform supports researchers, students, and societal stakeholders through networking, coordination, and participatory approaches. Technically, the website is built using the Hugo static site generator and leverages multiple JavaScript libraries including jQuery, Bootstrap, and Leaflet for interactive maps. However, the site suffers from a lack of HTTPS security, with no valid SSL certificate and no modern TLS protocols enabled, which significantly impacts its security posture. The site also lacks privacy and cookie policies, which affects compliance with data protection regulations. Performance is slow with a high load time and large page size, though mobile responsiveness and navigation are well implemented. Overall, the site presents a professional academic presence but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

V

Vysoké učení technické v Brně

zvut.cz

0

Vysoké učení technické v Brně (Brno University of Technology) operates the website zvut.cz as a news portal focused on university-related news, research, and events. The site targets students, faculty, researchers, and the general public interested in academic and technological developments. The university is a large, well-established educational institution in the Czech Republic with a strong market position in technical education. Technically, the website uses a custom CMS with technologies such as nginx, jQuery, Bootstrap, and Google Tag Manager. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are present but insufficient to compensate for the lack of proper TLS encryption. Privacy and cookie policies are not found, indicating potential compliance gaps. Contact information is limited to an email and physical address in the footer, with no phone numbers or dedicated contact forms. Overall, the site is professionally designed with good content relevance and navigation but requires urgent improvements in security and privacy compliance.

M

Mines Plus

mines-plus.org

0

Mines Plus is an alumni association website serving graduates of the Mines d'Albi, Alès, and Douai engineering schools in France. It offers networking, career services, event information, and regional group management for its members. The site targets alumni, students, and recruiters connected to these institutions. Technically, the website uses a custom CMS with a PHP/Apache backend and front-end technologies including jQuery, Bootstrap, and various JavaScript libraries. It integrates cookie consent management and social login options. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, and no TLS protocols are enabled, which severely impacts secure HTTPS access. Security headers are well implemented, but the lack of proper SSL/TLS undermines overall security. Privacy compliance is addressed with a cookie policy and consent mechanism, but no explicit privacy policy or terms of service pages are clearly found. Contact information is limited to an email address in the footer and a contact page link, with no phone numbers or physical addresses visible. Overall, the site is functional and professionally designed but requires urgent security improvements to protect user data and trust.

V

Veterans United Insurance

veteransunitedinsurance.com

0

Veterans United Insurance is a specialized insurance provider focused on serving Veterans and service members across the United States. The company offers a range of insurance products including homeowners, auto, life, bundled policies, and specialty vehicle insurance. Positioned as a trusted partner in the veteran community, it leverages partnerships with reputable insurance carriers to provide competitive rates and personalized service. The website reflects a professional and consistent brand image with clear navigation and strong trust indicators such as verified customer reviews and partner logos. Technically, the website is built on WordPress using the Salient theme and WPBakery page builder, incorporating modern JavaScript libraries and Google Tag Manager for analytics. However, performance data is missing, and the site lacks a valid SSL certificate, which is a critical security concern. Mobile optimization and SEO appear well implemented, but accessibility features are basic. Security posture is weak due to the absence of HTTPS, modern TLS protocols, and security headers like HSTS. No explicit security policies or incident response information are provided. Privacy compliance is partial with a comprehensive privacy policy present but no cookie consent mechanism detected. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling security headers, and adding cookie consent to improve privacy compliance.

F

future-iot.org

future-iot.org

0

future-iot.org is an academic and research-focused website that serves as an umbrella platform for activities related to the Internet of Things, co-organized by teams at IMT Atlantique, TU München, and other academic partners. It primarily targets researchers, PhD students, and industry collaborators interested in IoT and security. The site offers information about summer schools, research projects, and educational resources. Technically, the website is built on WordPress and hosted on Contabo servers, utilizing common web technologies such as Apache and jQuery. However, it lacks HTTPS support, which is a critical security deficiency. The absence of cookie consent mechanisms and limited privacy compliance further reduce its security posture. Overall, the website provides good content quality and user experience but requires significant improvements in security and privacy to meet modern standards.

A

aven.com

aven.com

0

The website aven.com is currently inaccessible for meaningful content analysis due to Cloudflare Web Application Firewall (WAF) protection mechanisms that block or limit content delivery. The landing page contains minimal HTML with no visible business information, policies, or contact details. The technical infrastructure relies on AWS CloudFront CDN and Cloudflare, but the SSL/TLS configuration is critically deficient with no valid certificate and no supported TLS protocols, resulting in insecure connections. Security headers are partially implemented but some are misconfigured or disabled, such as the X-XSS-Protection header. No privacy, cookie, or terms of service policies are present, and no forms or user input fields are detected. The site integrates some marketing and advertising tools but lacks analytics scripts or detailed tracking disclosures. Overall, the site’s security posture is poor, and the lack of HTTPS is a critical vulnerability. Due to WAF blocking, the content quality and business credibility cannot be assessed, resulting in a low overall AI score.

T

Technische Universität Wien

tuwien.at

0

Technische Universität Wien (TU Wien) is a leading technical university in Austria, providing comprehensive education, research, and cooperation services primarily in the technology and engineering sectors. The website reflects a mature digital presence with a professional design, clear navigation, and strong accessibility and privacy compliance measures. However, the security posture is weakened by the absence of a valid SSL/TLS certificate and lack of modern TLS protocol support, which poses significant risks to user data confidentiality and trust. The university employs TYPO3 CMS and integrates multiple analytics and marketing tools, demonstrating a high level of digital maturity but with room for security improvements. Overall, the website is content-rich and trustworthy but requires urgent remediation of its SSL configuration to meet modern security standards.

Jönköping University is a large, well-established educational institution in Sweden with a strong international profile, offering higher education programs, research activities, and collaboration opportunities. The website reflects a professional and consistent brand with good content quality and user experience, targeting students, researchers, and academic partners. Technically, the site uses SiteVision CMS with React frameworks and integrates modern analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Adform. However, the website suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in a basic SSL configuration and lack of HTTPS enforcement. This significantly impacts the security posture and overall trustworthiness of the site. Privacy compliance is strong, with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Contact information and social media presence further enhance business credibility.

L

LUT-yliopisto

lut.fi

0

LUT-yliopisto is a Finnish university focused on solving global challenges through expertise in technology, economics, and social sciences. It holds a strong market position, ranked among the top 300 universities worldwide and recognized for climate action. The university offers comprehensive education programs, research projects, and collaboration opportunities with industry and startups. The website is well-designed, content-rich, and professionally presented, targeting students, researchers, and business partners. Technically, the site is built on Drupal 10 and uses modern web technologies, but lacks SSL/TLS encryption, which is a critical security flaw. Privacy policies and cookie consent mechanisms are implemented, reflecting good GDPR compliance. However, the absence of HTTPS significantly undermines the security posture, exposing users to risks. Strategic recommendations include immediate SSL implementation, enhanced security headers, and improved incident response visibility to strengthen trust and compliance.

Ε

ΕΘΝΙΚΟ ΜΕΤΣΟΒΙΟ ΠΟΛΥΤΕΧΝΕΙΟ

ntua.gr

0

The National Technical University of Athens (NTUA) is a leading public educational institution in Greece, specializing in engineering and technical education. The website serves as the official digital presence of NTUA, providing comprehensive information about its mission, history, academic schools, study programs, research activities, news, events, and services for students and staff. It targets students, researchers, academic personnel, and the general public interested in the university's offerings and updates. The business model is that of a public university focused on education and research services, with a strong market position as a top technical university in Greece.

T

Three Creeks Media

threecreeksmedia.com

0

Three Creeks Media is a small media company specializing in consumer education about mortgages, real estate, personal finance, and veteran benefits. They operate notable brands such as The Military Wallet and Veteran.com and maintain partnerships with established publishers like Military.com and Mortgage Research Center. The website is built on WordPress with modern themes and plugins, optimized for SEO and mobile responsiveness. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site presents professional content and branding but requires urgent security improvements to protect user data and enhance trust.

A

AFTES - Association Française des Tunnels et de l'Espace Souterrain

aftes.fr

0

AFTES is a French non-profit association specializing in the field of tunnels and underground spaces, representing all trades involved in the design and construction of such infrastructures. The organization provides a range of services including training, publications, events, and working groups to advance knowledge and techniques in underground construction. The website is professionally designed, targeting industry professionals and organizations in transportation and energy sectors. Technically, the site is built on WordPress with Elementor and WooCommerce, hosted on OVH, and uses various modern web technologies and analytics tools. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a significant security concern. Cookie consent and privacy policies are well implemented, reflecting good GDPR compliance. Overall, the site is content-rich and trustworthy but requires urgent improvements in its security posture.

A

Association Française du génie Parasismique

afps-seisme.org

0

The Association Française du génie Parasismique (AFPS) is a French non-profit organization dedicated to seismic engineering, risk prevention, and post-earthquake response. The website serves as a comprehensive resource for professionals and members involved in seismic risk management, offering detailed information on missions, training, publications, and events. The association maintains partnerships with governmental bodies and other organizations, reinforcing its position as a key player in seismic risk mitigation in France. Technically, the website is built on Drupal 7 with a range of JavaScript libraries for UI and interactivity, hosted on OVH infrastructure. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, exposing it to security risks. Security headers are minimal but present, and a cookie consent mechanism compliant with GDPR is implemented. Overall, the site provides good content quality and professional presentation but requires urgent security improvements to protect user data and enhance trust.

I

IMT Mines Alès Alumni

mines-ales.org

0

IMT Mines Alès Alumni operates as a non-profit alumni association dedicated to serving graduates, students, and recruiters associated with IMT Mines Alès. The website provides comprehensive services including networking, career support, event management, and community engagement. It maintains a strong presence on social media and integrates multiple partner organizations, reflecting a well-established position within the French educational sector. The content is professionally presented in French, targeting alumni and related stakeholders. Technically, the website is built on a custom CMS platform with a technology stack including Apache, PHP, jQuery, Bootstrap, and various JavaScript libraries. While the site is mobile-optimized and SEO-friendly, performance metrics indicate slow loading times. The hosting appears to be with OVH, and the site uses several third-party services for analytics, cookie consent, and anti-bot measures. From a security perspective, the site implements several important HTTP security headers and a content security policy. However, the absence of a valid SSL certificate and lack of TLS protocol support significantly weaken its security posture. Cookies are set with secure and HttpOnly flags, and forms include anti-bot protection via hCaptcha. Privacy compliance is strong, with clear cookie and privacy policies and GDPR adherence. Overall, the site is functional and professional but requires urgent improvements in SSL/TLS configuration to enhance security and user trust. Addressing these issues will improve the security score and overall risk profile, ensuring better protection for users and data integrity.

I

IMT Nord Europe Alumni

imt-lille-douai.org

0

IMT Nord Europe Alumni is a French non-profit alumni association serving graduates and students of IMT Nord Europe. The website provides a comprehensive platform for alumni networking, career services, events, and publications. It targets alumni, students, recruiters, and partners, positioning itself as a key community hub for the institution's graduates. The site is professionally designed with consistent branding and good content relevance, supporting a medium-sized organization in the education sector. Technically, the website uses a traditional LAMP stack with Apache and PHP, enhanced by modern JavaScript libraries such as jQuery, Bootstrap, and TinyMCE. The site is mobile-optimized and includes accessibility and SEO best practices, although performance is moderate. Hosting appears to be on a standard provider with no advanced CDN or cloud infrastructure detected. From a security perspective, the site implements several important HTTP security headers and a comprehensive Content Security Policy. However, it lacks a valid SSL certificate and proper TLS configuration, which is a critical vulnerability impacting user trust and data security. Cookie consent and privacy policies are implemented, indicating good privacy compliance, but no explicit security policy or incident response information is available. Overall, the site is functional and professional but requires urgent improvements in SSL/TLS deployment and security posture to protect user data and maintain trust. Strategic enhancements in incident response and vulnerability disclosure policies would further strengthen its security maturity.

L

Le réseau des Carnot

lereseaudescarnot.fr

0

Le réseau des Carnot is a French research network dedicated to fostering innovation and R&D partnerships between research institutes and enterprises. The website serves as a portal for news, events, and information about the 39 Carnot institutes across France, targeting businesses and research stakeholders. The platform is built on Drupal 10 and includes features such as a cookie consent mechanism and social media integration. However, the site lacks a valid SSL certificate, which severely impacts its security posture and user trust. The absence of explicit privacy and security policies further limits compliance with GDPR and other regulations. Technically, the site shows moderate performance and basic mobile optimization but requires improvements in security configurations and modern web standards. Overall, the site is functional and informative but needs urgent security upgrades and enhanced privacy compliance to improve trust and protect user data.

E

EULiST

eulist.university

0

EULiST is a European university alliance focused on linking society and technology through interdisciplinary research, education, and innovation. It serves students, researchers, and academic staff across multiple European partner universities, promoting values such as equality, inclusion, and open science. The website is built on WordPress and uses common web technologies and analytics tools. However, it suffers from critical security shortcomings including the absence of a valid SSL certificate and HTTPS support, lack of security headers, and missing privacy and cookie policies. These issues expose the site to risks and compliance gaps, particularly under GDPR. The site content and design are professional and well-structured, but performance is slow due to a large number of resources. Overall, the site demonstrates moderate business credibility but requires urgent security and privacy improvements to enhance trust and compliance.

The website themilitarywallet.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) security challenge page that blocks content delivery until JavaScript and cookies are enabled. As a result, no actual business content, metadata, or contact information is available for analysis. The site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security issue. Security headers are present but cannot compensate for the lack of proper SSL configuration. Due to the WAF blocking, performance and technical details are minimal and incomplete. Overall, the site cannot be properly assessed for privacy compliance, business credibility, or content quality under these conditions.

I

Intermines

inter-mines.org

0

Intermines is a French alumni network platform serving graduates from Mines Paris, Mines Saint-Etienne, and Mines Nancy engineering schools. It provides career services, networking opportunities, publications, and group activities to its members. The website is primarily in French and targets alumni and recruiters associated with these institutions. The platform is built on the AlumnForce CMS and uses various JavaScript libraries and APIs including Backbone.js, YUI, Google Maps, and Google Charts. While the site offers rich content and a consistent brand experience, it suffers from technical issues such as an invalid SSL certificate and slow page load times, which impact its security posture and user experience. Privacy and cookie policies are present with consent mechanisms, but no explicit security or incident response policies are found. Social media presence is strong, enhancing community engagement.

I

IMT Mines Albi-Carmaux Alumni

mines-albi.org

0

IMT Mines Albi-Carmaux Alumni operates as a non-profit alumni association serving graduates, students, and recruiters connected to the IMT Mines Albi-Carmaux engineering school in France. The website provides comprehensive services including news updates, event management, career resources, and an extensive alumni directory with nearly 40,000 registered members. The platform targets alumni and community members seeking networking and professional development opportunities. Technically, the website employs a traditional tech stack with jQuery, Bootstrap, slick carousel, and integrates hCaptcha for form security and tarteaucitron.js for cookie consent management. However, the site suffers from a critical lack of valid SSL/TLS certificates, resulting in no HTTPS support and no modern TLS protocols enabled, which significantly undermines its security posture. Despite this, the site maintains GDPR compliance through cookie consent and privacy policies, and offers a good user experience with clear navigation and responsive design. The overall risk is moderate due to security gaps, particularly the absence of HTTPS and security headers, which should be prioritized for remediation.

F

Fondation Inria

fondation-inria.fr

0

Fondation Inria is a French non-profit foundation dedicated to supporting research and innovation projects that leverage digital technologies to address major societal challenges such as health, environment, education, and trust in society. The foundation acts as a bridge between academia, industry, and civil society, facilitating partnerships and fundraising to drive impactful digital transformation. The website reflects a professional and consistent brand presence with clear messaging targeting donors, partners, and the academic community. Technically, the site is built on WordPress with React and jQuery, optimized for SEO with Yoast, but suffers from slow load times and lacks a valid SSL certificate, which impacts security posture. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are publicly available. Social media presence is active on LinkedIn, Twitter, and YouTube, supporting engagement and transparency.

Inria Alumni operates as a professional network dedicated to current and former members of Inria, a French national research institution. The platform facilitates community engagement, career development, and information sharing through features such as a member directory, job board, events calendar, and news articles. The website targets researchers, alumni, and partners within the technology and education sectors in France. The business model centers on membership with free registration and partner accounts, positioning itself as a niche network within the research community. The site branding is consistent and leverages official Inria identity elements, enhancing trust and recognition.

R

Rassemblement Annuel Philanthropique

raphilanthropique.ca

0

Rassemblement Annuel Philanthropique is a small non-profit organization focused on organizing an annual philanthropic event in Quebec, Canada. The event targets professionals and stakeholders in the philanthropic sector, offering workshops, conferences, and networking opportunities. The website is built on WordPress using Elementor and Bootstrap frameworks, with SEO optimized via Yoast plugin. However, the site suffers from critical security issues including lack of HTTPS and security headers, which significantly impacts its security posture. Performance is slow, and while the site is mobile optimized and content-rich, it lacks privacy compliance mechanisms such as cookie consent banners. Overall, the business presents a professional image but must urgently address security and privacy compliance gaps.

E

ESCP Business School

escp.eu

0

ESCP Business School is a prestigious, top-ranked European business school established in 1819, operating a unique multi-campus model across six European cities. It offers a broad portfolio of degree programs including Bachelor, Master in Management, MBA, Executive MBA, specialized Masters, doctoral programs, and executive education. The school targets students, professionals, and corporate clients seeking high-quality business education and leadership development. Technically, the website is built on Drupal 10, hosted on Amazon AWS infrastructure, and integrates numerous modern web technologies and marketing analytics tools. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. The site employs extensive tracking and advertising scripts, managed via a consent platform, indicating a mature marketing approach but raising privacy considerations. Overall, the website is professionally designed with excellent content quality and user experience but requires urgent security improvements to enable HTTPS and implement security headers to protect user data and enhance trust.

F

Fondation des Ponts

fondationdesponts.fr

0

Fondation des Ponts is a French non-profit foundation dedicated to supporting the École des Ponts ParisTech by promoting diversity, providing scholarships and loans, and encouraging entrepreneurship among students. The foundation operates primarily through donations and partnerships, targeting donors, students, and educational stakeholders. The website is built on WordPress with a standard technology stack including WPBakery, jQuery, and Sendinblue for marketing automation. While the site is content-rich and professionally designed with good navigation and mobile optimization, it suffers from a critical security issue: the absence of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. Additionally, no explicit privacy policy or terms of service pages were found, though a cookie consent banner is present. Social media presence is strong, enhancing business credibility. Overall, the site scores moderately on content and business credibility but poorly on security due to missing HTTPS and security headers.

Security assessment completed with an overall score of 50/100 (unknown risk). 1 critical issues require immediate attention. Total of 9 security findings identified across all modules.

E

ESCP Business School

escpeurope.eu

0

ESCP Business School is a prestigious, top-ranked European business school established in 1819, offering a wide range of degree programs including bachelor, master, MBA, executive education, and doctoral programs across six European campuses. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content targeting students and professionals seeking business education. Technically, the site is built on Drupal 10 with modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager and Consent Manager. However, the security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which significantly impacts the overall security score. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS implementation to secure user data and improve trust.

Maison des Ponts is a small non-profit alumni association based in Paris, France, providing a prestigious venue for its members and hosting professional and private events. The website presents clear business information, contact details, and partner organizations, targeting alumni and event clients. Technically, the site uses common web technologies such as Apache, jQuery, and hCaptcha but lacks modern security configurations, notably missing HTTPS and security headers, which critically impacts its security posture. The absence of privacy and cookie policies further reduces compliance confidence. Overall, the website is functional with good content quality and navigation but requires urgent security improvements to protect user data and enhance trust.

A

Amicale des Ingénieurs Généraux des Ponts, des Eaux et des Forêts

aigpef.org

0

The website aigpef.org represents the Amicale des Ingénieurs Généraux des Ponts, des Eaux et des Forêts, a French professional association focused on engineers from the IPEF corps. It provides member services including a directory, events, publications, and a private member area. The site targets members and alumni of this engineering corps and operates as a small non-profit entity within the government/association sector. Technically, the site uses a traditional LAMP stack with Apache, PHP, jQuery, and Bootstrap, and is likely hosted by OVH. While the site has a professional design and good content quality, it suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no HTTPS support. This severely impacts the security posture and trustworthiness of the site. Security headers and cookie consent mechanisms are well implemented, and analytics tools like Google Analytics and Hotjar are used with privacy compliance in mind. Overall, the site is functional and professional but requires urgent SSL remediation to improve security and user trust.

U

Union des Ingénieurs des Ponts, des Eaux et des Forêts

unipef.org

0

UnIPEF is a French professional association serving engineers specialized in civil engineering, water management, and forestry sectors. It offers membership services including networking, career support, events, and publications. The website is well-structured, content-rich, and targets primarily French-speaking engineering professionals. The association maintains partnerships with several related organizations and provides multiple channels for member engagement.

H

HEC Stories

hecstories.fr

0

HEC Stories is an online media platform dedicated to the alumni and students of HEC Paris, offering inspiring stories, interviews, and insights on business, sustainable development, and entrepreneurship. The website serves a niche audience connected to the HEC ecosystem and provides content in multiple formats including articles, podcasts, videos, and newsletters. The business model appears to be based on content publishing with subscription and advertising revenue streams. Technically, the site is built on WordPress with WooCommerce and uses popular plugins such as Yoast SEO and Cookiebot for SEO and privacy compliance. Hosting is provided by OVH, a reputable French hosting provider. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS support, which undermines user trust and data security. The site implements cookie consent mechanisms and integrates Google Analytics for user tracking, indicating moderate privacy compliance. Social media presence is strong, enhancing community engagement and trust. Overall, the site is professionally designed with good content quality but requires urgent security improvements to meet modern standards.

S

Sciences Po Alumni

emilemagazine.fr

0

Émile Magazine is a French non-profit media publication operated by Sciences Po Alumni, targeting the alumni community and readers interested in political and social analysis. The website serves as an online extension of the quarterly print magazine, offering articles, interviews, and portfolios contributed by journalists, researchers, and alumni. The business model focuses on community engagement and content dissemination without evident commercial sales or e-commerce. Technically, the website is built on the Squarespace platform, leveraging its CMS and hosting services. The site uses Google Analytics and Tag Manager for visitor tracking and Typekit for fonts. However, the site suffers from slow performance due to a large page size and many resources. Mobile optimization is good, but accessibility features are basic. From a security perspective, the site lacks a valid SSL certificate and does not serve content securely over HTTPS. No security headers or email authentication DNS records (DMARC, SPF) are configured, exposing the site to potential risks. Privacy and cookie policies are absent, indicating poor compliance with GDPR and related regulations. Overall, the site is content-rich and professionally designed but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

A

AlumnForce

alumnforce.com

0

AlumnForce is a French-based company providing a comprehensive SaaS platform for managing alumni networks, career centers, mentoring programs, and corporate alumni solutions. The company is well-positioned in the education sector with over 350 client networks and a strong market presence supported by partnerships and client testimonials. Technically, the website is built on WordPress with Elementor and integrates multiple marketing and analytics tools such as HubSpot, Matomo, and Google Tag Manager. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, which poses a significant risk. Privacy compliance is partial with cookie consent mechanisms but no explicit privacy policy found. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

S

Sweet Punk

sweetpunk.com

0

Sweet Punk is a medium-sized creative agency based in France with offices in Paris and Montpellier. It operates as part of the Ekstend Group and offers a comprehensive suite of branding, digital marketing, advertising, and content production services. The agency has a strong market position supported by multiple industry awards and a diverse client portfolio. Technically, the website is built on WordPress with modern marketing and analytics tools integrated, but suffers from critical security shortcomings due to the lack of a valid SSL certificate and absence of HTTPS, which significantly impacts its security posture. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by clear contact information, professional content, and trust signals such as awards and client logos.

B

Banque Commune d'Épreuves (BCE)

concours-bce.com

0

The Banque Commune d'Épreuves (BCE) website serves as the official portal for organizing and managing entrance exams to 18 major French business schools and 3 associated schools. Operated by the Direction des Admissions et Concours of the CCI Paris-Ile-de-France, it targets prospective students seeking access to prestigious management programs. The site provides comprehensive information on exam schedules, registration, and candidate resources, positioning itself as a key educational service provider in France. Technically, the website is built on Drupal 10 with Bootstrap and FontAwesome, featuring modern UI components and a cookie consent mechanism compliant with GDPR. However, the absence of HTTPS and security headers significantly undermines its security posture, exposing users to potential risks. Performance is notably poor with a high load time and large page size, which could impact user experience. Privacy compliance is well addressed through explicit policies and consent management, and analytics are handled via privacy-focused Matomo Cloud. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

I

Isadmission

isadmission.com

0

Isadmission is a French-based company specializing in digital solutions for managing student admission contests, targeting educational institutions. The website presents a professional and well-structured platform built on WordPress with modern plugins and tools, offering a good user experience and clear navigation. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts security posture. The site implements basic privacy compliance measures including cookie consent and a privacy policy, but lacks advanced security policies or incident response information. Overall, the business appears credible with testimonials and social media presence, but the security shortcomings pose risks that should be addressed promptly.

杉山労務管理事務所 is a small, regionally focused social insurance labor consultant office based in Saitama Prefecture, Japan. The company provides labor management services including labor risk assessment, employment regulation creation and revision, and support for administrative investigations. Their target audience is primarily small to medium businesses in the Kanto region. The website content is primarily in Japanese and offers free labor risk diagnostic tools via external links. Technically, the website is basic with no CMS detected, minimal JavaScript and CSS usage, and no advanced frameworks. Performance data is missing but inferred slow. Critically, the site lacks HTTPS support and a valid SSL certificate, exposing users to security risks. No privacy or cookie policies are present, and no security best practices such as security headers or incident response information are published. Contact information is clearly provided including phone, email, physical address, and a contact form embedded via iframe. Overall, the site is functional but lacks modern security and privacy compliance measures, which significantly impacts trust and security posture.

L

Le réseau des Carnot

instituts-carnot.eu

0

Le réseau des Carnot is a French network of research institutes dedicated to fostering innovation for enterprises through R&D partnerships and technology transfer. The website serves as an information hub for news, events, and resources related to the 39 affiliated Carnot institutes. The target audience primarily includes businesses seeking research collaborations and innovation support. Technically, the site is built on Drupal 10 with Apache hosting, utilizing jQuery and tarteaucitron.js for cookie consent management. Despite good content quality, mobile optimization, and accessibility, the site critically lacks HTTPS, exposing it to security risks and undermining user trust. Security headers are partially implemented, but the absence of SSL/TLS and modern protocols significantly lowers the security posture. Privacy compliance is basic, with a cookie consent mechanism present but no explicit GDPR compliance indicators or detailed privacy policy. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance credibility.

I

Institut Mines-Télécom

mines-telecom.fr

0

Institut Mines-Télécom is the leading public group of engineering and management Grandes Écoles in France, providing education, research, and innovation services focused on industrial, digital, energy, and ecological challenges. The website reflects a mature digital presence with professional design, multilingual support, and strong SEO integration. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL/TLS certificate and lack of HTTPS, which severely impacts the security posture. While privacy and cookie policies are well implemented and GDPR compliant, the site lacks explicit security policies and incident response information. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

N

Neoweb

neoweb.fr

0

Neoweb is a French digital agency established in 2004, specializing in custom web and mobile application development, consulting, and accessibility services. The company targets startups, enterprises, and institutions primarily in Lille and Paris, leveraging technologies such as React, Symfony, WordPress, and Directus. Their website reflects a mature digital presence with professional design, rich content, and structured data enhancing SEO and user experience. Technically, the site is built on WordPress with Elementor and Gravity Forms, incorporating modern JavaScript libraries and optimization tools like WP Rocket. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support and lack of modern TLS protocols, which significantly impacts the site's security posture. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. Overall, the site demonstrates strong business credibility and technical maturity but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

I

IMT Nord Europe Alumni

imt-nord-europe.org

0

IMT Nord Europe Alumni is a French non-profit alumni association serving graduates, students, and recruiters affiliated with IMT Nord Europe. The website offers a comprehensive platform for alumni networking, career services, events, and publications, supported by a large member base. Technically, the site uses a modern JavaScript stack with libraries such as jQuery, Bootstrap, and slick-carousel, and integrates security features like hCaptcha and GDPR-compliant cookie consent. The SSL configuration is valid but could be improved with HSTS and stronger DMARC policies. Overall, the site is professional and trustworthy but has room for performance and security enhancements.

U

Université de Lyon

universite-lyon.fr

0

Université de Lyon is a public academic consortium coordinating 10 member universities and 25 associates in the Lyon-Saint-Étienne academic site. The website serves students, researchers, academic staff, and international scientists by providing information on education, research programs, innovation, entrepreneurship, and campus life. The site is well-branded, professionally designed, and offers clear navigation with a focus on academic and research content. Technically, the site uses JavaScript, jQuery, and AT Internet analytics, hosted likely on academic infrastructure with a valid SSL certificate. Security posture is adequate with no major vulnerabilities detected, though improvements such as enabling HSTS and DNSSEC are recommended. Privacy compliance is basic with a cookie consent mechanism but no explicit privacy policy found in the analyzed content. Overall, the website is a credible and trustworthy source for academic information in the region.

Eudonet is a technology company specializing in CRM software solutions, targeting subscribers and clients primarily in France with additional presence in Canada and the UK. The website analyzed is a secure login portal for Eudonet CRM subscribers, offering multi-language support and user authentication features. The business model centers on SaaS CRM services with a focus on client account management. Technically, the site runs on Microsoft IIS with ASP.NET and uses XHTML transitional markup. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are partially implemented, but the absence of TLS protocols and certificate transparency compliance significantly weakens the security posture. Privacy and cookie policies are not present, and no contact or business information is provided on this login page, limiting transparency and compliance indicators. Overall, the site demonstrates moderate business credibility and good content quality but suffers from poor security and privacy compliance.

Logilys is a small Canadian technology company specializing in the development and distribution of specialized management software solutions, including PRODON for donation and donor management, PROLOC for leisure, sports, and culture management, and PROLYS for project and client relationship management. The company targets organizations requiring tailored software solutions primarily in Quebec, Canada. Their market position is niche with a focus on specialized software for non-profit and cultural sectors. Technically, the website uses modern frontend technologies such as Bootstrap and jQuery, with Google Tag Manager for analytics. However, the site lacks a valid SSL certificate, resulting in HTTP-only access, which negatively impacts security posture and user trust. Performance is slow with a high page load time, though mobile optimization and SEO are reasonably good. Security-wise, the company holds a COCD certification for its PRODON software, indicating a commitment to security in their product offerings, but the website itself lacks HTTPS, security headers, and cookie consent mechanisms. Privacy compliance is basic with a privacy policy present but no cookie banner or GDPR-specific indicators. Contact information is clearly provided with phone numbers and a physical address in Rimouski, Quebec. Overall, the website is professional and informative but requires significant improvements in security and privacy compliance to enhance trust and protect users.

S

Site not installed - OVHcloud

carnot-mines.eu

0

The website carnot-mines.eu currently hosts no active content and displays a default placeholder page provided by OVHcloud indicating that the site is not installed. There is no business information, services, or user-facing content available. The domain is registered and DNS records are configured with OVH and Gandi.net mail servers, but no SSL certificate or HTTPS support is present, resulting in a poor security posture. No privacy, cookie, or terms of service policies are found, and no contact information or forms exist on the site. The technical infrastructure is minimal and lacks modern security and performance features. Overall, the site is non-operational and does not provide any business or compliance information.

S

SIA "Juridiskā koledža"

jk.lv

0

Juridiskā koledža is a Latvian educational institution specializing in legal and related professional studies. The website presents a comprehensive offering of study programs, courses, and international cooperation such as ERASMUS. The institution positions itself as a provider of qualified specialists with practical and theoretical knowledge for the labor market in Latvia and abroad. Technically, the website is built on WordPress with common libraries like jQuery and Bootstrap, but suffers from slow performance and lacks a valid SSL certificate, which impacts security and user trust. Security posture is weak due to missing HTTPS, lack of security headers, and absence of DMARC records, although SPF is correctly configured. Privacy compliance is minimal with no visible privacy or cookie policies or consent mechanisms. Contact information and certifications are clearly presented, supporting business credibility. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

J

JDM Technology Group

jdmtechnologygroup.com

0

JDM Technology Group is a well-established company providing integrated software solutions for the construction industry and built environment. With over 41 years in business, 34 subsidiary companies, and a global customer base exceeding 18,000, they offer a broad portfolio of construction management, maintenance, estimating, and operational software. Their business model focuses on strategic acquisitions to expand market share and deliver comprehensive solutions. Technically, the website is built on WordPress with modern frontend technologies like Bootstrap and jQuery, optimized by NitroPack, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. Security posture is weak due to missing HTTPS and TLS protocols, though DNS records show good email security practices with SPF and DMARC. Privacy compliance is poor with no visible privacy or cookie policies, and no contact information is provided on the homepage. Overall, the site is professional and content-rich but requires significant improvements in security and privacy to enhance trust and compliance.

A

Association Forum Ensai

forum-ensai.com

0

Association Forum Ensai is a student-run non-profit organization based in France that facilitates connections between students and the professional world, particularly in data science and statistics. The website serves as an information hub for the association's activities, events, and contact points. The site is built on WordPress with popular plugins such as Yoast SEO and Elementor, and integrates Google Analytics for visitor tracking. However, the technical infrastructure shows significant security weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which exposes users to potential risks. Privacy compliance is minimal, with no visible privacy or cookie policies and no consent mechanisms for tracking. Business credibility is moderate, supported by consistent branding and a clear focus on its educational mission, but lacking in formal certifications or detailed contact information.

S

Sciences Po Alumni

sciencespo-alumni.fr

0

Sciences Po Alumni is a well-established alumni association serving the students and graduates of Sciences Po in France. The website offers a comprehensive platform for networking, career services, events, and publications, targeting alumni, students, and recruiters. The platform leverages a custom CMS likely provided by AlumnForce and integrates modern web technologies including Vue.js, Backbone.js, and Google services. Despite a rich content offering and good user experience, the website suffers from a critical security flaw due to the absence of a valid SSL certificate, severely impacting its security posture. Privacy and cookie policies are present and GDPR compliance is indicated, but could be enhanced. Overall, the site is professional and functional but requires urgent security improvements to protect user data and trust.

T

Transdev North America, Inc.

transdevna.jobs

0

Transdev North America, Inc. operates a comprehensive career portal focused on transportation jobs across North America. As the largest private-sector provider of multiple transportation modes including transit, rail, and on-demand services, the company targets job seekers interested in diverse roles such as drivers, management, safety, and technical positions. The website provides detailed information about career opportunities, benefits, and hiring processes, supported by a consistent brand presence and trust indicators such as an EEO statement and a Code of Business Conduct. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, with integrations for Google Analytics, Facebook Pixel, and other marketing tools. However, performance is slow and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate, lack of security headers, and missing DNS security records, which poses significant risks to user data and trust. Privacy compliance is basic with a cookie consent mechanism and a privacy policy, but GDPR compliance is not clearly demonstrated. Overall, the site is functional and professional but requires urgent security improvements to protect users and enhance credibility.