Security Directory

I

IMT Nord Europe Alumni

imt-nord-europe.org

0

IMT Nord Europe Alumni is a French non-profit alumni association serving graduates, students, and recruiters affiliated with IMT Nord Europe. The website offers a comprehensive platform for alumni networking, career services, events, and publications, supported by a large member base. Technically, the site uses a modern JavaScript stack with libraries such as jQuery, Bootstrap, and slick-carousel, and integrates security features like hCaptcha and GDPR-compliant cookie consent. The SSL configuration is valid but could be improved with HSTS and stronger DMARC policies. Overall, the site is professional and trustworthy but has room for performance and security enhancements.

U

Université de Lyon

universite-lyon.fr

0

Université de Lyon is a public academic consortium coordinating 10 member universities and 25 associates in the Lyon-Saint-Étienne academic site. The website serves students, researchers, academic staff, and international scientists by providing information on education, research programs, innovation, entrepreneurship, and campus life. The site is well-branded, professionally designed, and offers clear navigation with a focus on academic and research content. Technically, the site uses JavaScript, jQuery, and AT Internet analytics, hosted likely on academic infrastructure with a valid SSL certificate. Security posture is adequate with no major vulnerabilities detected, though improvements such as enabling HSTS and DNSSEC are recommended. Privacy compliance is basic with a cookie consent mechanism but no explicit privacy policy found in the analyzed content. Overall, the website is a credible and trustworthy source for academic information in the region.

Eudonet is a technology company specializing in CRM software solutions, targeting subscribers and clients primarily in France with additional presence in Canada and the UK. The website analyzed is a secure login portal for Eudonet CRM subscribers, offering multi-language support and user authentication features. The business model centers on SaaS CRM services with a focus on client account management. Technically, the site runs on Microsoft IIS with ASP.NET and uses XHTML transitional markup. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are partially implemented, but the absence of TLS protocols and certificate transparency compliance significantly weakens the security posture. Privacy and cookie policies are not present, and no contact or business information is provided on this login page, limiting transparency and compliance indicators. Overall, the site demonstrates moderate business credibility and good content quality but suffers from poor security and privacy compliance.

Logilys is a small Canadian technology company specializing in the development and distribution of specialized management software solutions, including PRODON for donation and donor management, PROLOC for leisure, sports, and culture management, and PROLYS for project and client relationship management. The company targets organizations requiring tailored software solutions primarily in Quebec, Canada. Their market position is niche with a focus on specialized software for non-profit and cultural sectors. Technically, the website uses modern frontend technologies such as Bootstrap and jQuery, with Google Tag Manager for analytics. However, the site lacks a valid SSL certificate, resulting in HTTP-only access, which negatively impacts security posture and user trust. Performance is slow with a high page load time, though mobile optimization and SEO are reasonably good. Security-wise, the company holds a COCD certification for its PRODON software, indicating a commitment to security in their product offerings, but the website itself lacks HTTPS, security headers, and cookie consent mechanisms. Privacy compliance is basic with a privacy policy present but no cookie banner or GDPR-specific indicators. Contact information is clearly provided with phone numbers and a physical address in Rimouski, Quebec. Overall, the website is professional and informative but requires significant improvements in security and privacy compliance to enhance trust and protect users.

S

Site not installed - OVHcloud

carnot-mines.eu

0

The website carnot-mines.eu currently hosts no active content and displays a default placeholder page provided by OVHcloud indicating that the site is not installed. There is no business information, services, or user-facing content available. The domain is registered and DNS records are configured with OVH and Gandi.net mail servers, but no SSL certificate or HTTPS support is present, resulting in a poor security posture. No privacy, cookie, or terms of service policies are found, and no contact information or forms exist on the site. The technical infrastructure is minimal and lacks modern security and performance features. Overall, the site is non-operational and does not provide any business or compliance information.

S

SIA "Juridiskā koledža"

jk.lv

0

Juridiskā koledža is a Latvian educational institution specializing in legal and related professional studies. The website presents a comprehensive offering of study programs, courses, and international cooperation such as ERASMUS. The institution positions itself as a provider of qualified specialists with practical and theoretical knowledge for the labor market in Latvia and abroad. Technically, the website is built on WordPress with common libraries like jQuery and Bootstrap, but suffers from slow performance and lacks a valid SSL certificate, which impacts security and user trust. Security posture is weak due to missing HTTPS, lack of security headers, and absence of DMARC records, although SPF is correctly configured. Privacy compliance is minimal with no visible privacy or cookie policies or consent mechanisms. Contact information and certifications are clearly presented, supporting business credibility. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

J

JDM Technology Group

jdmtechnologygroup.com

0

JDM Technology Group is a well-established company providing integrated software solutions for the construction industry and built environment. With over 41 years in business, 34 subsidiary companies, and a global customer base exceeding 18,000, they offer a broad portfolio of construction management, maintenance, estimating, and operational software. Their business model focuses on strategic acquisitions to expand market share and deliver comprehensive solutions. Technically, the website is built on WordPress with modern frontend technologies like Bootstrap and jQuery, optimized by NitroPack, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. Security posture is weak due to missing HTTPS and TLS protocols, though DNS records show good email security practices with SPF and DMARC. Privacy compliance is poor with no visible privacy or cookie policies, and no contact information is provided on the homepage. Overall, the site is professional and content-rich but requires significant improvements in security and privacy to enhance trust and compliance.

A

Association Forum Ensai

forum-ensai.com

0

Association Forum Ensai is a student-run non-profit organization based in France that facilitates connections between students and the professional world, particularly in data science and statistics. The website serves as an information hub for the association's activities, events, and contact points. The site is built on WordPress with popular plugins such as Yoast SEO and Elementor, and integrates Google Analytics for visitor tracking. However, the technical infrastructure shows significant security weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which exposes users to potential risks. Privacy compliance is minimal, with no visible privacy or cookie policies and no consent mechanisms for tracking. Business credibility is moderate, supported by consistent branding and a clear focus on its educational mission, but lacking in formal certifications or detailed contact information.

S

Sciences Po Alumni

sciencespo-alumni.fr

0

Sciences Po Alumni is a well-established alumni association serving the students and graduates of Sciences Po in France. The website offers a comprehensive platform for networking, career services, events, and publications, targeting alumni, students, and recruiters. The platform leverages a custom CMS likely provided by AlumnForce and integrates modern web technologies including Vue.js, Backbone.js, and Google services. Despite a rich content offering and good user experience, the website suffers from a critical security flaw due to the absence of a valid SSL certificate, severely impacting its security posture. Privacy and cookie policies are present and GDPR compliance is indicated, but could be enhanced. Overall, the site is professional and functional but requires urgent security improvements to protect user data and trust.

T

Transdev North America, Inc.

transdevna.jobs

0

Transdev North America, Inc. operates a comprehensive career portal focused on transportation jobs across North America. As the largest private-sector provider of multiple transportation modes including transit, rail, and on-demand services, the company targets job seekers interested in diverse roles such as drivers, management, safety, and technical positions. The website provides detailed information about career opportunities, benefits, and hiring processes, supported by a consistent brand presence and trust indicators such as an EEO statement and a Code of Business Conduct. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, with integrations for Google Analytics, Facebook Pixel, and other marketing tools. However, performance is slow and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate, lack of security headers, and missing DNS security records, which poses significant risks to user data and trust. Privacy compliance is basic with a cookie consent mechanism and a privacy policy, but GDPR compliance is not clearly demonstrated. Overall, the site is functional and professional but requires urgent security improvements to protect users and enhance credibility.

W

WebBuilds B.V.

documentator.io

0

Documentator is a technology SaaS company providing a documentation platform designed to simplify the creation and management of product and developer documentation. Positioned as an affordable alternative to established documentation tools, it targets developers and product teams seeking an easy-to-use, flexible solution with features like custom domains, translation support, and analytics. The business operates under WebBuilds B.V., founded in 2020, and offers tiered subscription plans with a free trial to attract users. Technically, the website employs modern JavaScript frameworks (likely Vue.js), Cloudflare DNS services, and Matomo analytics configured for privacy. However, the site suffers from a critical security shortfall due to an invalid SSL certificate and lack of HTTPS enforcement, which significantly impacts its security posture. Performance is moderate to slow, with good mobile optimization and basic accessibility features. Security-wise, the absence of HTTPS, missing security headers, and lack of DNS security records (DMARC, CAA) present vulnerabilities that could expose users to risks. Privacy compliance is reasonably addressed with a comprehensive privacy policy and GDPR references, but no cookie consent mechanism is implemented. Business credibility is supported by clear policies, testimonials, and transparent pricing. Overall, Documentator is a functional and professional SaaS platform with solid business fundamentals but requires urgent improvements in security infrastructure to protect user data and enhance trust.

V

Vidzemes Augstskola

va.lv

0

Vidzemes Augstskola is a regional higher education institution in Latvia offering a range of academic programs including bachelor, master, doctoral, and lifelong learning courses. The website serves students, staff, alumni, and cooperation partners with information on study processes, events, and services. The institution maintains an active online presence with regular news and event updates, supported by social media channels. Technically, the website is built on Joomla CMS using the Helix Ultimate framework and hosted behind Cloudflare, but critically lacks a valid SSL certificate, resulting in no HTTPS support. This is a significant security risk that undermines user trust and data protection. The site implements cookie consent mechanisms and has comprehensive privacy policies, indicating good privacy compliance. However, the absence of HTTPS and modern TLS protocols severely impacts the overall security posture. Strategic improvements in SSL/TLS deployment and security headers are essential to enhance the site's security and trustworthiness.

D

DigiTrace GmbH

digitrace.de

0

DigiTrace GmbH is a specialized IT-forensics and IT-security service provider based in Germany, offering a broad range of services including IT forensics, incident response, eDiscovery, and expert IT assessments. The company targets businesses, authorities, auditors, and legal professionals, positioning itself as a trusted expert in IT security and forensic investigations. The website is professionally designed using Joomla CMS and includes detailed service descriptions and contact information, although it lacks some modern security configurations. Technically, the site suffers from the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Other security best practices such as security headers and HSTS are also missing. Privacy compliance is addressed with a comprehensive privacy policy and DMARC/SPF email protections, but no cookie consent mechanism is present. Overall, the site is functional and informative but requires urgent improvements in security infrastructure to meet modern standards.

E

EURECOM

eurecom.fr

0

EURECOM is a reputable graduate school and research center specializing in digital science, located in Sophia Antipolis, France. It offers advanced education and research programs in computer science, telecommunications, and digital security, targeting students, researchers, and industry partners. The institution holds recognized certifications such as the 4DIGITAL label and European Heritage Award, positioning it as a key player in digital education and research in Europe. Technically, the website is built on Drupal 9 with modern frontend libraries and integrates Google Tag Manager for analytics. However, the site suffers from a lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. The cookie consent mechanism is implemented, but no explicit privacy policy or terms of service pages are found on the homepage. Contact information is limited to a physical address and phone number, with no verified company emails available. Overall, the website presents professional content and good user experience but requires urgent security improvements to protect user data and enhance trust.

É

École des Mines de Saint-Étienne

mines-stetienne.fr

0

École des Mines de Saint-Étienne is a prestigious French engineering school with a 200-year history, offering high-level engineering education, research, and international partnerships. The website reflects a mature digital presence with comprehensive content, multiple academic programs, and strong branding. Technically, the site is built on WordPress with Elementor and integrates modern web technologies and marketing tools such as Sendinblue and Google Tag Manager. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are well implemented with consent mechanisms, indicating good GDPR compliance. Overall, the site is professional and trustworthy but requires urgent security improvements.

I

Institut Mines-Télécom Business School (IMT Business School)

imt-bs.eu

0

Institut Mines-Télécom Business School (IMT-BS) is a French public business school specializing in commerce, management, and digital transformation education. It holds a strong market position with multiple prestigious accreditations such as AACSB, AMBA, and CGE, and is part of the Institut Mines-Télécom group. The school offers a range of programs including Bachelor, Grande Ecole, Masters of Science, Executive Education, and doctoral partnerships, targeting students, enterprises, and international audiences. Technically, the website is built on WordPress with Elementor and several modern plugins, but suffers from slow performance and lacks a valid SSL certificate, which impacts security and user trust. Security posture is moderate with some best practices like SPF and DKIM for email, but critical issues exist due to missing HTTPS and TLS protocols. Privacy compliance is good with clear policies and consent mechanisms, and accessibility is excellently addressed with a dedicated plugin and detailed accessibility statement. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and modern TLS protocols.

I

IMT Mines Alès

imt-mines-ales.fr

0

IMT Mines Alès is a recognized French engineering school affiliated with the IMT group, offering a broad range of engineering and management education programs with a strong emphasis on creativity, innovation, and environmental and societal responsibility. The institution targets engineering students, researchers, and industry partners, positioning itself as a national leader in engineering education with a medium-sized footprint. Technically, the website is built on Drupal 10 with modern web components such as Swiper sliders and Plyr video players, but suffers from a critical lack of HTTPS and valid SSL certificates, which severely impacts its security posture. The site implements cookie consent mechanisms and uses Matomo for analytics, reflecting moderate privacy compliance. However, the absence of a security policy, incident response contacts, and vulnerability disclosure reduces its overall security maturity. Strategic improvements in SSL/TLS deployment and security policy transparency are recommended to enhance trust and compliance.

I

IMT Mines Albi

imt-mines-albi.fr

0

IMT Mines Albi is a reputable French engineering school specializing in generalist engineering education and research, operating under the Institut Mines-Télécom group. The website presents a professional and content-rich platform targeting prospective students, researchers, and industry partners. Technically, the site is built on Drupal 10 with modern frontend technologies and includes cookie consent mechanisms. However, the absence of HTTPS and a valid SSL certificate is a critical security flaw that undermines user trust and data protection. The site shows good design, navigation, and accessibility but lacks explicit privacy and terms of service documentation. Security headers are partially implemented but insufficient without HTTPS. Overall, the site is functional and credible but requires urgent security improvements.

I

IMT Nord Europe

imt-nord-europe.fr

0

IMT Nord Europe is a French graduate engineering school affiliated with the Institut Mines-Télécom and partnered with the University of Lille. Positioned strategically in northern France, it serves as a key educational and research institution focusing on energy, ecological, digital, and industrial transitions. The website presents a professional and content-rich platform targeting students, researchers, and industry partners, offering a wide range of engineering programs and continuous training. Technically, the site is built on WordPress with modern plugins and frameworks but lacks a valid SSL certificate, which impacts its security posture. While security best practices such as hCaptcha and cookie consent are implemented, the absence of HTTPS and minimal security headers present significant vulnerabilities. Overall, the site is functional and trustworthy but requires urgent improvements in security to protect user data and enhance trust.

I

IMT Atlantique

imt-atlantique.fr

0

IMT Atlantique is a prestigious French engineering school specializing in generalist engineering education with a strong focus on digital technologies, energy, and environmental sciences. It holds a significant market position as evidenced by its high ranking and membership in the Institut Mines-Télécom network. The website reflects a mature digital presence with comprehensive content targeting students, researchers, academic partners, and enterprises. Technically, the site is built on Drupal 10 with modern front-end libraries and good SEO and accessibility practices. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to risks and undermining trust. The site implements GDPR-compliant cookie consent and privacy policies, but lacks visible terms of service and incident response information. Social media integration and partner affiliations enhance its credibility and outreach.

N

NetAnswer

netanswer.fr

0

NetAnswer is a French technology company specializing in community management platforms, primarily targeting alumni networks, professional associations, foundations, and companies with donor communities. With over 20 years of experience and a client base exceeding 300 organizations, NetAnswer offers a comprehensive, modular SaaS solution that supports community engagement, event management, donation processing, and career support. The website reflects a professional and consistent brand presence, showcasing client testimonials and partner logos to build trust. Technically, the site is built on WordPress with the Divi theme and leverages various plugins and libraries such as jQuery, Swiper Carousel, and Matomo Analytics. However, the site lacks a valid SSL certificate and does not properly implement HTTPS, which is a critical security shortfall. Email security is well managed with valid SPF and DMARC policies. Privacy compliance is basic but includes cookie consent mechanisms. Overall, the website is content-rich and user-friendly but requires urgent improvements in security infrastructure to meet modern standards.

E

Ensae-Ensai Formation Continue (Cepe)

lecepe.fr

0

Ensae-Ensai Formation Continue (Cepe) is a well-established continuing education center affiliated with the Groupe des écoles nationales d'économie et statistique (Genes) in France. It specializes in providing professional training and certification programs in statistics, data science, finance, and economics. The organization maintains strong partnerships with prestigious institutions such as Ensae Paris, Ensai, Crest, and Institut Polytechnique de Paris, positioning itself as a reputable education provider in its sector. The website reflects a professional and comprehensive approach to education, targeting professionals and learners seeking advanced skills and certifications in quantitative fields. Technically, the website employs modern web technologies including Bootstrap, jQuery, Font Awesome, and integrates third-party services like Google Analytics and Calendly for analytics and scheduling. Hosting is managed through Gandi, and the site uses a valid SSL certificate with strong key length, although some security enhancements such as HSTS and DNSSEC are absent. Performance is moderate to slow due to a large number of resources and page size, but mobile optimization and accessibility are adequately addressed. From a security perspective, the site uses HTTPS with a valid certificate and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks several security headers and DNS security features that could improve its security posture. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and secure environment for users. Privacy policies and terms of service are clearly available, enhancing compliance and user trust. Overall, the website demonstrates a strong business credibility and professional presence with room for technical and security improvements. Strategic recommendations include enhancing security headers, enabling DNSSEC and CAA, optimizing performance, and publishing incident response information to further strengthen trust and compliance.

E

ENSAI

ensai.fr

0

ENSAI is a French grande école specializing in data science education, offering a range of programs from engineering degrees to doctorates and continuing education. It holds a strong market position due to its unique academic model and historical ties with INSEE and public statistics. The website reflects a professional and comprehensive digital presence targeting students, researchers, and public sector professionals. Technically, the site is built on WordPress with common plugins and libraries, but suffers from slow load times and lacks a valid SSL certificate, impacting security posture. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Security weaknesses include missing HTTPS, lack of security headers, and no explicit security or incident response policies. Overall, the site is trustworthy and professional but requires urgent improvements in security infrastructure to protect user data and enhance trust.

A

ArianeGroup

ariane.group

0

ArianeGroup is a leading European aerospace company specializing in civil and military space transportation, including the development and manufacturing of launchers such as Ariane 6 and Maia. The company positions itself as a global industrial leader supporting Europe's independence and security in space. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation targeting aerospace industry stakeholders, government entities, and potential employees. Technically, the site is built on WordPress with SEO optimizations and uses modern web technologies, but suffers from slow load times and lacks a valid SSL certificate, which impacts security posture. Security-wise, the absence of HTTPS and security headers is a critical vulnerability, although no WAF or blocking mechanisms are detected. Privacy compliance is supported by a comprehensive privacy policy, but no cookie consent mechanism is present. Overall, the site is professional and trustworthy but requires urgent improvements in security configurations to protect user data and enhance trust.

X

XMP-Consult

xmp-consult.org

0

XMP-Consult operates as a network of independent consultants primarily serving French-speaking business leaders and members seeking consulting services. The website provides a membership platform, events calendar, publications, and a newsletter to engage its community. The business model focuses on connecting consultants with clients and fostering professional development through events and shared resources. Technically, the site is hosted on OVH with Apache server, uses a variety of JavaScript libraries including jQuery, Bootstrap, and TinyMCE, and employs a CMS likely based on NetAssoc. While the site is content-rich and well-structured with good mobile optimization, performance is slow and SEO is basic. Security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocols, despite good security headers and cookie consent mechanisms. Privacy compliance is strong with GDPR-aligned cookie policies and consent banners. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

P

ParisTech Alumni - Accueil

paristech-alumni.org

0

Security assessment completed with an overall score of 50/100 (unknown risk). 9 high-priority issues should be addressed promptly. Total of 20 security findings identified across all modules.

W

WebBuilds B.V.

webbuilds.nl

0

WebBuilds B.V. is a small Dutch technology company specializing in custom web application development and SaaS products. Their offerings include CRM, e-commerce, API integrations, and proprietary SaaS tools such as ploi.io and Documentator. The company targets businesses seeking tailored web solutions and emphasizes quality and precision in development. Technically, the website uses modern frameworks like Laravel and TailwindCSS and is hosted behind Cloudflare. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security headers are present but insufficient without HTTPS. Privacy compliance is minimal, with no visible privacy or cookie policies. The company uses Matomo analytics, indicating some privacy awareness. Overall, the website is professional and well-branded but requires urgent security improvements to protect users and enhance trust.

I

ivy.mayhem GmbH

stella-projects.de

0

stella.projects is a small, specialized web agency based in Hamburg, Germany, with over 15 years of experience in web design and development. They focus on delivering custom digital products including websites, online platforms, consulting, and hosting services. The company positions itself as a reliable partner for startups, SMEs, and private clients, emphasizing clarity, focus, and quality in their offerings. Their market position is strengthened by an official partnership with Statamic CMS and a portfolio of diverse clients. Technically, the website uses modern frameworks such as Laravel and Statamic CMS, with frontend technologies including Alpine.js and a well-structured responsive design. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security flaw. Security headers are mostly present but the absence of HTTPS and HSTS significantly reduces the security posture. Privacy compliance is addressed with a privacy and cookie policy, though no explicit cookie consent mechanism is implemented. Contact information is clearly provided, including phone, email, physical address, and a contact form. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and improve trust.

T

Transdev Canada

transdev.ca

0

Transdev Canada operates as a global mobility operator and integrator, providing a wide range of transportation services including bus, rail, ferry, cargo, and autonomous mobility solutions. The company holds a strong market position with a large operational footprint in Canada and is part of the larger Transdev Group. Their services target passengers, public authorities, and companies, emphasizing efficiency, safety, and sustainability. The website reflects a professional and comprehensive digital presence with rich content, news updates, and recruitment information. Technically, the site is built on WordPress with Elementor and integrates advanced search via Algolia, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of HTTPS enforcement. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Social media integration is robust, enhancing business credibility. Overall, while the business and content aspects are strong, the security posture requires urgent improvement to protect user data and maintain trust.

RETHMANN SE & Co. KG is a well-established German family-owned holding company founded in 1934, operating primarily in the transportation and energy sectors through its subsidiaries REMONDIS, Rhenus, SARIA, and a significant stake in Transdev. The company provides comprehensive services in recycling, logistics, sustainable product manufacturing, and public mobility solutions, targeting industrial clients, municipalities, and private customers. The website is built on TYPO3 CMS, featuring good content quality, clear navigation, and professional design, though it lacks a valid SSL certificate, which is a critical security concern. Privacy policies are comprehensive and GDPR compliant, but no cookie consent mechanism is present. The company demonstrates strong business credibility with detailed contact information and legal disclosures.

W

WHATS4U

wats4u.com

0

WHATS4U is a collective platform representing 18 alumni associations from prestigious French Grandes Écoles, focused on facilitating professional development and networking for alumni and recruiters. The website offers event information, job offer sharing, and partnerships related to international mobility and lifelong learning. The target audience includes alumni and recruiters connected to top French engineering and business schools. Technically, the site is built on Webflow with integrations such as Weglot for translations, Memberstack for membership management, and Jetboost for enhanced search/filtering. However, the site suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. Security posture is weak with no HTTPS, no security headers, and no advanced TLS features. Privacy compliance is basic with presence of terms and cookie settings but no explicit GDPR compliance indicators. Contact information is limited to forms and social media links, with no direct emails or phone numbers. Overall, the website is functional and professionally designed but requires urgent improvements in security and privacy to enhance trust and compliance.

A

Augoor

augoor.com

0

Augoor is a technology company specializing in AI-powered code understanding solutions designed to accelerate software development projects. Their platform transforms static codebases into dynamic knowledge graphs, enabling faster onboarding, improved documentation, and enhanced code navigation. Positioned as a B2B SaaS provider, Augoor targets software development teams and enterprises managing complex or legacy code. Technically, the website is built on Webflow CMS with advanced JavaScript libraries and 3D visualizations, hosted behind Cloudflare CDN and AWS DNS infrastructure. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. While privacy and cookie policies are well implemented with consent mechanisms, no direct contact emails or phone numbers are provided, relying instead on a contact form. Social media presence and clear branding contribute to business credibility. Security-wise, the absence of HTTPS and modern TLS protocols is a critical vulnerability, although other security headers and best practices are partially implemented. Overall, the site is professional and content-rich but requires urgent SSL improvements to enhance trust and security.

E

European Union CSIRTs network

csirtsnetwork.eu

0

The European Union CSIRTs network website serves as the official portal for the EU Member States’ appointed CSIRTs and CERT-EU, facilitating cooperation and information sharing in cybersecurity. Powered by ENISA, the network supports coordinated incident response and vulnerability disclosure across the EU. The website content clearly communicates the network's mission, members, and contact points, targeting government cybersecurity teams and stakeholders within the EU. Technically, the site is built on the Plone CMS platform using Python and Zope technologies, hosted with DNS managed via Microsoft Azure DNS. However, the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a significant security shortfall. Performance metrics are unavailable, but the site shows basic mobile optimization and accessibility features. Security posture is weak due to missing HTTPS, lack of DNSSEC, DMARC, and other security headers beyond X-Frame-Options. No privacy or cookie policies are present, and no analytics or tracking scripts are detected, indicating minimal user tracking. Contact information is provided but only as obfuscated images to reduce spam. Overall, the site is functional and professional in content and design but requires urgent improvements in security configuration, especially enabling HTTPS and enhancing DNS and email security. Privacy compliance is minimal, and adding clear policies would improve trust and regulatory adherence.

C

CERT.LV

dnsmuris.lv

0

The website dnsmuris.lv is operated by CERT.LV in cooperation with NIC.LV to provide a free DNS firewall service aimed at protecting Latvian internet users from cyber threats such as phishing and malware. The service is positioned as a national cybersecurity initiative with a focus on individual and organizational users in Latvia. The website content is primarily in Latvian and provides detailed instructions on configuring DNS settings to use the firewall service. Technically, the site uses jQuery and Semantic UI frameworks but suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. Security posture is weakened by the absence of DNSSEC and CAA records, although email security policies like SPF and DMARC are properly configured. Privacy compliance is supported by clear privacy and cookie policies with consent mechanisms. Overall, the site is trustworthy and professional but requires critical improvements in SSL/TLS deployment and DNS security to enhance user trust and security.

A

Anqa IT-Security GmbH

anqa-itsecurity.de

0

Anqa IT-Security GmbH is a German-based Managed Security Service Provider specializing in comprehensive IT security solutions including UTM firewalls, pentesting, endpoint protection, dark web monitoring, and cyber security awareness trainings. The company serves over 7,000 businesses and partners with more than 500 IT system houses, positioning itself as a trusted and experienced player in the German IT security market. Their offerings are designed to be flexible with monthly cancellable contracts and include a free managed service component, enhancing customer value and operational reliability. Technically, the website is built on WordPress with modern plugins for SEO and GDPR compliance, but suffers from slow load times and lacks a valid SSL certificate, which critically impacts security posture. The absence of HTTPS and security headers represents a significant vulnerability that should be addressed immediately. Privacy compliance is strong, with clear cookie consent mechanisms and a comprehensive privacy policy. Business credibility is supported by certifications such as ISO27001 and TÜV, testimonials, and a professional online presence. Overall, while the business model and content quality are excellent, the technical security shortcomings reduce the overall risk rating and require urgent remediation.

A

About You Outlet

aboutyou-outlet.de

0

About You Outlet is a large-scale e-commerce platform specializing in discounted fashion products from popular brands, targeting primarily German and European consumers. The site offers daily changing deals, purchase on invoice, and a customer-friendly return policy. Technically, the website is built on modern frameworks such as Nuxt.js and Tailwind CSS, hosted on Cloudflare, and integrates marketing and analytics tools like Google Tag Manager. However, the site suffers from critical security shortcomings, notably an invalid SSL certificate and lack of security headers, which significantly impact its security posture. Privacy and legal compliance are well addressed with dedicated pages and GDPR compliance indicators. Overall, the website is professional and functional but requires urgent security improvements to protect user data and enhance trust.

P

Planet

planetpayment.com

0

Planet operates as a payment processing and tax-free shopping facilitator targeting travellers and businesses. The website presents a professional design with clear messaging focused on tax-free shopping services across multiple countries. The technical infrastructure is based on Drupal 10 CMS hosted on Microsoft Azure, utilizing modern frontend technologies like Tailwind CSS and integrating analytics tools such as Google Tag Manager and Microsoft Clarity. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts user trust and security posture. Additionally, the lack of visible privacy, cookie, and terms of service policies indicates poor privacy compliance. Overall, the site demonstrates moderate business credibility but requires urgent security and compliance improvements.

G

Greenerwave

greenerwave.com

0

Greenerwave is a technology company specializing in advanced electromagnetic wave control solutions, including next-generation electronically steerable antennas and reconfigurable intelligent surfaces for satellite communications and telecom sectors. Positioned as an innovative player, it partners with major aerospace and finance organizations, targeting B2B clients in satellite and telecom industries. The website is built on WordPress with modern front-end technologies but lacks HTTPS, which is a critical security gap. The absence of cookie consent mechanisms and privacy compliance features indicates room for improvement in regulatory adherence. Security posture is weak due to missing SSL/TLS and security headers, exposing the site to potential risks. Overall, the digital presence is professional with good content quality and clear navigation but requires urgent security enhancements to protect user data and improve trust.

I

Institut Mines-Télécom

imt.fr

0

Institut Mines-Télécom (IMT) is the leading public group of Grandes Écoles in France specializing in engineering and management education. It serves a broad audience including students, researchers, and industry partners, offering education, research, innovation, and dissemination of scientific knowledge. The institution holds a strong market position as a premier public higher education and research entity with multiple affiliated schools and partnerships. Technically, the website is built on a modern WordPress platform with advanced SEO, multilingual support, and good mobile optimization. Security posture is solid with HTTPS, multiple security headers, and captcha protection on forms, though some SSL and DNS security enhancements are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR and privacy standards, making it a reliable digital presence for the institution.

C

Créez un site e-commerce et vendez en ligne ! Logiciel e-commerce de Shopify

maddyshop.com

0

The website maddyshop.com is currently a placeholder page hosted on Shopify infrastructure indicating that the store is not available. The site primarily serves as a redirect or informational page to Shopify services, with content in French targeting entrepreneurs interested in e-commerce. The business model is that of a SaaS e-commerce platform provider, Shopify, which is a leading player in the global e-commerce market. However, no specific business entity information or contact details are present on this domain. Technically, the site uses Shopify's platform and includes jQuery 2.0.3 as a client-side library. The hosting is on Shopify's IP address. The page load performance is poor, with a very slow load time for a minimal content page. Mobile optimization and accessibility are basic, and SEO optimization is minimal. The site lacks modern security configurations, notably missing a valid SSL certificate and HTTPS support, which is a critical security flaw. From a security perspective, the site has HSTS enabled but no valid SSL certificate, no TLS protocols enabled, and lacks other important security headers and features. There are no privacy, cookie, or terms of service policies found, nor any contact information or incident response details. This results in a low security posture and poor privacy compliance. The absence of contact and business information further reduces trustworthiness. Overall, the site is not functional as a business storefront and serves only as a placeholder. The critical lack of HTTPS and security best practices, combined with minimal content and no compliance policies, results in a very low overall risk and quality score. Strategic recommendations include obtaining a valid SSL certificate, implementing privacy and cookie policies, improving performance, and adding clear business and contact information to enhance trust and compliance.

The website maddystudio.com is a personal blog created using WordPress, featuring minimal content primarily focused on the individual named Maddy Smedal. The site lacks clear business focus, contact information, and legal or privacy documentation, indicating it is not a commercial or professional business site. Technically, the site is hosted on Freehosting.com and uses WordPress 6.8.1 with standard JavaScript and CSS assets. However, the site suffers from a lack of HTTPS support due to an invalid SSL certificate, resulting in poor security posture. Performance is slow with a load time exceeding 15 seconds, and no advanced SEO or accessibility features are evident. Security best practices are not implemented, and no privacy or cookie policies are present, which impacts compliance and trustworthiness. Overall, the site is a basic personal blog with significant room for improvement in security, privacy, and technical performance.

Net.Com is a specialized digital agency focused on providing web solutions for the public sector in France, including government agencies, hospitals, educational institutions, and social housing organizations. With over 27 years of experience and more than 500 projects completed, the company offers services such as Drupal and WordPress development, UX design, SEO, and agile development methodologies. The website reflects a professional and well-structured digital presence with comprehensive client references and testimonials. Technically, the site uses modern JavaScript libraries and frameworks but lacks HTTPS support, which is a critical security deficiency. The absence of SSL/TLS and security headers exposes the site and its users to potential risks. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the business demonstrates strong credibility and a clear market niche but must urgently address its security posture to protect its reputation and client data.

G

Groupe des Écoles Nationales d'Économie et Statistique (GENES)

groupe-genes.fr

0

The Groupe des Écoles Nationales d'Économie et Statistique (GENES) is a French public higher education and research institution specializing in economics, statistics, finance, and data science. It operates under the French Ministry of Economy and Finance and comprises several academic entities including ENSAE Paris, ENSAI, CREST, and CEPE. The website serves as an informational portal targeting students, researchers, and professionals interested in these fields. Technically, the site is built on legacy technologies including PHP 5.4.14 and ASP.NET hosted on Microsoft IIS 8.0, with basic use of JavaScript libraries like MooTools and Google Analytics for tracking. However, the site lacks a valid SSL certificate, exposing it to security risks and reducing trustworthiness. Security headers and modern security practices are minimal or absent. Privacy compliance is limited, with no visible cookie consent mechanism and only a basic privacy/legal mentions page. Business credibility is moderate due to official government affiliation and academic partnerships, but the site’s technical and security posture needs significant improvement.

C

CREST

crest.science

0

CREST is a French academic research center specializing in economics, statistics, finance, and sociology. The website serves as a portal for research publications, events, doctoral courses, and institutional information targeting academics, researchers, and students. The site is built on WordPress and integrates various plugins for events, publications, and user management. Despite rich content and good mobile optimization, the website lacks a valid SSL certificate, which severely impacts its security posture. Email security is well configured with SPF and DMARC policies. However, no explicit cookie consent mechanism or detailed security policies are present. Overall, the site is professional and content-rich but requires urgent improvements in HTTPS deployment and security headers to enhance trust and compliance.

E

EELISA

eelisa.eu

0

EELISA is a European university alliance focused on engineering education, research, and innovation. It brings together multiple prestigious partner universities across Europe to provide joint educational programs, research networking, and community engagement. The website reflects a mature digital presence with comprehensive content, including detailed event listings and partner information. Technically, the site is built on WordPress with various plugins for events and page building, but suffers from slow performance and lacks a valid SSL certificate, which impacts security. The security posture is weak due to missing HTTPS, HSTS, DNSSEC, and other security headers. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy but requires significant improvements in security configuration to enhance user trust and data protection.

Vincent Schmalbach operates a professional freelance web development business specializing in Laravel, Vue.js, AI integration, and SEO services. The website presents a comprehensive portfolio of services targeting startups, established businesses, development teams, and product companies globally. The technical infrastructure is modern, leveraging a broad technology stack including Laravel 12, Vue.js 3, and cloud hosting providers such as Hetzner and AWS. However, the website lacks a valid SSL certificate, resulting in no HTTPS availability, which is a significant security concern. Security headers and advanced security policies are also absent, reducing the overall security posture. Privacy compliance is minimal with no visible cookie consent mechanisms, though a privacy policy page exists. The website is well-designed, content-rich, and professionally maintained, with strong business credibility supported by client testimonials and social media presence.

E

ENSTA Bretagne

ensta-bretagne.fr

0

ENSTA Bretagne is a reputable French engineering school specializing in advanced technologies for defense, maritime, and high-tech industries. It offers a range of educational programs including engineering degrees, masters, specialized masters, and doctoral studies. The institution maintains strong partnerships with government defense bodies and leading industry players, reinforcing its market position as a Grande École with a focus on innovation and applied research. Technically, the website is built on Drupal 10 with modern JavaScript libraries and includes a cookie consent mechanism compliant with GDPR. However, the site suffers from critical security shortcomings, notably the absence of SSL/TLS encryption, which severely impacts its security posture. Performance is suboptimal with slow load times, though mobile optimization and content quality are good. Security-wise, the lack of HTTPS and security headers exposes the site to risks and undermines user trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and institutional reputation. Strategic recommendations include immediate implementation of valid SSL certificates, enhancement of security headers, and performance optimization to improve user experience and security compliance.

B

Borah Digital Labs S.L.

borah.digital

0

Borah Digital Labs S.L. is a technology company specializing in rapid MVP development using Laravel and PHP technologies. They position themselves as a fast, expert product development team capable of solving complex problems and delivering digital products efficiently. Their website showcases a professional design with clear navigation, client testimonials, and a portfolio of projects, targeting businesses seeking fast and reliable digital product development. Technically, the site uses Framer for frontend design and hosting, with integrations like Fathom Analytics for minimal user tracking. However, the absence of a valid SSL certificate and modern TLS protocols significantly impacts their security posture. While privacy and terms of service policies are present, no cookie consent mechanism or detailed GDPR compliance indicators were found. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to ensure trust and compliance.

T

Turbine UI

turbineui.com

0

Turbine UI is a small technology-focused business offering a Laravel Blade and Tailwind CSS UI component library aimed at web developers building Laravel projects. The website presents a professional and consistent brand image with clear descriptions of its UI components and themeable styles. Technically, the site uses modern frontend technologies including Laravel, Tailwind CSS, Font Awesome, and Livewire, hosted likely on DigitalOcean. However, the website lacks a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. No privacy or cookie policies are present, and no explicit contact information is provided, which affects compliance and trust. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. Overall, the site is functional and visually appealing but requires critical security and compliance improvements.

W

Wire in The Wild

wireinthewild.com

0

Wire in The Wild is a small technology-focused community platform that showcases real world Laravel Livewire and TALL Stack projects. It serves as an inspiration and resource hub for developers and clients interested in Livewire applications. The site is curated by Silvan Hagen from Switzerland and relies on user submissions to grow its project collection. Technically, the site uses modern web technologies including Laravel Livewire, Tailwind CSS, Alpine.js, and Tom Select, hosted behind Cloudflare DNS services. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture and user trust. Performance is slow with a high page load time, and no security headers or advanced DNS security features are configured. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professionally designed but requires urgent security improvements to protect users and enhance credibility.