Security Directory

S

Service national de la jeunesse

echwellechkann.lu

0

The website echwellechkann.lu is an official Luxembourg government youth engagement platform managed by the Service national de la jeunesse. It provides a portal for young people to discover activities, engagement offers, and projects to organize their free time. The platform is positioned as a trusted government resource with clear contact information and official branding. Technically, the site is built on WordPress with modern plugins and uses Matomo analytics for privacy-conscious tracking. The site is well-structured, mobile-optimized, and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and published security policies. Privacy compliance is partial due to the absence of a dedicated privacy policy page, though cookie consent is implemented. Overall, the site is trustworthy, safe, and professionally maintained, serving its government and youth audience effectively.

Z

Zentrum Fünfbrunnen / Centre Cinqfontaines

cinqfontaines.lu

0

The website cinqfontaines.lu represents a Luxembourg government-operated educational and memorial center focused on Holocaust remembrance, antisemitism, racism, democracy, and human rights education. The site serves children, youth, educators, and the general public interested in historical and human rights topics. It is managed by the Luxembourg government and related youth and political education services, positioning itself as a niche cultural and educational institution. The content is well-structured, multilingual, and professionally presented with clear navigation and consistent branding. Technically, the website is built on WordPress 6.8.1 with jQuery, Google Maps API, and Font Awesome. It uses Matomo for analytics and implements a cookie consent mechanism compliant with GDPR principles. The site is hosted likely on Luxembourg infrastructure, uses HTTPS with excellent SSL configuration, and shows moderate performance and good mobile optimization. However, some security best practices such as security headers are missing. From a security perspective, the site enforces HTTPS, uses cookie consent, and does not expose sensitive data. No vulnerabilities or WAF blocking were detected. Privacy compliance is partial due to the absence of an explicit privacy policy page and terms of service. Contact information is available but lacks email addresses and security incident contacts. Overall, the website is trustworthy, professional, and serves its educational and memorial purpose effectively. Strategic improvements include publishing a privacy policy and terms of service, adding security headers, and providing incident response contact information to enhance security posture and compliance.

B

BookAthon

bookathon.lu

0

BookAthon is a youth-focused creative initiative based in Luxembourg, organizing 24-hour hackathons where young participants aged 14 to 27 collaboratively create children's books for ages 0 to 4. Supported by professional authors, illustrators, and graphic designers, the event fosters creativity and cultural engagement among youth. The website is professionally designed using WordPress and integrates modern technologies such as Gravity Forms for data collection, Yoast SEO for optimization, and Complianz for GDPR-compliant cookie management. Analytics are handled via Matomo, ensuring privacy-conscious tracking. Security posture is strong with HTTPS enforced and anti-spam measures in place, though explicit security headers could be improved. The site complies with GDPR and provides clear privacy and cookie policies. Contact information is transparent, including a contact email and physical address linked to the Service national de la jeunesse (SNJ). Overall, BookAthon presents a trustworthy, well-managed digital presence aligned with its educational and cultural mission.

S

Service National de la Jeunesse (SNJ)

chalets.lu

0

Chalets.lu is an official Luxembourg government-affiliated website providing comprehensive information and booking options for youth accommodations including chalets, camping grounds, and youth hostels across Luxembourg. The platform targets youth groups, families, and tourists seeking affordable lodging options, positioning itself as a trusted government resource. The website leverages WordPress CMS with modern technologies such as Bootstrap, jQuery, and Google Maps API to deliver a responsive and accessible user experience. Privacy compliance is robust, featuring a detailed cookie policy with opt-in consent mechanisms aligned with GDPR requirements. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity suitable for its government service role.

C

Crème fraîche

creme-fraiche.lu

0

Crème fraîche is a Luxembourg-based video contest platform targeting young people aged 12 to 30, focusing on promoting creativity and film-making through organized contests and events. The website provides detailed information about contest editions, winners, and related cultural activities, positioning itself as a niche media and cultural event organizer in Luxembourg. The platform leverages modern web technologies including Drupal 10 and Alpine.js to deliver a responsive and engaging user experience, optimized for mobile devices and accessibility. Security posture is adequate with HTTPS enforced and cookie consent implemented, though explicit security policies and headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible platform. Overall, the website demonstrates good professionalism and trustworthiness, supported by active social media channels and clear business focus.

F

Festival des Cabanes

cabanes.lu

0

The Festival des Cabanes website represents a youth-focused architecture competition organized in Luxembourg, targeting young people aged 12 to 26. The event is supported by recognized local organizations such as the Service national de la jeunesse and the Ordre des Architectes et Ingénieurs-conseils, positioning it as a niche cultural and educational initiative. The website content is professionally presented, with clear information about the event, its objectives, and timelines, supporting good user engagement and trust. Technically, the site is built on WordPress with modern front-end technologies and is mobile-optimized, though performance is moderate and accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks important security headers and formal privacy and cookie policies, which are critical for GDPR compliance. Overall, the site is trustworthy and well-suited for its purpose but would benefit from enhanced privacy compliance and security hardening.

D

Deng Zukunft - Däi Wee

dzdw.lu

0

The website 'Deng Zukunft - Däi Wee' serves as an informational platform primarily targeting young people and their parents in Luxembourg, offering guidance on education and career paths. The site is built on Drupal 10 CMS and employs modern frontend technologies such as Alpine.js and Tailwind CSS, indicating a contemporary technical infrastructure. The website is mobile-optimized and accessible, with a clear navigation structure and professional design. Security measures include HTTPS enforcement and a cookie consent mechanism compliant with GDPR requirements. However, the absence of WHOIS data and lack of explicit business contact information limit the overall business credibility assessment. No security policy or incident response information is provided, which could be improved to enhance trust and compliance. Overall, the site presents a solid digital presence with room for improvement in transparency and security documentation.

P

POST Luxembourg

eboo.lu

0

The website www.eboo.lu is a digital banking platform operated by POST Luxembourg, offering eBanking services accessible via smartphones, tablets, and computers. It targets customers of POST Luxembourg's financial services, providing a seamless and intuitive banking experience without the need to visit physical branches. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages including English and French. The business is well-established in Luxembourg's finance and telecommunications sectors, leveraging POST Luxembourg's strong market position.

D

DEEP

deep.eu

0

DEEP is a professional IT services company specializing in cloud computing, data management, artificial intelligence, and cybersecurity, primarily serving clients in Luxembourg and France. The company positions itself as a trusted partner for digital transformation challenges, targeting a broad range of business sectors including SMEs, large enterprises, public institutions, and banking. The website is well-structured, multilingual, and provides comprehensive information about their services and business focus. Technically, the site is built on the Liferay CMS platform, utilizing modern web technologies such as jQuery, Bootstrap, React, and Clay UI components. The presence of cookie consent mechanisms and GDPR compliance indicators reflects a mature approach to privacy and regulatory adherence. Security posture is good with HTTPS enforced and no obvious vulnerabilities detected, though the absence of explicit security policies and incident response contacts suggests room for improvement. WHOIS data is privacy protected, which is common for European domains and does not detract from the site's legitimacy. Overall, the website demonstrates a solid digital presence with good technical and security practices, supporting DEEP's credibility as an IT services provider.

I

Ingroup

ingroup.lu

0

Ingroup is a prominent marketing and digital solutions provider based in Luxembourg, operating through multiple specialized brands that offer comprehensive communication, advertising, branding, media, and distribution services. The company positions itself as a major player in the Greater Region, targeting businesses seeking to maximize their visibility and impact through integrated 360° solutions. The website reflects a professional and consistent brand image with clear navigation and regularly updated news content. Technically, the site is built on WordPress with modern plugins and libraries, hosted by OVH, and optimized for mobile and SEO. Security measures include HTTPS, Google reCAPTCHA on contact forms, and a robust cookie consent mechanism, although some security headers and policies could be improved. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

L

Luxembourg House of Cybersecurity g.i.e.

cswl.lu

0

The website represents the CYBERSECURITY Week Luxembourg 2025, a national campaign coordinated by the Luxembourg House of Cybersecurity. It aims to promote cybersecurity awareness and foster collaboration within the Luxembourg cybersecurity ecosystem through key events such as the Luxembourg GRC Conference and hack.lu. The campaign targets cybersecurity professionals and the wider community interested in cybersecurity topics. The website content is well-structured, professionally designed, and consistent with the organization's branding. Technically, the site uses modern web technologies including React, Bootstrap, and FontAwesome, with good mobile optimization and moderate performance. The site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, some security best practices like security headers and cookie consent mechanisms are missing or not visible in the provided content. From a security posture perspective, the site demonstrates a good baseline with HTTPS and no evident vulnerabilities. The presence of legal and data protection notices in PDF format indicates attention to compliance, though explicit security policies and incident response information are absent. The WHOIS data aligns well with the website's claims, showing consistent registration and no privacy protection, enhancing trustworthiness. Overall, the website is a credible, professional platform for cybersecurity awareness events in Luxembourg, with room for improvement in privacy compliance and security policy transparency.

C

CIRCL

vulnerability-lookup.org

0

Vulnerability-Lookup is a specialized cybersecurity platform developed and operated by CIRCL, focusing on vulnerability tracking, correlation, and coordinated vulnerability disclosure. It serves security teams, researchers, and system administrators by aggregating data from multiple vulnerability sources and providing tools for managing security advisories and sightings. The platform integrates with global initiatives such as the Global CVE Allocation System and supports compliance with directives like NIS2. Technically, the website is built using the Hugo static site generator and employs modern JavaScript libraries for search functionality, delivering a fast and accessible user experience. Security posture is solid with HTTPS implied, but lacks explicit security headers and published privacy policies, which are areas for improvement. WHOIS data is unavailable, reducing transparency but the association with CIRCL and EU funding projects supports legitimacy. Overall, the site is professional, trustworthy, and well-positioned within the cybersecurity niche.

S

Syndicat Intercommunal de Gestion Informatique

sigi.lu

0

The Syndicat Intercommunal de Gestion Informatique (SIGI) is a government IT syndicate based in Luxembourg that provides IT solutions and support services to local municipalities. The website presents a professional image with clear navigation, comprehensive privacy and cookie policies, and a focus on supporting Luxembourg communes in their missions. Technically, the site is built on WordPress using the Divi theme and incorporates modern plugins such as the Modern Events Calendar and Matomo for analytics, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security policies and incident response contacts suggests room for improvement. The lack of WHOIS data transparency limits the ability to fully verify domain legitimacy, but the website content and structure align with a credible public sector entity. Overall, the site is well-maintained, GDPR compliant, and serves its target audience effectively.

S

Syndicat des Villes & Communes luxembourgeoises

syvicol.lu

0

The Syndicat des Villes & Communes luxembourgeoises (Syvicol) website serves as the official online presence for the Luxembourg municipal syndicate, focusing on promoting and defending the interests of cities and communes in Luxembourg. The site targets local government entities and provides information relevant to their collective interests. The business model is that of a non-profit government association, with a clear focus on advocacy and representation within the public sector. Technically, the website employs modern web technologies including Bootstrap icons, Google Fonts, Google Tag Manager, Hotjar analytics, and Cookiebot for cookie consent management. The site is served over HTTPS, ensuring secure communication. The presence of a detailed cookie consent mechanism indicates a commitment to privacy compliance, although explicit privacy and terms of service pages were not detected in the provided content. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, bot protection via Google reCAPTCHA, and controlled script loading through Google Tag Manager. However, the absence of visible security headers and lack of explicit security policies or incident response contacts suggest areas for improvement. The WHOIS data is unavailable or malformed, which reduces domain trustworthiness, but the official .lu domain and professional site design mitigate some concerns. Overall, the website is professional, secure, and compliant with basic privacy standards, but it would benefit from publishing clear privacy policies, terms of service, and contact information to enhance trust and compliance. Strategic recommendations include improving security headers, adding vulnerability disclosure mechanisms, and enhancing accessibility features.

N

National Cybersecurity Competence Center Luxembourg

nc3.lu

0

The National Cybersecurity Competence Center Luxembourg (NC3) is a government-affiliated organization dedicated to enhancing the cybersecurity posture of Luxembourg's businesses, institutions, and stakeholders. It offers a comprehensive suite of services including self-assessment tools, risk diagnostics, training simulations, and strategic guidance. The center also fosters community initiatives and funding opportunities to strengthen the national and European cybersecurity ecosystem. The website positions NC3 as a central hub for cybersecurity competence in Luxembourg, linking national efforts with European initiatives.

L

Luxembourg House of Cybersecurity

room42.lu

0

ROOM#42 is a cybersecurity simulation service operated by the Luxembourg House of Cybersecurity, offering immersive cyberattack crisis training sessions primarily targeting professionals across various sectors including finance, IT, legal, and management. The service is recognized locally and internationally, with a subsidiary presence in Toulouse. The website presents a professional and consistent brand image with clear contact information and testimonials from credible industry figures. Technically, the site uses modern front-end libraries such as Materialize CSS and jQuery, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage but lacks advanced security headers and published policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration and DNS setup are consistent with a legitimate business entity.

T

Technoport SA

technoport.lu

0

Technoport SA is a Luxembourg-based business incubator focused on supporting innovative and technology-oriented startups. The company provides incubation programs, event spaces, and participates in European and international projects to foster entrepreneurship and innovation. The website reflects a professional and consistent brand presence targeting entrepreneurs and startups seeking support and networking opportunities. The technical infrastructure relies on established but somewhat dated technologies such as jQuery 1.x and Bootstrap 3.x, hosted on Amazon AWS infrastructure, indicating a stable but potentially improvable digital maturity. Security posture is moderate with HTTPS usage assumed but lacking visible security headers and using outdated JavaScript libraries, which could expose the site to vulnerabilities. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap given GDPR requirements. Overall, the website is functional, trustworthy, and business credible but would benefit from technical and compliance enhancements.

A

Adoraweb Agence Marketing Digital Luxembourg

adoraweb.lu

0

Adoraweb is a small, agile digital marketing agency based in Luxembourg, founded in 2013. The company specializes in providing digital marketing services including SEO, SEA, web design, and digital strategy consulting, targeting ambitious businesses in Luxembourg. Their market position is strengthened by unique agile marketing methodologies and a strong client portfolio. The website is professionally designed, content-rich, and optimized for user experience and SEO, reflecting a mature digital presence. Technically, the site is built on WordPress with modern JavaScript libraries and uses Cloudflare for DNS and likely CDN services. Security posture is solid with HTTPS and form protections, though explicit security headers and cookie consent mechanisms are missing. Analytics and tracking are extensive, leveraging Piwik PRO, Google Analytics, Facebook, and LinkedIn pixels. Overall, the website is trustworthy and professional, with clear contact information and certifications displayed. Recommendations include enhancing privacy compliance with cookie consent and security headers, and publishing security policies.

O

OCA Luxembourg

oca.lu

0

OCA Luxembourg is a professional insurance brokerage firm operating in the Grand Duchy of Luxembourg, providing tailored insurance solutions for both professionals and individuals. The company offers a range of services including professional insurance, personal insurance, and specialty insurance products such as Lifestyle & Fine Art, construction guarantees, and coverage for European officials and sports professionals. The website reflects a well-structured and professional digital presence with clear navigation and relevant content targeting Luxembourg-based clients. Technically, the website employs modern web technologies including Bootstrap, jQuery, and specialized plugins like Revolution Slider and tarteaucitron for cookie consent management. The site is mobile-optimized and demonstrates good SEO practices, although some improvements in accessibility and security headers could enhance its technical maturity. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, indicating awareness of privacy regulations such as GDPR. However, the absence of visible security headers and incident response information suggests room for improvement in security posture. The lack of WHOIS data limits the ability to fully verify domain legitimacy, but the professional content and business registration number lend credibility. Overall, the website presents a trustworthy and professional image suitable for its business domain, with moderate technical and security maturity. Strategic enhancements in security headers, incident response transparency, and WHOIS data availability would strengthen trust and compliance.

O

Orange Luxembourg

orange.lu

0

Orange Luxembourg is a major telecommunications operator providing mobile telephony, internet fiber, TV, and fixed-line telephone services in Luxembourg. The website reflects a professional and well-branded digital presence, targeting a general audience with clear service offerings. The technical infrastructure is based on Magento 2, leveraging modern web technologies and integrating analytics and marketing tools such as Google Tag Manager and Facebook Pixel. Security posture is good with HTTPS enforced and partial security headers, though some improvements are recommended to enhance security headers and CSP completeness. Privacy compliance is basic with a cookie consent mechanism but no explicit privacy policy detected in the provided content. The absence of WHOIS data limits domain trust verification, but the website content and branding strongly indicate legitimacy.

L

lux-airport

lux-airport.lu

0

Luxembourg Airport operates as a key regional transportation hub offering passenger and cargo air services with over 100 destinations and 14 airlines. The airport provides comprehensive services including parking, transport options, shopping, dining, and special assistance, targeting travelers and business passengers. The website demonstrates a mature digital presence with multilingual support, modern technologies, and strong branding consistency. Technical infrastructure is based on WordPress with integrations for analytics, accessibility, and cookie compliance. Security posture is solid with HTTPS and privacy mechanisms, though explicit security headers and incident response policies are absent. WHOIS data is unavailable, limiting domain trust verification, but the professional website and official social media presence support legitimacy. Overall, the airport's digital platform is well-structured, user-friendly, and compliant with GDPR, serving its audience effectively.

O

Ombudsman Luxembourg

ombudsman.lu

0

The Ombudsman Luxembourg website serves as the official government mediation office for citizens and residents seeking resolution of complaints related to state and municipal administrations. The site provides clear contact information and a concise description of its public service role, targeting a general audience in Luxembourg. The business model is focused on government mediation and administrative dispute resolution, positioning it as an essential public service entity within the government sector. Technically, the website employs basic technologies including Google Analytics and Google Tag Manager for visitor tracking. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. The absence of a CMS or modern frameworks suggests a simple, possibly custom-built site. No forms or interactive elements were detected, limiting data collection vectors. From a security perspective, the site uses HTTPS but lacks visible security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure mechanisms are present. Tracking scripts indicate moderate user tracking without clear privacy compliance disclosures. Overall, the security posture is basic with room for significant improvement. The overall risk assessment is moderate with no critical vulnerabilities detected but notable gaps in privacy compliance and security best practices. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, enhancing mobile and accessibility features, and establishing incident response contacts to improve trust and compliance.

A

Association Luxembourg Alzheimer

ala.lu

0

Association Luxembourg Alzheimer is a well-established non-profit organization based in Luxembourg, dedicated to supporting people affected by dementia and their families. The organization offers a comprehensive range of services including counseling, a 24/7 helpline, ambulatory care, day centers, and a specialized care home. Their website reflects a strong commitment to accessibility and user support, with multilingual options and detailed service information. The organization maintains an active presence on social media platforms such as Facebook, LinkedIn, and Instagram, enhancing community engagement and outreach. Technically, the website is built on WordPress with modern plugins like Yoast SEO and accessibility tools, ensuring good SEO and compliance with accessibility standards. The site uses Matomo for analytics, indicating a privacy-conscious approach to user tracking. Performance and mobile optimization are good, though some improvements could be made in hosting transparency and performance metrics. From a security perspective, the site enforces HTTPS and provides a cookie consent mechanism with granular user control, aligning with GDPR requirements. However, it lacks published privacy policies, terms of service, and explicit security or incident response policies, which are important for compliance and user trust. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-aligned with its mission, but would benefit from enhanced privacy and security disclosures to improve compliance and user confidence.

C

Cactus

cactus.lu

0

Cactus is a well-established retail supermarket chain based in Luxembourg, offering a broad range of products including fresh food, household goods, and additional services such as restaurants, home delivery, and customer loyalty programs. The website is professionally designed using Drupal 10 and incorporates modern frontend technologies and analytics tools, indicating a mature digital presence. Security posture is moderate with HTTPS usage and anonymized IP tracking in analytics, but lacks explicit security headers and published privacy policies, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness from a registration perspective, though the website content and branding strongly suggest a legitimate business. Overall, the site provides a good user experience with clear navigation and mobile optimization.

The website liesen.lu is an official educational platform managed by SCRIPT, a Luxembourg government entity focused on reading initiatives in primary schools. It serves as an information hub providing catalogs, reading projects, pedagogical materials, and related educational content targeted at educators and schools in Luxembourg. The site is well-branded with government logos and maintains a consistent educational focus. Technically, the site is built on Drupal 9 CMS, leveraging modern frontend libraries such as Font Awesome and jQuery. It employs tarteaucitron.js for cookie consent management and uses Matomo for privacy-conscious analytics. The hosting appears to be managed by Restena Foundation, a known Luxembourg educational network provider. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit public security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's government and educational nature, indicating legitimacy and trustworthiness. Overall, the site presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements could include adding explicit security headers, publishing security policies, and enhancing incident response transparency.

S

Service national de la jeunesse

snj.lu

0

The Service national de la jeunesse (SNJ) is a Luxembourg government entity dedicated to youth development and support. It operates multiple youth centers and programs aimed at fostering responsible citizenship and active participation among young people. The website reflects a well-established governmental service with a clear mission and target audience of youth and youth sector actors. The digital infrastructure is based on WordPress with modern compliance features such as GDPR cookie consent and Matomo analytics hosted locally, indicating a mature digital presence. Security posture is good with HTTPS and privacy mechanisms, though some security headers and formal policies could be improved. The absence of WHOIS data limits domain trust assessment, but the official branding and contact information support legitimacy. Overall, the site is professional, trustworthy, and well-aligned with its public service role.

S

Service de médiation scolaire

mediationscolaire.lu

0

The website mediationscolaire.lu represents the official Service de médiation scolaire, a government entity in Luxembourg dedicated to supporting parents, students, and school personnel in resolving conflicts within the educational system. The service operates independently within the Ministry of National Education and targets the Luxembourg community with mediation services related to primary and secondary education. The site is professionally designed with clear navigation, multilingual support, and accessibility features, reflecting a strong commitment to user experience and inclusivity. Technically, the website is built on WordPress 6.7.1, utilizing Bootstrap for responsive design, jQuery, and Matomo for analytics. It employs GDPR-compliant cookie consent mechanisms and demonstrates good mobile optimization and SEO practices. The hosting provider is not explicitly identified, but the site uses HTTPS with excellent SSL configuration, ensuring secure data transmission. From a security perspective, the site enforces HTTPS and cookie consent but lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's government affiliation and Luxembourg location, supporting the site's legitimacy. Overall, mediationscolaire.lu is a trustworthy, well-maintained government service website with strong privacy compliance and good technical implementation. Strategic improvements include adding security headers, publishing a security policy, and providing incident response contact information to enhance security posture and user trust.

Restopolis is a Luxembourg-based service provider specializing in school and university catering. The website offers multilingual content targeting students, adults, and visitors, providing menu consultation, booking, and account management services. The platform integrates with IAM for secure user access and supports sustainable food procurement initiatives. Technically, the site is built on ASP.NET WebForms using the DNN CMS, leveraging modern JavaScript libraries and Google services for analytics and security. Security posture is good with HTTPS and reCAPTCHA, though explicit security headers are missing. Privacy compliance is basic with a cookie consent banner and privacy policy available. WHOIS data is unavailable, limiting domain trust verification, but the website's professional appearance and government affiliations support legitimacy.

The website summerschool.lu serves as an informational portal for a summer school program in Luxembourg, primarily targeting students in fundamental and secondary education. The site is multilingual, supporting Luxembourgish, French, German, English, and Portuguese, reflecting inclusivity for the diverse population. The presence of official government logos and links to Luxembourg government domains strongly suggests this is a public sector or government-affiliated educational initiative. The site offers basic navigation and language selection but lacks detailed business or contact information on the homepage. From a technical perspective, the website uses modern JavaScript libraries such as jQuery 3.7.1 and integrates Google Tag Manager for analytics and tracking. The site loads external fonts from Adobe Typekit and uses HTTPS, although no advanced security headers were detected in the provided content. The site appears moderately optimized for mobile devices and has basic accessibility features. However, the absence of privacy and cookie policies and lack of visible security headers indicate room for improvement in compliance and security posture. Security-wise, the site does not expose sensitive data and uses HTTPS, but the lack of security headers and privacy notices reduces its overall security maturity. No vulnerabilities or malicious content were detected. The WHOIS data is unavailable due to query rate limits, but the domain is registered under Luxembourg's official DNS registry (RESTENA DNS-LU), which is typical for government domains and suggests legitimacy despite privacy protection. Overall, the website is a legitimate, government-affiliated educational resource with basic technical implementation and moderate security posture. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and compliance.

F

Fondation Restena

cyberday.lu

0

CyberDay.lu is a professionally maintained website representing an annual cybersecurity awareness event organized by the Fondation Restena in Luxembourg. The event is positioned as a key cybersecurity knowledge-sharing platform within the European Cyber Security Month and is partially funded by the European Union’s Digital Europe programme. The website targets cybersecurity professionals and stakeholders in Luxembourg and Europe, providing event schedules, speaker information, and registration details. The business model is event-driven, supported by public funding and institutional backing. Technically, the website is built on WordPress 6.8 with common web technologies such as jQuery, Bootstrap, and Font Awesome. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. SEO optimization is basic, and no advanced analytics or tracking tools are detected, indicating a privacy-conscious approach or minimal user tracking. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of privacy and cookie policies represents a compliance gap with GDPR requirements. Incident response and security policy information are not publicly available, which could be improved to enhance trust and transparency. Overall, CyberDay.lu presents a trustworthy and professional online presence for a niche cybersecurity event. The risk profile is low given the nature of the content and organizational backing. Strategic improvements in privacy compliance, security headers, and accessibility would strengthen the site’s security posture and regulatory adherence.

L

LuxID

luxid.lu

0

LuxID is a Luxembourg-based digital identity platform providing a secure, unified login solution for multiple local companies and applications. Supported by major partners such as POST, Cactus, CFL, and RTL, LuxID aims to simplify user authentication while enhancing privacy and security in compliance with GDPR. The website is professionally designed, multilingual, and offers clear information about the service, benefits, and partners. Technically, the site uses modern web technologies including Liferay CMS, Bootstrap, React, and various JavaScript libraries, hosted likely within Luxembourg's POST infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and vulnerability disclosures are absent. WHOIS data is unavailable, limiting domain trust verification, but the business credibility is supported by visible partnerships and professional content.

B

BCE

bce.lu

0

BCE is a professional media and digital solutions provider targeting businesses and institutions worldwide. The company offers innovative services across media, sports, fashion, and business sectors, positioning itself as a key player in digital expertise and seamless service integration. The website reflects a medium-sized enterprise with a consistent brand presence and good content quality. Technically, the site is built on WordPress with modern JavaScript libraries and integrates privacy-conscious analytics and marketing tools such as Matomo and HubSpot. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. The lack of WHOIS data limits domain trust assessment, but the website's professional presentation and privacy compliance indicate legitimacy. Overall, BCE demonstrates a mature digital presence with room for improvement in security transparency and contact availability.

A

Agile Partner

agilepartner.net

0

Agile Partner is a medium-sized technology company based in Luxembourg, specializing in custom software development and agile transformation services. With over 18 years of experience and a team of approximately 50 professionals, the company targets businesses seeking tailored digital solutions and agile coaching to support their digital transformation. The website is professionally designed, multilingual (French and English), and provides clear information about their services, certifications, and contact details. Technically, the site is built on WordPress and leverages modern JavaScript libraries and marketing tools such as Google Analytics, Facebook Pixel, Hotjar, and HubSpot, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible sensitive data exposure, though the absence of security headers and explicit security policies suggests room for improvement. The lack of WHOIS domain registration data is a notable concern, reducing trust in domain legitimacy despite the professional presentation. Overall, the website is functional, secure, and business-focused, but would benefit from enhanced transparency in domain registration and security documentation.

L

Luxembourg House of Cybersecurity

lhc.lu

0

Luxembourg House of Cybersecurity (LHC) serves as the central hub for cybersecurity resilience in Luxembourg, hosting key national centers such as CIRCL and NC3. The organization focuses on fostering innovation, collaboration, and capacity building in cybersecurity through various services including acceleration programs, community meet-ups, and standards development. The website reflects a professional and government-aligned entity with a clear mission to enhance Luxembourg's cybersecurity posture. Technically, the website employs modern web technologies including React, Bootstrap, and Leaflet, with privacy-conscious analytics via Matomo. The site is hosted on Luxembourg-based infrastructure (Restena) and demonstrates good mobile optimization and user experience. However, some technical improvements are recommended, such as implementing security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks explicit security headers and a published security policy. Incident response is facilitated through links to CIRCL's reporting portal. Privacy compliance is partial, with a privacy policy available but no cookie consent banner. Overall, the site presents a strong security posture appropriate for a government-related cybersecurity entity. The overall risk is low, with recommendations focusing on enhancing privacy compliance, security headers, and accessibility to further strengthen trust and regulatory adherence.

L

LU-CIX

lu-cix.lu

0

LU-CIX is a Luxembourg-based Internet Exchange Point founded in 2009, providing open and neutral peering and connectivity services to networks and content providers in Luxembourg and Europe. The organization operates as a non-profit entity, focusing on interconnecting critical networks in a secure and trusted environment. Their key services include public peering, route servers, blackholing, partner IX peering, and VoIP-X services, positioning them as a central telecommunications infrastructure player in Luxembourg. Technically, the website is built on WordPress CMS with modern JavaScript libraries such as jQuery and Owl Carousel, and uses Matomo for privacy-conscious analytics. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, the site enforces HTTPS and uses secure form submission techniques but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and compliance. The security posture is solid but could be improved by adding explicit security policies, incident response contacts, and cookie consent to align better with GDPR requirements. The absence of WHOIS data limits domain trust verification, but the website content and business presence indicate a legitimate and professional operation. Overall, LU-CIX presents a trustworthy and professional digital presence with room for security and privacy enhancements to strengthen compliance and user trust.

L

Le Gouvernement du Grand-Duché de Luxembourg

services-publics.lu

0

Guichet.public.lu is the official government portal of Luxembourg dedicated to providing citizens with easy access to a wide range of public services and administrative information. The website covers numerous thematic areas including financial aid, citizenship, family and education, taxation, immigration, inclusion, justice, housing, leisure, health, transport, and employment. It serves as a comprehensive digital gateway for residents and citizens to navigate government procedures efficiently. Technically, the site leverages Adobe Experience Manager as its CMS platform and uses Adobe Dynamic Tag Management for analytics and tracking. The site is well-structured with responsive design and accessibility features, ensuring a good user experience across devices. However, some security headers and explicit privacy and cookie policies are not evident in the provided content, indicating areas for improvement in compliance and security transparency. From a security perspective, the site uses HTTPS and secure login mechanisms, but lacks visible security headers and incident response contact information. The WHOIS data for the domain is unavailable or malformed, which limits the ability to fully verify domain registration legitimacy. Despite this, the official branding and domain (.public.lu) strongly support its authenticity as a government site. Overall, guichet.public.lu demonstrates a mature digital presence with excellent content quality and user experience, but could enhance its privacy compliance and security posture by publishing clear policies and improving domain transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, and providing explicit security incident contacts to strengthen trust and compliance.

A

Administration du Cadastre et de la Topographie (ACT)

geoportal.lu

0

The Geoportal of the Grand-Duchy of Luxembourg is an official governmental platform providing comprehensive geospatial data, maps, and related services to individuals, professionals, and developers. It serves as the national authoritative source for geodata across multiple sectors including environment, energy, tourism, spatial planning, and agriculture. The platform offers a variety of applications and catalogues, supporting both public and professional users with tools such as 3D printing exports, coordinate conversion, and route planning. The website is well-branded, consistent, and targets a broad audience with multilingual support. Technically, the site employs modern web technologies including jQuery, Modernizr, and SVG icons, and integrates Piwik (Matomo) for analytics. It is mobile-optimized and accessible, with good SEO practices. The site uses HTTPS with strong SSL configuration, although explicit security headers are not detected. Some services require strong authentication, indicating attention to security for sensitive operations. Security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of a published security policy or vulnerability disclosure limits transparency. Privacy compliance is partial; while terms and conditions and a privacy policy page exist, no cookie consent mechanism is evident. Contact information is limited to a contact form with no direct emails or phone numbers visible. Overall, the site is trustworthy, professionally maintained, and aligned with its governmental role. Strategic improvements in security transparency and privacy compliance would enhance its posture further.

T

The national geoportal of the Grand-Duchy of Luxembourg

g-o.lu

0

The Geoportal of the Grand-Duchy of Luxembourg is an official government platform providing comprehensive geospatial data, maps, and related applications to individuals, professionals, and developers. It serves as the national reference for governmental geodata and services, offering a wide range of thematic maps and tools such as 3D printing, route planning, and data catalogues. The platform is well-branded with government logos and maintains a consistent professional appearance. Technically, the site uses established JavaScript libraries like jQuery and Modernizr, and employs Piwik (Matomo) for analytics, indicating moderate digital maturity. Mobile optimization and accessibility are well addressed, enhancing user experience across devices. Security posture is adequate with HTTPS usage implied, but lacks explicit security headers and cookie consent mechanisms, which are areas for improvement. The absence of WHOIS data limits domain trust assessment, though the official government affiliation and consistent branding support legitimacy. Overall, the site is a reliable and professional government resource with room for enhanced privacy and security compliance.

S

Système d'Information Géographique de la Grande Région

sig-gr.eu

0

The website www.sig-gr.eu represents the Système d'Information Géographique de la Grande Région, a government-backed geographic information system service focused on the Greater Region, including France and Luxembourg. It provides thematic maps, interactive geoportals, metadata catalogs, and open data to support regional planning and cooperation. The site is professionally designed, multilingual, and offers comprehensive content relevant to its target audience of public institutions, researchers, and regional partners. Technically, it is built on Adobe Experience Manager CMS and uses Adobe DTM for analytics, with a responsive design and good accessibility features. Security posture is moderate with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are not evident. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR. Overall, the site is trustworthy and legitimate, though WHOIS data is unavailable due to EURid privacy restrictions. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding vulnerability disclosure information.

I

INSIDE COMMUNICATION

inside-communication.lu

0

INSIDE COMMUNICATION is a communication agency based in Luxembourg focusing on strategies, innovation, and impact. The current website is a placeholder announcing a forthcoming new site and offers a newsletter subscription to keep interested parties informed. The company targets businesses or professionals seeking communication and innovation services. The website's technical infrastructure uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Fonts and CreateSend for email marketing. However, the site lacks advanced frameworks or CMS indications and shows basic mobile optimization and accessibility features. Security posture is limited with no visible HTTPS confirmation or security headers, and no privacy or cookie policies are present. The WHOIS data is unavailable due to query rate limits, limiting domain legitimacy verification. Overall, the site is functional but minimal, with room for significant improvements in security, privacy compliance, and content richness.

I

Info-Zenter Demenz

demenz.lu

0

Info-Zenter Demenz is a national information and consultation center in Luxembourg specializing in memory disorders and dementia. The organization provides free services and resources to affected individuals, their families, healthcare professionals, and the general public. The website is professionally designed, well-structured, and offers comprehensive content in French, with multilingual support. It maintains a strong presence through social media and government support, positioning itself as a trusted resource in the healthcare non-profit sector. Technically, the website is built on WordPress with modern technologies including Google Tag Manager, reCAPTCHA, and accessibility tools. It demonstrates good mobile optimization, SEO practices, and performance. The hosting and domain registration appear professional and consistent with the organization's profile. From a security perspective, the site uses HTTPS, has implemented cookie consent mechanisms, and employs reCAPTCHA to protect forms. While explicit security policies and incident response contacts are not found, no vulnerabilities or suspicious activities are detected. Privacy compliance is well addressed with clear policies and consent management. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security headers, publishing a formal security policy, and maintaining regular audits of third-party scripts to further strengthen security posture.

C

Chambre des Députés

propositions.lu

0

The website propositions.lu is an official government platform managed by the Chambre des Députés of Luxembourg. It serves as a digital interface for citizens to participate in the legislative process by submitting and supporting Propositions Motivées aux Fins de Légiférer (PML). The platform is well-structured, primarily in French, and offers clear guidance and resources for legislative participation. The site targets Luxembourgish voters aged 18 and above, providing a transparent and accessible channel for democratic engagement. Technically, the site is built on a modern Angular framework with a responsive design optimized for mobile devices. It employs standard web technologies including Font Awesome and Bootstrap CSS variables. The site uses HTTPS with strong SSL configuration, but lacks some security headers and a cookie consent mechanism, which are recommended for enhanced security and privacy compliance. Accessibility is addressed but with some noted deficiencies. From a security perspective, the site demonstrates good practices such as encrypted data transmission and no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data limits the ability to fully verify domain registration legitimacy. The site includes comprehensive privacy and legal notices, with a clearly identified Data Protection Officer contact. Overall, the platform presents a trustworthy and professional government service with room for minor improvements in security headers and privacy mechanisms. Strategically, the site supports Luxembourg's democratic processes by enabling direct citizen involvement in lawmaking. It is positioned as a key digital government service with high trustworthiness and professional content quality.

C

Chambre des Députés du Grand Duché de Luxembourg

petitions.lu

0

The website www.petitiounen.lu is the official petition platform of the Chambre des Députés of Luxembourg, enabling citizens to submit and sign public and ordinary petitions. It serves as a government civic engagement tool with a clear focus on transparency and public participation. The platform is well-branded with official logos and provides comprehensive information about petitions, legal notices, data protection, and contact details. Technically, it is built on a modern Angular framework with responsive design and integrates visitor analytics for performance monitoring. Security posture is strong with HTTPS enforced and session management features, though explicit security headers could be improved. Privacy compliance is good with a detailed privacy policy and data protection officer information, but lacks a visible cookie consent mechanism. WHOIS data is unavailable due to malformed queries, limiting domain legitimacy verification, but the official nature of the content and branding strongly supports authenticity.

C

Conostix S.A.

conostix.com

0

Conostix S.A. is a small Luxembourg-based technology company specializing in security and system services, with a focus on security management consultancy, tailored open source software solutions, and customer care. Founded in 2001, the company positions itself as a niche provider for enterprises requiring advanced security expertise. The website content reflects this business focus but is basic in design and technical sophistication. Technically, the website is a simple HTML and CSS implementation with no detected CMS or advanced frameworks. There is no evidence of HTTPS enforcement or security headers, and mobile optimization is poor. The site lacks privacy and cookie policies, contact information, and incident response details, indicating limited digital maturity and compliance readiness. From a security perspective, the domain is well-established with consistent WHOIS data and clientTransferProhibited status, supporting legitimacy. However, the absence of HTTPS and security headers, as well as missing privacy compliance elements, represent vulnerabilities and compliance gaps. No forms or data collection mechanisms were found, reducing immediate data exposure risks. Overall, the website presents a moderate risk profile with room for significant improvements in security posture, privacy compliance, and technical modernization. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving mobile responsiveness, and enhancing security headers and incident response capabilities.

The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven cybersecurity entity serving as the national CERT/CSIRT for Luxembourg's private sector, communes, and non-governmental organizations. CIRCL provides a broad range of cybersecurity services including threat intelligence sharing via the MISP platform, dynamic malware analysis, passive DNS historical data, and document sanitization from untrusted USB devices. The organization maintains a strong market position as a trusted government-affiliated cybersecurity resource with a history dating back to 2008 and operates under the Luxembourg House of Cybersecurity (LHC). The website reflects a professional and authoritative presence with comprehensive security advisories and publications.

U

Upbooking

upbooking.lu

0

Upbooking is a Luxembourg-based online platform dedicated to the recycling and exchange of used school books, promoting environmental sustainability and offering incentives such as vouchers for new book purchases. The platform targets students and families within Luxembourg, supported by government initiatives as evidenced by the presence of the Luxembourg government logo. Technically, the website is built on WordPress with a custom theme, uses modern tools like Google Tag Manager and Axeptio for cookie consent, and implements good accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms in place. Overall, the website is professional, trustworthy, and well-aligned with its educational and governmental mission.

L

Luxembourgticket GIE

luxembourgticket-gie.lu

0

Luxembourgticket GIE operates a website focused on ticketing services in Luxembourg, targeting both the general public and businesses. The site is built on WordPress and incorporates modern tracking and consent tools such as Google Tag Manager and Cookiebot, reflecting a moderate level of digital maturity. However, the absence of key compliance documents like a privacy policy and terms of service, as well as missing contact information, limits the site's transparency and trustworthiness. The security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and incident response information. Overall, the site presents a basic but functional online presence with room for improvement in compliance and security documentation.

H

hack.lu

hack.lu

0

hack.lu is an established cybersecurity conference held annually in Luxembourg, focusing on computer security, privacy, and information technology. The 2025 edition marks its 19th occurrence, indicating a long-standing presence in the security community. The conference offers talks, workshops, trainings, and CTF competitions, targeting security professionals, researchers, and privacy advocates. The website reflects a professional and consistent brand image, supported by reputable partners and sponsors.

F

Fondation Restena

restena.lu

0

Fondation Restena is a Luxembourg-based non-profit foundation that manages telecommunication infrastructure and services for the research, education, culture, health, and administration sectors in Luxembourg. It operates the national research and education network, manages the .lu domain registry, and provides a range of services including email, hosting, network connectivity, and IT security. The foundation is well-established, with origins dating back to 1989 and formal foundation status since 2000. Their market position is strong as a key national infrastructure provider with a focus on public and academic institutions. Technically, the website is built on Drupal 8, featuring modern web technologies and good mobile optimization. The site is well-structured with clear navigation and professional design. Security posture is strong, supported by ISO 27001 certification and secure form handling, although some security headers are not visibly implemented. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the security posture is robust with dedicated incident response services (CSIRT) and ongoing certification efforts. No major vulnerabilities or suspicious patterns were detected. The domain WHOIS data aligns well with the website content, confirming legitimacy and consistency. Strategic recommendations include enhancing privacy compliance with cookie consent, adding security headers, and publishing a vulnerability disclosure policy to further strengthen trust and security culture.

S

SCRIPT (Service de Coordination de la Recherche et de l’Innovation pédagogiques et technologiques)

script.lu

0

SCRIPT is a Luxembourg governmental agency focused on coordinating research and innovation in education and technology. It plays a central role in implementing educational policy priorities and enhancing school quality in Luxembourg. The website reflects this mission with relevant content, news, publications, and project information targeted at educators, government stakeholders, and the public. Technically, the site is built on Drupal 9 with modern libraries and provides a responsive, accessible user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and professional online presence.