Security Directory

S

SCRIPT

heydoo.lu

0

Heydoo.lu is an official educational content platform operated under the auspices of Luxembourg's Ministry of National Education, Childhood and Youth, branded as SCRIPT. The platform aggregates a wide range of educational materials including publications, audio, video, apps, and websites, targeting students, teachers, parents, and educators. It supports multilingual content in Luxembourgish, French, and German, enhancing accessibility for its diverse audience. The website is built on Drupal 10 with modern UI frameworks and integrates analytics tools such as Google Analytics and Facebook Pixel for user behavior insights. Technically, the site demonstrates a solid infrastructure with good mobile optimization, accessibility, and SEO practices. Security posture is adequate with HTTPS enforced and anti-bot measures, though some security headers could be improved. Privacy compliance is strong, featuring comprehensive privacy and cookie policies aligned with GDPR requirements. Contact information is primarily provided via a contact form, with no direct emails or phone numbers publicly listed. The absence of WHOIS data due to a malformed domain query limits domain registration trust analysis. However, the official government affiliation and quality content strongly support the site's legitimacy. No adult or questionable content is present, making it safe for general audiences. Overall, Heydoo.lu is a credible, well-maintained educational resource platform with room for minor security enhancements.

M

Ministère de l'Éducation nationale, de l'Enfance et de la Jeunesse

men.lu

0

The website men.public.lu is the official online presence of the Ministry of National Education, Childhood and Youth of Luxembourg. It serves as a comprehensive information portal providing detailed content on the Luxembourg education system, policies, news, events, and resources for students, parents, educators, and the general public. The site is well-positioned as an authoritative government source with a clear focus on education and youth services in Luxembourg. Technically, the website is built on Adobe Experience Manager CMS, leveraging modern web technologies including RequireJS and Adobe Dynamic Tag Management for analytics and tag management. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Performance is moderate, with content delivered via a government CDN. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, the site follows best practices with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data is noted but likely due to registry policies rather than malicious intent. Overall, the site maintains a strong security posture suitable for a government entity. The overall risk assessment is low, with no signs of malicious activity or compliance issues. Strategic recommendations include enhancing security header implementation, publishing a formal security policy, and improving incident response contact visibility to further strengthen trust and security culture.

L

Luxchat

luxchat.lu

0

Luxchat is a Luxembourg-based secure instant messaging platform designed for the general public, businesses, and public sector agents via its Luxchat4Gov variant. It offers end-to-end encrypted communication, including text, voice, video, file sharing, and location sharing. The service is free, ad-free, and respects user privacy, supported by a consortium of private companies and government entities. The website is professionally designed, mobile-optimized, and uses WordPress with Elementor and Matomo analytics configured for privacy. However, the absence of WHOIS data reduces transparency and trust somewhat. No cookie consent mechanism or explicit security policy pages were found, which are areas for improvement.

M

Ministère de l’Éducation nationale, de l’Enfance et de la Jeunesse

education.lu

0

The portal.education.lu website serves as the official digital gateway for Luxembourg's Ministry of National Education, Childhood and Youth. It provides comprehensive educational resources, digitalization initiatives, and government policy information targeted at students, parents, educators, and the general public. The site is multilingual, reflecting Luxembourg's diverse linguistic landscape, and offers links to related government and educational services. The business model is that of a government public service portal, positioning itself as the authoritative source for education-related content in Luxembourg.

I

Info-Zenter Demenz

demence.lu

0

Info-Zenter Demenz is a national information and consultation center based in Luxembourg, specializing in dementia and memory disorders. It serves affected individuals, their families, healthcare professionals, and the general public by providing free consultation services, educational events, and resources. The organization positions itself as a trusted authority in dementia care and information within Luxembourg, supported by government and community partnerships. The website is professionally designed, multilingual, and accessible, reflecting a strong commitment to user experience and inclusivity. Technically, the website is built on WordPress with modern web technologies including jQuery, Google Tag Manager, and Consent Magic for privacy compliance. Hosting is managed via EuroDNS nameservers, and the site employs HTTPS with reCAPTCHA for security. Accessibility features such as an accessibility toolbar are implemented, and SEO best practices are evident through structured data and meta tags. Security posture is solid with HTTPS and privacy consent mechanisms, though explicit security headers and a formal security policy are absent. No vulnerabilities or suspicious activities were detected. Privacy compliance is robust, with clear cookie and privacy policies and user consent management. Contact information is comprehensive and clearly presented. Overall, the website demonstrates a high level of professionalism, security awareness, and compliance, making it a trustworthy resource for its target audience. Strategic improvements could include adding explicit security headers and publishing a security incident response policy to further enhance trust and resilience.

C

CYBERSECURITY Luxembourg

cybersecurity.lu

0

CYBERSECURITY Luxembourg operates as the national cybersecurity portal for Luxembourg, providing a centralized platform for cybersecurity news, ecosystem engagement, events, educational resources, and community support. The portal targets a broad audience including cybersecurity professionals, public institutions, private companies, startups, and the general public interested in cybersecurity within Luxembourg. It is positioned as a government-affiliated authoritative source, promoting collaboration and awareness in the national cybersecurity ecosystem. Technically, the website is built using modern web technologies such as React, Bootstrap, and Leaflet.js, with Font Awesome icons and Matomo analytics integrated for tracking. The site demonstrates good mobile optimization and user experience, with clear navigation and professional design. Performance is moderate, and accessibility features are basic but present. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not provide visible privacy or cookie policies, nor incident response or vulnerability disclosure information. Matomo analytics is used without a visible cookie consent mechanism, indicating partial privacy compliance. The WHOIS data shows consistent domain registration aligned with the website's government and cybersecurity focus, supporting legitimacy. Overall, the website is a credible and professional government portal with good content and technical implementation but requires improvements in privacy compliance, security headers, and transparency regarding incident response and vulnerability disclosure to enhance trust and security posture.

C

culture.lu, Inc.

culture.lu

0

culture.lu is a specialized cultural portal serving the Luxembourg cultural community and enthusiasts. It offers a variety of content including articles, videos, podcasts, event listings, calls for participation, and job offers, positioning itself as a key media hub in the Luxembourg cultural sector. The website is built on Drupal 10 with modern web technologies and integrates social media and newsletter marketing tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though some HTTP security headers could be improved. Privacy compliance is well addressed with a clear privacy policy and cookie management. The absence of explicit contact information and terms of service pages is noted but does not significantly detract from overall credibility. The domain registration aligns well with the website's cultural and governmental affiliations, supporting legitimacy. Overall, culture.lu presents a professional, trustworthy, and content-rich platform for its target audience.

L

Le Gouvernement du Grand-Duché de Luxembourg

citoyens.lu

0

Guichet.lu is the official government portal of Luxembourg dedicated to providing citizens with easy access to a wide range of administrative information and services. The website covers numerous thematic areas including financial aids, citizenship, family and education, taxation, immigration, inclusion, justice, housing, leisure, health, transport, and work. It serves as a comprehensive digital gateway for residents and citizens to interact with government services efficiently. Technically, the site is built on Adobe Experience Manager, a robust enterprise CMS platform, and employs modern web technologies including SVG icons and JavaScript for enhanced user experience. The site demonstrates good mobile optimization, accessibility features, and SEO practices, ensuring broad usability and reach. From a security perspective, the website enforces HTTPS, includes security headers, and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response information are not publicly detailed, which could be improved to enhance transparency and trust. Overall, Guichet.lu presents a professional, trustworthy, and user-friendly platform that effectively supports the Luxembourg government's digital service delivery to its citizens. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure mechanisms, and providing direct security contact channels to further strengthen its security posture and user trust.

G

GOVCERT.LU

govcert.lu

0

GOVCERT.LU serves as the official Computer Security Incident Response Team (CSIRT) for the Government of Luxembourg, providing centralized cybersecurity incident management and response services for government and critical infrastructure operators. The website offers comprehensive information on incident reporting, security advisories, and contact channels, positioning GOVCERT.LU as a trusted national cybersecurity authority. Technically, the site is built using the Hugo static site generator, delivering fast performance, mobile optimization, and accessible design. Security posture is strong with HTTPS enforced and secure communication channels, though improvements are needed in security headers and formal vulnerability disclosure policies. Overall, the site demonstrates a professional and trustworthy presence aligned with government standards.

A

Association d'assurance accident

aaa.lu

0

The Association d'assurance accident (AAA) website serves as the official online presence for the Luxembourg governmental accident insurance association. It provides comprehensive information on accident insurance, workplace safety, indemnifications, and related public services. The site targets residents, workers, and employers in Luxembourg, offering resources, contact points, and regulatory information. The organization holds ISO9001:2015 certification, reinforcing its commitment to quality and trustworthiness. Technically, the website is built on Adobe Experience Manager CMS, leveraging modern web technologies including RequireJS and Adobe Dynamic Tag Manager for analytics and marketing. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional design. Cookie consent and privacy policies are implemented in compliance with GDPR. Security posture is moderate with HTTPS usage inferred, but no explicit security headers were detected in the provided data. No vulnerabilities or exposed sensitive data were found. The absence of WHOIS data limits domain registration trust analysis, but the domain's public.lu TLD and content strongly indicate an official government entity. Overall, the website is a reliable and professional government resource with good content quality and privacy compliance. Recommendations include enhancing security headers, publishing explicit security policies, and improving WHOIS data transparency where possible.

L

Le Gouvernement du Grand-Duché du Luxembourg

accessibilite.lu

0

The website accessibilite.lu is an official government portal of Luxembourg dedicated to providing information on accessibility across digital platforms, infrastructure, and products/services. It serves as a public service resource aimed at residents and stakeholders interested in accessibility issues within Luxembourg. The site is branded consistently with Luxembourg government identity and offers navigation in French with an option for German. Technically, the site uses standard HTML5, CSS, and JavaScript, including Adobe Launch for analytics, indicating a moderate level of digital maturity. The site is mobile optimized and accessible, though content quality is basic with limited depth on the landing page. Security posture is adequate with HTTPS implied, but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. No contact or incident response information is provided, limiting user engagement and trust channels. Overall, the domain registration and DNS configuration align with official Luxembourg government infrastructure, confirming legitimacy and trustworthiness. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance the site's security and user trust.

C

Cour des comptes du Grand-Duché de Luxembourg

cour-des-comptes.lu

0

The Cour des comptes du Grand-Duché de Luxembourg is the official government institution responsible for auditing public finances in Luxembourg. The website serves as a portal for publishing audit reports, legislative information, and institutional presentations. It targets citizens, government officials, and auditors, providing transparency and accountability in public financial management. The site is well-branded with consistent government identity and multilingual support. Technically, the website is built on Adobe Experience Manager CMS and uses Adobe Dynamic Tag Manager for analytics and tag management. It employs modern JavaScript libraries such as RequireJS and a cookie consent management tool (OreJime). The site demonstrates good mobile optimization, accessibility, and SEO practices, although explicit security headers were not visible in the provided data. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR. However, no explicit security policies, incident response contacts, or vulnerability disclosures were found. The WHOIS data was unavailable due to a malformed domain query, but the domain's official government subdomain and content indicate legitimacy. No WAF or blocking mechanisms were detected, and the content is safe for general audiences. Overall, the website presents a professional and trustworthy government service portal with room for improvement in security header implementation and transparency around security policies and incident response.

C

Chambre des députés du grand-duché de Luxembourg

chd.lu

0

The website www.chd.lu is the official online presence of the Luxembourg Parliament, providing comprehensive information about parliamentary sessions, deputies, commissions, legislative documents, and public engagement tools. It serves a broad audience including citizens, researchers, and media, offering multilingual content and multimedia resources. The site is built on Drupal 10, indicating a modern and maintainable technical infrastructure with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced, though some improvements such as security headers and cookie consent mechanisms could enhance compliance and protection. The absence of WHOIS data is likely due to registry restrictions rather than privacy concerns, but it slightly impacts trust scoring. Overall, the site is professional, trustworthy, and well-positioned as a government information portal.

C

Cour grand-ducale de Luxembourg

monarchie.lu

0

The website monarchie.lu is the official online presence of the Grand-Ducal Court of Luxembourg, providing authoritative information about the Grand-Ducal family, the constitutional monarchy, and related governmental activities. It serves as a key communication channel for citizens and interested parties, offering news, official reports, and educational content including a dedicated kids subdomain. The site is well-positioned as a trusted government resource with consistent branding and multilingual support. Technically, the site is built on Drupal 10, leveraging modern web technologies and includes accessibility features and mobile optimization. It uses Matomo analytics with privacy-conscious configurations. Hosting is managed via Luxembourg government infrastructure, ensuring alignment with the official nature of the content. Performance is moderate with good SEO and metadata implementation. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms. However, it lacks explicit security headers, a published security policy, or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with GDPR considerations evident in cookie management and privacy policy presence. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for a government entity. Strategic improvements in security transparency and incident response communication would further enhance its posture.

M

Ministère de la Digitalisation - Le gouvernement luxembourgeois

luxchat4gov.lu

0

Luxchat4Gov is a secure, government-provided instant messaging platform designed specifically for the Luxembourg public sector. Operated by the Ministry of Digitalisation, it leverages the open-source Matrix protocol to ensure end-to-end encrypted communications hosted within Luxembourg data centers. The service is free of charge, ad-free, and respects user privacy, positioning itself as a trusted communication tool for government agents and employees. The website reflects a professional government portal with clear navigation, multilingual support, and official branding. Technically, the site is built on Adobe Experience Manager, uses modern JavaScript libraries, and integrates Adobe Dynamic Tag Management for analytics and tag control. The platform is mobile-optimized and accessible, with a cookie consent mechanism aligned with GDPR requirements. Security practices include HTTPS enforcement and encrypted messaging, though explicit security headers and incident response information are not publicly detailed. The security posture is strong given the encryption and hosting policies, but could be enhanced by publishing security policies and vulnerability disclosure programs. The absence of WHOIS data is likely due to the domain being a subdomain of the official Luxembourg government domain, which supports legitimacy despite missing registrar details. Overall, Luxchat4Gov presents a mature, secure, and privacy-conscious communication platform for government use, with a well-structured website that supports its mission and user base effectively.

L

Le Gouvernement du Grand-Duché de Luxembourg

lu-alert.lu

0

LU-Alert is the official Luxembourg government website dedicated to the national alert and information system for the population. It provides timely alerts issued by public authorities and promotes the LU-Alert mobile application available on iOS and Android platforms. The website targets residents and citizens of Luxembourg, aiming to enhance public safety through effective communication channels. The site is well-branded with consistent government identity and offers content primarily in French with language alternatives.

L

Le Gouvernement du Grand-Duché de Luxembourg

etat.lu

0

The website etat.public.lu serves as the official directory and portal for public administration websites of the Grand Duchy of Luxembourg. It provides comprehensive listings and links to government ministries, agencies, and related public services primarily in French. The site is government-operated, targeting public sector employees, citizens, and stakeholders seeking official information. The business model is informational and public service oriented, with a strong market position as the authoritative government directory. Technically, the site is built on Adobe Experience Manager, uses modern web standards, and is mobile optimized with good accessibility features. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and incident response information. The absence of WHOIS data limits domain trust verification, though the content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and serves its public information purpose effectively.

L

Le Gouvernement du Grand-Duché de Luxembourg

guichet.lu

0

Guichet.public.lu is the official government portal of Luxembourg dedicated to providing citizens with easy access to a wide range of public services and administrative information. The website offers comprehensive coverage of topics such as financial aids, citizenship, family and education, taxation, immigration, inclusion, justice, housing, leisure, health, transport, and employment. It serves as a centralized digital gateway for Luxembourg residents to navigate government procedures efficiently. Technically, the site is built on Adobe Experience Manager (AEM), leveraging modern web technologies including SVG icons, JavaScript, and CSS for a responsive and accessible user experience. The presence of Adobe Dynamic Tag Manager indicates a mature approach to analytics and marketing tag management. The site is mobile-optimized and includes accessibility features, ensuring usability for a broad audience. From a security perspective, the website enforces HTTPS and integrates secure login mechanisms linking to official government authentication services. Cookie consent and privacy policies are clearly presented, reflecting compliance with GDPR requirements. While explicit security headers are not fully visible in the provided data, the overall posture appears strong with no evident vulnerabilities or exposed sensitive data. Overall, guichet.public.lu demonstrates a high level of professionalism, trustworthiness, and user-centric design, making it a reliable resource for Luxembourg citizens. The main limitation in the analysis is the absence of WHOIS data, which restricts domain registration trust assessment. Nonetheless, the official branding and domain extension support its legitimacy.

L

Le Gouvernement du Grand-Duché de Luxembourg

luxembourg.lu

0

The website luxembourg.public.lu is the official government portal of the Grand Duchy of Luxembourg, providing comprehensive information about the country’s culture, living conditions, tourism, education, work, and investment opportunities. It serves a broad audience including residents, tourists, investors, and the general public. The site is well-branded with consistent government logos and multilingual support, reflecting Luxembourg’s multicultural and multilingual identity. Technically, the site is built on Adobe Experience Manager, uses modern web technologies, and includes accessibility and SEO best practices. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers could be improved. The absence of WHOIS data is likely due to registry restrictions rather than malicious intent, but it slightly impacts trust metrics. Overall, the site is professional, trustworthy, and well-maintained.

L

Le gouvernement luxembourgeois

gouvernement.lu

0

The website gouvernement.lu is the official portal of the Luxembourg government, providing authoritative information, news, and access to public services. It serves a broad audience including citizens, residents, businesses, and international partners. The site is well-structured, multilingual, and professionally designed, reflecting its role as a government information hub. Technically, it is built on Adobe Experience Manager CMS and uses Adobe DTM for tracking, indicating a mature digital infrastructure. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security headers and policies could be improved. WHOIS data is unavailable due to query rate limits, but the domain's .lu TLD and official branding support legitimacy. Overall, the site demonstrates strong business credibility and good privacy compliance.

D

Docler Holding

doclerholding.com

0

Docler Holding is a well-established multinational holding company specializing in technology, media, entertainment, sports, and arts sectors. Founded in 2001, it manages a diverse portfolio of over 18 companies and employs more than 1500 people across multiple locations. The company positions itself as a pioneer in digital experiences with a strong emphasis on creativity and innovation. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive business information. Technically, the site leverages modern frameworks such as Next.js and React, with a CMS likely based on Strapi, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, domain transfer locks, and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is well addressed with accessible privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy and trustworthiness.

Honda Luxembourg operates as a localized digital presence for the Honda brand, offering a range of automotive, motorcycle, marine, industrial, lawn and garden, and snowthrower products tailored to the Luxembourg market. The website is well-branded and professionally designed, providing multimedia content and clear navigation to various product categories. The technical infrastructure leverages modern JavaScript modules, Adobe Experience Manager CMS, and integrates Google Tag Manager for analytics and marketing purposes. Privacy compliance is addressed with a comprehensive cookie consent mechanism powered by OneTrust, although explicit privacy policy and terms of service pages are not directly found in the provided content. Security posture is moderate with HTTPS implied but lacking visible security headers and no explicit incident response or security policy information. The absence of WHOIS data limits domain trust verification, but the overall brand consistency and content quality support legitimacy. Strategic improvements include enhancing security headers, publishing privacy and security policies, and providing clear contact information for users and security incidents.

F

Fundnav Login

fundnav.lu

0

Fundnav.lu operates as a secure login portal primarily targeting professional investors and approved users who have undergone KYC verification by fund managers or issuers. The platform facilitates access to fund and security information, emphasizing compliance and restricting access to unauthorized or US persons. The website content is minimal but focused on secure access and legal disclaimers, reflecting a niche financial services business model. The site is consistent with a small Luxembourg-based finance entity founded around 2012. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, jQuery, and FontAwesome. Hosting is managed via EuroDNS nameservers, indicating a reputable DNS provider. The site demonstrates basic mobile optimization and accessibility but lacks advanced SEO and security headers. No analytics or tracking scripts were detected, suggesting minimal user tracking. From a security perspective, the site uses HTTPS (implied by form action URL), but no explicit security headers such as CSP or HSTS were found. The login form requires credentials but lacks visible anti-CSRF tokens. No incident response or security policies are published. The WHOIS data is consistent and transparent, supporting legitimacy. No WAF or blocking mechanisms were detected, and the content is accessible. Overall, Fundnav.lu presents a moderate risk profile with a need for improved privacy compliance, enhanced security headers, and more comprehensive contact information. The business credibility is solid given the domain age and consistent WHOIS data, but technical and privacy improvements would strengthen trust and security posture.

G

Gault&Millau Luxembourg

gaultmillau.lu

0

Gault&Millau Luxembourg operates as a hospitality guide focusing on restaurants, bars, chocolatiers, and awards within Luxembourg. The website serves consumers and food enthusiasts by providing curated selections and detailed search capabilities. It is part of a broader international network with sister sites in multiple countries, enhancing its market presence. Technically, the site employs modern frontend technologies such as Bootstrap and Google Tag Manager, ensuring a responsive and user-friendly experience. However, the absence of WHOIS data limits full verification of domain legitimacy. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and formal privacy or cookie policies. Overall, the site is professional and safe for general audiences but would benefit from enhanced security and compliance transparency.

C

CreaTrust Sàrl

creatrust.com

0

Creatrust Sàrl is a well-established Luxembourg-based company specializing in corporate, investment fund, and family office services. With over 20 years of experience, it positions itself as a leading independent provider offering comprehensive solutions including company formation, fund setup, wealth structuring, and fintech platforms such as FundNav®, Intradomus®, and FundWire®. The company targets international clients, institutional investors, and high net worth individuals seeking to establish or manage entities in Luxembourg. The website reflects a professional and consistent brand image with detailed service offerings and client testimonials, reinforcing its market credibility. Technically, the website employs modern web technologies including Bootstrap, jQuery, Google Analytics, and Google Tag Manager, ensuring a responsive and user-friendly experience. Hosting is managed by EuroDNS S.A., and the domain is secured with HTTPS and clientTransferProhibited status, though DNSSEC is not enabled. The site lacks a cookie consent mechanism and explicit security or incident response policies, which are areas for improvement in privacy compliance. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and use of reCAPTCHA, but could enhance its posture by enabling DNSSEC and publishing security policies. No vulnerabilities or suspicious activities were detected. Overall, Creatrust presents a trustworthy and professional online presence suitable for its financial services audience. Strategically, Creatrust should focus on enhancing GDPR compliance by implementing cookie consent and publishing detailed security and incident response policies. Enabling DNSSEC would further strengthen domain security. These steps will improve user trust and regulatory adherence, supporting the company’s strong market position in Luxembourg’s financial services sector.

W

Walk the Talk

walkthetalkeu.com

0

Walk the Talk is a small-scale informational and advocacy website focused on the 2024 European Elections, aiming to engage European citizens by providing facts, candidate information, and voting guidance. The site targets voters across Europe, encouraging civic participation and awareness of key issues. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including Google Analytics, Google Tag Manager, and Weglot for multilingual support. The site is mobile-optimized with good design and navigation, though accessibility features are basic. Security posture is solid with HTTPS and HSTS enabled, but lacks some advanced security headers and formal security policies. Privacy compliance is limited, with no visible privacy policy or terms of service, though a cookie consent banner is present. The absence of WHOIS data reduces domain trustworthiness, suggesting the domain may be unregistered or privacy protected, which warrants further verification. Overall, the website is functional and professional but would benefit from enhanced transparency and security documentation.

E

European Youth Information and Counselling Agency

eryica.org

0

ERYICA is a European non-profit organization dedicated to supporting youth information and counselling services across 26 countries with 42 members and over 4,000 youth information services. The organization focuses on upholding young people's right to reliable information, fostering cooperation, professional development, and innovation in the youth information sector. The website is professionally built on Squarespace, featuring a modern design, good mobile optimization, and accessibility features. Social media presence is active across major platforms, enhancing outreach and trust. Security posture is strong with HTTPS and HSTS enabled, though the absence of explicit privacy and terms of service policies indicates room for compliance improvement. Overall, ERYICA presents a credible and well-maintained digital presence aligned with its mission.

F

Footlocker.com, Inc.

footlocker.lu

0

Foot Locker Luxembourg operates a professional e-commerce platform specializing in sneakers, clothing, and accessories. The website targets a general audience interested in popular footwear and sportswear brands, offering a broad catalog with free delivery options and store locator services. The site demonstrates a mature digital presence with modern technologies such as React, Tailwind CSS, and Adobe DTM, ensuring a responsive and accessible user experience across devices. Security posture is strong with HTTPS enforcement and security headers, though some areas like public security policies and incident response contacts could be improved. The absence of WHOIS data limits domain trust verification, but the overall site professionalism and branding consistency support legitimacy. Strategic recommendations include enhancing transparency around security and contact information to further build trust and compliance.

D

DNX Network Sarl

xcams-models.com

0

Xcams-Models is a premium European adult webcam platform operated by DNX Network Sarl, a company with a solid reputation and listed parent company. The platform targets webcam models and studios offering premium shows to paying customers, with a business model focused on revenue sharing and affiliate incentives. The website is professionally designed with good content quality and clear navigation, supporting multiple languages and payout methods including Bitcoin. Technically, the site uses modern web technologies such as Bootstrap, Google Tag Manager, Microsoft Clarity, and Zendesk for support, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain registration protections, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy for its business purpose but should improve compliance and security transparency.

BimBimAI is a newly launched AI companion service operated by Byborg IP S.a r.l., based in Luxembourg. The website offers users the ability to create and interact with AI companions via chat or calls, targeting a mature audience interested in AI-driven social interactions. The business appears to be a startup in the AI technology sector, focusing on personalized AI companion experiences. The website is multilingual, supporting many European languages, indicating an intent to reach a broad international audience. Technically, the site uses modern web technologies including Google Tag Manager and various social media advertising pixels, but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Privacy compliance is weak, with no visible privacy or cookie policies and extensive tracking scripts present. WHOIS data is transparent and consistent with the business claims, showing a recent domain registration appropriate for a new venture. Overall, the site is functional but requires improvements in privacy, security, and content policies to enhance trust and compliance.

X

xnx.cam

xnx.cam

0

xnx.cam is an adult entertainment website specializing in aggregating live sex cam feeds from multiple popular adult cam platforms. It offers categorized access to thousands of live cam models, targeting an adults-only audience interested in live adult webcam shows. The site operates as an affiliate, linking users to partner cam sites for live streaming and chat services. Technically, the site is built on WordPress with common plugins such as Yoast SEO and uses jQuery and AJAX for dynamic content loading. The site is moderately optimized for mobile and SEO, with good navigation and content relevance. Security posture is moderate but lacks important elements such as DNSSEC, security headers, and published privacy or cookie policies. No direct contact or incident response information is provided, which limits transparency. The domain is registered with Key-Systems LLC in Luxembourg since 2019, consistent with the business type and operation. Overall, the site is functional and professional in design but requires improvements in security and privacy compliance to enhance trust and user safety.

A

AC Webconnecting N.V. DBA domain.cam

ticketshow.cam

0

Ticketshow.cam is an adult entertainment platform specializing in live sex cam shows with a ticketed group show model. The website targets adults seeking interactive live cam experiences and monetizes through fixed-price ticket sales for shows. The platform uses modern web technologies including Bootstrap and jQuery to deliver a responsive and user-friendly experience. Privacy and cookie policies are implemented with consent mechanisms, and the site includes recognized adult industry compliance seals such as RTA and ASACP. However, the domain WHOIS data shows inconsistencies, including a future creation date and use of potentially suspicious name servers, which may impact trustworthiness. The site lacks explicit security policies and incident response information, and no direct company contact emails or phone numbers are provided.

Jasmin.ai is a technology company specializing in AI-generated virtual companions, offering services such as chat, voice calls, and image sharing with AI girlfriends and characters. The platform targets adult users seeking personalized AI interactions and operates on a subscription and credit-based business model. The company is relatively new, founded in 2022, and registered in Luxembourg under Byborg IP S.a r.l. The website demonstrates a good level of digital maturity with modern frameworks like React and integration of multiple analytics and advertising pixels, indicating active marketing efforts. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and published security policies. Privacy compliance is basic with cookie consent and a cookie policy, but no explicit privacy or terms of service pages were found. Overall, the site is accessible, professionally designed, and functional, but could improve transparency and security documentation.

E

EBRAND Holdings S.A.

ebrand.com

0

EBRAND Holdings S.A. is a Luxembourg-based company specializing in brand protection, digital risk protection, and corporate domain management. The company offers expert consultancy and tailored software solutions to help businesses mitigate risks related to fraud, counterfeiting, phishing, and domain security. Their market position is that of an established international service provider with a medium-sized workforce and a strong focus on technology-driven solutions. The website reflects a professional and consistent brand image with comprehensive content targeting B2B clients across multiple industries and roles. Technically, the website is built on WordPress using Elementor and Yoast SEO Premium, with integrations for Google Analytics, Google Tag Manager, and ActiveCampaign for marketing and analytics. The site is multilingual, supporting several languages via WPML, indicating a global reach. Performance and mobile optimization are good, though accessibility is basic. Security is well-implemented with HTTPS, domain transfer protections, and cookie consent mechanisms, but could be improved by enabling DNSSEC and additional security headers. From a security perspective, the site shows good practices but lacks explicit privacy policy and terms of service pages, which are important for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, which could be a gap in transparency. The WHOIS data is consistent and supports the legitimacy of the business, with a long domain history and clear registrant information. Overall, the website is professional, credible, and technically sound, with room for improvement in privacy compliance and security transparency to enhance trust and regulatory adherence.

C

Chateaud'eau SARL

chateaudeau.lu

0

Chateaud'eau SARL is a Luxembourg-based company specializing in providing water solutions for enterprises, including water fountains, bottled water, and filtration systems. The company positions itself as a market leader in Luxembourg, supported by its affiliation with the Eden Springs group. Their offerings focus on improving workplace hydration with environmentally conscious products and services. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, targeting B2B customers in Luxembourg. Technically, the site uses Drupal CMS with modern JavaScript libraries and integrates multiple analytics and advertising tracking tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, though it lacks some advanced security headers and published security policies. The absence of WHOIS data limits domain trust verification, but the website content and business information appear legitimate and consistent with a professional enterprise. Overall, the site demonstrates good compliance with privacy regulations and offers a trustworthy user experience.

T

The Hertz Corporation

thrifty.lu

0

Thrifty Car Rental, a brand under The Hertz Corporation, operates a comprehensive car rental service across Europe with over 400 locations. The website offers a user-friendly booking platform, extensive fleet options including electric vehicles, and promotional offers targeting cost-conscious travelers. The company leverages its strong brand recognition and parent company backing to maintain a competitive market position. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and functional user experience. Privacy and cookie consent mechanisms are well implemented, reflecting compliance with GDPR and related regulations. Security posture is solid with HTTPS enforcement and CSRF protections, though some security headers and explicit vulnerability disclosures are absent. Overall, the site presents a professional and trustworthy digital presence aligned with an established transportation business.

C

CLdN

cldn.com

0

CLdN is a well-established logistics company specializing in integrated maritime and multimodal transport solutions across Europe. Founded in 1929, it operates a large fleet of RoRo ships and maintains a network of terminals and transport units, serving major economic regions including the UK, Ireland, Iberia, and Scandinavia. The company emphasizes sustainability with a low CO2 footprint and employs around 3,000 staff. The website reflects a professional and comprehensive digital presence built on Drupal 10, featuring modern web technologies and good mobile optimization. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. However, the absence of WHOIS registration data for the domain www.cldn.com is a notable anomaly that slightly impacts trust. Security posture is generally good with HTTPS enforced, but lacks visible security headers and explicit incident response or vulnerability disclosure information. Overall, the website is functional, professional, and trustworthy, but could improve transparency and security documentation to enhance confidence further.

Willy Naessens Luxembourg SA is a prominent leader in the construction of industrial buildings in Belgium and Luxembourg, boasting over 10,000 completed projects. The company operates under the Willy Naessens Group umbrella, offering integrated vertical construction services including design, prefabricated concrete production, and turnkey solutions. Their innovative modular building system, The Circle®, exemplifies their commitment to efficiency and sustainability. The website is professionally designed, content-rich, and targets business clients in the industrial construction sector. Technically, the site employs modern tracking and analytics tools, is hosted behind Cloudflare, and uses HTTPS with good privacy controls. However, some security headers are missing, and no explicit security or incident response policies are published. Privacy compliance is strong with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the website reflects a mature digital presence with good business credibility and moderate to strong security posture.

V

Van Mossel Automotive Group

vanmossel.lu

0

Van Mossel Automotive Group is a major automotive distributor operating in Luxembourg and several European countries, representing 43 automotive brands. The company offers vehicle sales, leasing, and dealership services, targeting customers in the transportation sector. The website is professionally designed using modern technologies such as Nuxt.js and Tailwind CSS, with integrations for Google Tag Manager and Google Maps API, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, but lacks comprehensive security headers and explicit privacy and terms policies. The absence of WHOIS data limits domain trust verification, though the website's professional presentation supports legitimacy. Strategic improvements in privacy transparency, security header implementation, and contact information publication would enhance trust and compliance.

R

Rotarex

rotarex.com

0

Rotarex is a well-established global manufacturer specializing in premium gas control products including valves, pressure regulators, and complete gas systems. Founded in Luxembourg in 1922, the company holds a strong market position as a world-leading producer in the energy sector, targeting industrial and commercial gas system users. Their website reflects a professional and consistent brand image with clear business information and contact details. Technically, the site employs a modern technology stack including jQuery, Fancybox, Google Tag Manager, and Hotjar, hosted on Azure DNS infrastructure. The website is mobile-optimized and SEO-friendly, providing a good user experience. Security-wise, the site uses HTTPS and a robust cookie consent mechanism via Cookiebot, but lacks DNSSEC and explicit security policies or incident response contacts. Extensive user tracking is observed through multiple analytics and marketing tools, with good privacy compliance via cookie consent but no visible privacy policy or terms of service. Overall, the domain's WHOIS data supports legitimacy with a long registration history and consistent registrant information. The website is trustworthy and professionally maintained but could improve transparency around privacy and security policies.

A

alpine

alpinecars.lu

0

Alpine Luxembourg operates as the official regional website for Alpine sports cars, a brand under the Renault Group, targeting sports car enthusiasts and motorsport fans in Luxembourg. The site provides detailed information on Alpine vehicle models, connected services, financing options, and motorsport activities including F1 and WEC. The website demonstrates a professional digital presence with consistent branding and a modern React-based technical infrastructure, leveraging Renault Group's CDN and assets for performance and reliability. Security posture is generally good with HTTPS enforced and cookie consent implemented; however, the absence of explicit privacy and terms of service pages, lack of security headers, and missing WHOIS data represent areas for improvement. Overall, the site is trustworthy and well-positioned in its niche but would benefit from enhanced transparency and security best practices.

A

Arendt

arendtservices.com

0

Arendt is a well-established professional services firm specializing in legal, regulatory, taxation, and advisory services primarily in Luxembourg. The company offers a broad range of services including legal and tax advisory, regulatory consulting, investor services, and training through its Arendt Institute. The website reflects a mature market position with a focus on business clients seeking expert guidance in complex regulatory environments. Technically, the website is built on WordPress with a modern tech stack including analytics and GDPR compliance tools, providing a good user experience with accessibility features and responsive design. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response policies are not published. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score.

Nordea Asset Management Luxembourg is a large, well-established financial institution specializing in asset management and investment solutions for professional investors. The company emphasizes responsible investment and ESG principles, offering a broad range of funds and multimedia educational resources. The website is professionally designed, mobile-optimized, and provides comprehensive legal and privacy documentation, reflecting a mature digital presence. Technically, the site is built on WordPress with modern frameworks and integrates advanced analytics and tag management tools, ensuring good performance and SEO. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not found. Overall, the domain registration data aligns with the company's claims, supporting legitimacy and trustworthiness.

Synapse Mobile Networks S.A. is a small telecommunications software provider based in Luxembourg, established in 2003. The company specializes in network management solutions including Automatic Device Management Systems, Equipment Identity Registers, and Roaming Service Centers targeted at 3GSM/LTE operators. Their website reflects a niche B2B business model focusing on telecom operators seeking to optimize network access and roaming services. The market position is that of a specialized software vendor with a consistent brand presence but limited public-facing content and engagement features. Technically, the website uses legacy JavaScript libraries such as jQuery and jQuery UI along with a slider plugin for UI elements. The site is moderately performant with basic mobile optimization and accessibility features. However, there is no evidence of modern CMS usage or advanced SEO practices. The website lacks HTTPS information in the provided data, and no security headers or privacy-related policies are present, indicating a low maturity in security and compliance. From a security perspective, the absence of HTTPS and security headers is a significant concern, exposing users to potential risks. The lack of privacy and cookie policies also indicates non-compliance with GDPR and related regulations. No contact information or incident response channels are provided, limiting transparency and trust. Overall, the security posture is weak, and the website would benefit from implementing standard security best practices and compliance documentation. The overall risk assessment suggests moderate business credibility but low security and privacy compliance. Strategic recommendations include immediate implementation of HTTPS, publishing privacy and cookie policies, adding contact and incident response information, and improving mobile and accessibility features to enhance user trust and regulatory compliance.

Designer Outlet Luxembourg operates a retail outlet shopping center featuring over 60 major brands offering discounts year-round. The website presents a professional and consistent brand image targeting shoppers in Luxembourg and nearby regions. The technical infrastructure is based on TYPO3 CMS hosted on Apache servers with integration of modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Cookiebot for GDPR compliance. Security posture is adequate with a valid SSL certificate but lacks modern TLS protocol support and some advanced security headers. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information and social media presence enhance business credibility. Overall, the website is functional, secure, and compliant with relevant regulations, supporting the business's retail operations effectively.

A

AF Compressors

afcompressors.com

0

AF Compressors is a well-established manufacturer specializing in oil-free piston compressors, serving industrial sectors including PET bottling. The company positions itself as a world leader with a strong focus on energy and cost savings. Their website reflects a medium-sized enterprise with a global service network and a consistent brand presence. Technically, the site is built on WordPress with modern libraries and tracking tools, but suffers from a critical lack of HTTPS and valid SSL certificates, which severely impacts security posture. Privacy policies and cookie consent mechanisms are implemented, though extensive tracking scripts may affect privacy compliance. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

W

Wordbee

wordbee.com

0

Wordbee is a technology company specializing in AI-powered localization software designed for language service providers, enterprises, and regulated industries. The platform offers comprehensive localization solutions including translation management, automated business processes, and compliance features. Positioned as a scalable and future-ready solution, Wordbee targets businesses seeking intelligent automation and precise localization workflows. Technically, the website is built on the Wix platform utilizing modern frameworks like React 18 and integrates multiple Wix apps for forms, bookings, e-commerce, and content management. While the site demonstrates good content quality and professional design, it lacks a valid SSL certificate, which is a critical security concern. The absence of a cookie consent mechanism also indicates partial privacy compliance. Overall, the security posture requires immediate improvement to protect user data and enhance trust. Strategic recommendations include implementing HTTPS with modern TLS protocols, enhancing privacy compliance, and optimizing technical performance to maintain competitive advantage.