Security Directory

D

dd's space

dd86k.space

0

The website dd86k.space is a personal portfolio and resource hub primarily focused on showcasing the author's projects, manuals, documentation, and public resources. It serves a general audience interested in technology and software development. The site includes links to related blogs, error databases, and multiple code hosting profiles, indicating an active engagement in software projects and open source contributions. The business model is personal and informational rather than commercial, with no evident monetization or e-commerce features. Technically, the website is built with basic HTML and CSS, without advanced frameworks or CMS platforms. Hosting appears to be through Namecheap, with DNS servers managed by the registrar. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No analytics or advertising technologies are detected, indicating minimal user tracking and a privacy-conscious approach. From a security perspective, the site uses HTTPS (implied by domain registrar and modern standards, though SSL configuration details are not provided). However, no security headers are detected, and DNSSEC is not enabled, which are areas for improvement. The domain is privacy protected via a service based in Iceland, which is appropriate for a personal site. No privacy policy, cookie policy, or terms of service are present, which limits compliance with GDPR and other regulations. No contact information or incident response details are provided, reducing transparency. Overall, the website is safe, professional, and suitable for general audiences but lacks formal privacy and security documentation. The AI score reflects good content and business credibility but penalizes the site for missing compliance and security best practices. Strategic improvements in security headers, privacy policies, and contact transparency would enhance trust and compliance.

P

Privacy service provided by Withheld for Privacy ehf

lgbt.io

0

LGBT.io operates as a niche Mastodon social media instance dedicated to serving the LGBT+ community and allies. It provides decentralized social networking services leveraging the open-source Mastodon platform, fostering a moderated and inclusive environment. The platform is community-supported financially via Patreon, LiberaPay, and PayPal, indicating a patronage business model. The website content is well-structured, with clear code of conduct and active moderation staff, reinforcing its community focus and trustworthiness. Technically, the site uses a modern tech stack based on Mastodon with React and JavaScript, hosted likely via Spaceship, Inc. and Bunny.net CDN. The site is mobile-optimized and performs moderately well, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. However, some security best practices such as DNSSEC and security headers are missing, and no cookie consent mechanism is present. From a security perspective, the site enforces HTTPS and has domain transfer protections. Content moderation policies are comprehensive, disallowing illegal and explicit content, which enhances safety. However, the absence of published security policies, incident response contacts, and cookie consent reduces compliance maturity. The WHOIS data shows privacy protection, which is justified given the community nature of the service, and the domain age supports legitimacy. Overall, LGBT.io presents a trustworthy, community-oriented social media platform with good technical foundations but could improve in privacy compliance and security transparency. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security and incident response policies, and implementing cookie consent to enhance compliance and user trust.

Mutant Standard is a small creative project focused on delivering an experimental emoji set with diverse and inclusive themes such as LGBT, queer, furry, and cyberpunk. The website serves as a distribution and demo platform for these emoji assets, targeting niche communities interested in alternative emoji representations. The business operates independently with no visible parent or subsidiary companies and maintains a consistent brand identity centered around creativity and inclusivity. Technically, the website is built with standard modern web technologies including HTML5, CSS3, SVG, and optimized image formats like WebP. It is mobile responsive and offers a good user experience with clear navigation. However, the site lacks advanced frameworks or CMS platforms and does not implement common security headers or analytics tools, indicating a lightweight and minimalistic technical infrastructure. From a security perspective, the site uses HTTPS (implied by domain registrar and modern web standards) but lacks explicit security headers and privacy policies, which reduces its compliance posture. No forms or data collection mechanisms are present, minimizing attack surface but also limiting user engagement features. The domain is privacy protected but legitimate, with a registration date consistent with the business age. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is a niche, well-designed creative project with moderate technical maturity and limited security controls. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and security posture.

The website mariomasta64.me is a personal or hobbyist platform primarily focused on hosting various downloadable resources and information related to gaming consoles, software hacks, and miscellaneous technology content. It targets a niche audience of technology enthusiasts and gamers interested in console hacking and software tools. The site is modest in scale and does not present itself as a commercial business. Technically, the site uses basic HTML and CSS with JSON-LD structured data for social media links and site structure. It is hosted with NameCheap as registrar and uses Cloudflare for DNS services, but lacks DNSSEC and no HTTPS status was confirmed from the data provided. Security posture is minimal with no evident security headers or privacy policies, and no forms or data collection mechanisms are present. The site is accessible without WAF or blocking mechanisms. Overall, the site is functional but basic, with limited privacy and security compliance. Strategic improvements in HTTPS implementation, security headers, and privacy policies would enhance trust and compliance.

The website aagaming.me is a personal hobby developer portfolio primarily focused on reverse engineering projects. The site owner, known as 'aa', showcases various projects and references work on decky.xyz, indicating a niche presence within the developer and reverse engineering community. The business model is informal and hobbyist, with no commercial or enterprise scale operations evident. The site targets hobby developers and technology enthusiasts interested in reverse engineering and software development. Technically, the website is built using the Astro framework and utilizes Cloudflare for DNS services. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. There are no detected CMS platforms or third-party analytics or advertising tools, indicating a lightweight and privacy-conscious setup. From a security perspective, the site lacks critical security headers and does not enable DNSSEC, which could improve domain security. No privacy or cookie policies are present, and no contact or incident response information is provided, limiting compliance with GDPR and other privacy regulations. The domain is privacy protected via a service in Iceland, which is consistent with the personal nature of the site. Overall, the security posture is basic with room for improvement. The overall risk is low given the non-commercial nature and safe content, but the site would benefit from adding privacy policies, security headers, and contact information to enhance trust and compliance. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing privacy and cookie policies, and providing clear contact and incident response details.

E

Elena Rossini

elena.social

0

Elena.social is a newly registered personal or small business website associated with Elena Rossini. The site presents minimal content and metadata, primarily serving as a social profile or personal landing page. The technical infrastructure includes standard web fonts, Font Awesome icons, and jQuery, hosted via NameCheap with privacy-protected WHOIS data. Security posture is basic with HTTPS enabled but lacks advanced security headers and policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional but lacks comprehensive business and security information.

fastdl.me is a specialized hosting service focused on providing fast downloads for Counter-Strike: Source maps, particularly catering to niche communities such as bhop, surf, kz, trikz, and xc map players. The service operates primarily as a community resource, offering curated and unfiltered map directories, submission channels, and open source repositories to maintain and expand its map archive. The website is small-scale, community-driven, and operates with a privacy-protected domain registration based in Iceland. Technically, the website employs a straightforward HTML and CSS design, leveraging Cloudflare's CDN and Workers to optimize download performance and mitigate issues related to long-running requests. The site is basic in mobile optimization and accessibility but functional for its target audience. Open source repositories on GitHub support transparency and community involvement. The site does not use a CMS and is hosted behind Cloudflare, with no explicit hosting provider disclosed. From a security perspective, the site enforces HTTPS and uses Cloudflare's infrastructure but lacks explicit security headers and formal security policies. Privacy and cookie policies are present but basic, with no consent mechanism implemented. The site logs request data for operational and security purposes with limited retention. No incident response contacts or vulnerability disclosure mechanisms are published. The site has experienced multiple server storage failures, indicating some operational risks. Overall, fastdl.me is a niche, community-focused service with moderate technical maturity and a basic security posture. It is trustworthy within its domain but could benefit from enhanced security practices, formal policies, and improved user experience. The risk level is low given the non-commercial nature and limited exposure, but operational stability and security hardening are recommended.

S

spooky ghost zone

spookyghost.zone

0

The website spookyghost.zone is a personal site operated by an individual named Valerie, focusing on sharing personal interests such as music and a curated list of physical albums. It is a small-scale, hobbyist site without commercial intent or business operations. The site is hosted on Hetzner servers with privacy-protected WHOIS registration, consistent with a personal project started in early 2023. Technically, the site uses basic HTML, CSS, and JavaScript with minimal external dependencies and no CMS detected. The site is accessible over HTTPS but lacks advanced security headers and formal privacy or cookie policies. No contact information or business credentials are provided, limiting trust and credibility from a business perspective. Security posture is basic but acceptable for a personal site, with recommendations to improve DNS security and add security headers. Overall, the site is safe for general audiences and contains no adult or explicit content.

The website nya.rest is a personal homepage for an individual known as SweetFade, who identifies as a local internet catgirl. The site primarily serves as a social hub linking to various social media platforms including Twitter, Mastodon, Telegram, GitHub, and GitLab. The content is minimal and personal in nature, with no commercial or business services offered. The domain was registered in 2022 and uses privacy protection services, which is consistent with personal use. The website employs WebGL shaders for visual effects, indicating some technical proficiency, but lacks advanced security features and compliance documentation such as privacy or cookie policies. The site is hosted behind Cloudflare DNS but does not have DNSSEC enabled.

Utsuho Rocks is a personal and hobbyist website primarily serving as an online presence for an individual describing themselves as an 'interweb traveller and bird mom.' The site does not represent a commercial business entity and focuses on personal interests and social connectivity. It links to various social media and partner sites, indicating a community-oriented approach rather than a commercial market position. The domain is registered with privacy protection, consistent with personal use, and has been active since 2018. Technically, the website is simple and minimalist, built with basic HTML and CSS, served via a Caddy server. It avoids JavaScript entirely, which reduces complexity and potential security risks but also limits interactivity and modern web features. The site is moderately optimized for mobile and accessibility but lacks advanced SEO and performance optimizations. No CMS or advanced frameworks are detected. From a security perspective, the site benefits from minimal attack surface due to no JavaScript and no forms collecting user data. However, it lacks security headers and DNSSEC is not enabled, which are areas for improvement. The domain uses privacy protection, which is appropriate for a personal site. No privacy or cookie policies are present, indicating low compliance with GDPR or similar regulations. Overall, the website poses low risk, serving a personal audience with safe content. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and confirming HTTPS enforcement to improve security posture and compliance.

Foxwells Garden is a small, niche online community platform that brands itself as an 'online beer garden with less beer and more nerds.' It offers semi-private social spaces including chatrooms across multiple platforms (Telegram, Discord, Mumble, IRC) and gaming servers such as Minecraft. The site also hosts code repositories on GitHub and GitLab, indicating a tech-savvy user base. The business model centers on community engagement and social interaction rather than commercial services. The domain is privacy protected and registered since 2018, consistent with a small community site. Technically, the website is simple, built with basic HTML and CSS, hosted with DNS services via Cloudflare, and secured with HTTPS. The site lacks advanced frameworks or CMS and shows basic mobile optimization and accessibility. No analytics or tracking scripts are detected, indicating minimal user tracking. However, the site does not implement security headers or privacy/cookie policies, which are areas for improvement. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and security headers. No forms or data collection mechanisms are present, reducing attack surface. The absence of privacy and cookie policies and contact information limits compliance with GDPR and general trustworthiness. No vulnerabilities or suspicious activities are detected. Overall, Foxwells Garden is a modest, community-focused site with basic technical implementation and moderate security posture. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and security. The site is safe for general mature audiences, with content related to social gaming and community chat rather than explicit or adult material.

N

N/A

kneesox.moe

0

Kneesox.moe is a personal website operated by an individual known as Kneesox, primarily serving as a platform to share programming projects, image hosting, and personal interests. The site draws design inspiration from the videogame VA-11 HALL-A and offers tools such as a junkcode generator and a ShareX login portal. The target audience is general internet users interested in programming and niche personal content. The business model is that of a hobbyist or personal project without commercial intent or extensive market positioning. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with the use of Howler.js for audio playback. Hosting and DNS services are provided via Cloudflare and NameCheap respectively. The site demonstrates moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No CMS or major frameworks are detected, indicating a custom-built site. From a security perspective, the site uses HTTPS but lacks important security headers such as Content-Security-Policy and HSTS. There are no privacy or cookie policies, and no vulnerability disclosure or security.txt files are present. The domain is privacy protected, which is appropriate for a personal site, and no suspicious WHOIS patterns are found. Overall security posture is moderate but could be improved with standard best practices. The overall risk is low given the non-commercial and personal nature of the site, but improvements in privacy compliance, security headers, and transparency would enhance trustworthiness and user confidence. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, enabling DNSSEC, and adding vulnerability disclosure information.

V

VERTIGOAWAY MAINSYS

vertigoaway.space

0

VERTIGOAWAY MAINSYS is an independent music artist focusing on experimental and electronic music projects. The website serves as a centralized hub for the artist's releases, news, and social media presence, targeting fans of niche audio content. The business model revolves around content distribution primarily through Bandcamp and streaming platforms, with a small-scale operation based in Iceland. Technically, the site is built using Nicepage CMS with standard web technologies such as HTML5, CSS3, JavaScript, and jQuery. It is moderately optimized for mobile devices and provides a good user experience with clear navigation and relevant content. However, the site lacks advanced SEO and accessibility features. Security posture is basic, with no detected security headers or HTTPS enforcement details, and no privacy or cookie policies are present, indicating low compliance with privacy regulations. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the site is functional and safe but would benefit from enhanced security and privacy compliance measures.

A

Astro

astro.build

0

Astro is a modern JavaScript web framework focused on building fast, content-driven websites and web applications. It targets developers and businesses seeking high performance and flexibility, supporting multiple UI frameworks such as React, Vue, and Svelte. The website positions Astro as a competitive technology solution with a strong community and enterprise presence, evidenced by partnerships with large companies and active community channels. Technically, the site leverages Astro v5.12.3, uses modern web standards, and integrates Fathom Analytics for privacy-focused tracking. The site is well-optimized for performance, mobile responsiveness, and SEO, with a clean and professional design. Hosting and DNS are managed via Namecheap and NS1, respectively. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. However, DNSSEC is not enabled, and no explicit security headers or policies are visible. Privacy and cookie policies are absent, which is a compliance gap. No incident response or vulnerability disclosure information is provided. Overall, Astro presents a credible and professional web presence with strong technical foundations but would benefit from enhanced privacy compliance and security transparency to improve trust and regulatory adherence.

The website ata.moe is a small, recently created personal or fan site dedicated to a character known as the raccoon girl. It primarily serves as an art showcase platform featuring works from various artists, with attribution links to their social media profiles. The site does not present commercial activities or business services and targets fans and art enthusiasts interested in this niche content. The domain is registered with privacy protection, consistent with the site's non-commercial nature and recent launch in December 2024. Technically, the site is built with standard HTML, CSS, and JavaScript, hosted behind Cloudflare DNS services but lacks DNSSEC and advanced security headers. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation and relevant content. However, it lacks privacy and cookie policies, contact information, and security best practices such as HTTPS enforcement and security headers. From a security perspective, the site shows a low maturity level with no evident security policies, incident response contacts, or vulnerability disclosures. No tracking or analytics services are detected, which reduces privacy concerns but also indicates minimal data collection. The absence of security headers and DNSSEC reduces the overall security posture. No adult or explicit content is present, making the site safe for general audiences. Overall, the site scores moderately on content quality and technical implementation but poorly on security and privacy compliance. Strategic improvements include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and publishing contact and incident response information to enhance trust and compliance.

T

Twipped Media

genderdysphoria.fyi

0

The website 'That's Gender Dysphoria, FYI' operated by Twipped Media is a specialized educational resource focused on providing comprehensive information about gender dysphoria and transgender experiences. It targets individuals questioning their gender identity, those on a gender journey, and allies seeking to understand transgender issues. The site offers multilingual content, downloadable resources, and maintains an open-source codebase on GitHub, reflecting transparency and community engagement. The business model is non-profit and community-driven, supported by Patreon and Ko-Fi donations. Technically, the website is built with standard web technologies including HTML5, CSS3, and JavaScript, leveraging Google Fonts and hosted on AWS DNS infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, though it does not use a CMS. Performance is moderate with good navigation and content structure. From a security perspective, the site enforces HTTPS but lacks advanced security headers and published security policies. No forms or data collection mechanisms are present, reducing attack surface. Privacy compliance is partial; a privacy policy exists but no cookie consent mechanism is implemented. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust. Overall, the site is safe, trustworthy, and professionally presented with a strong focus on content quality and user experience. Strategic recommendations include implementing security headers, adding cookie consent, publishing security and incident response policies, and providing contact information to improve compliance and user trust.

Irssi.org is the official website for the Irssi project, a modular text mode chat client primarily supporting IRC. Established since 1999, the project offers a free, open source IRC client with extensive theming, scripting, and modular protocol support. The site provides comprehensive documentation, news updates, and links to source code and community resources. The target audience includes IRC users, open source enthusiasts, and developers interested in chat client customization. Technically, the website is built using modern web standards with HTML5, CSS3, and JavaScript, leveraging the Sphinx documentation generator and the Furo theme for a clean, responsive design. Hosting is supported by Cloudflare DNS services, ensuring good performance and availability. The site is mobile optimized and accessible, with clear navigation and well-structured content. From a security perspective, the site enforces HTTPS and uses domain transfer protection. However, it lacks DNSSEC and does not publish privacy, cookie, or security policies, nor does it provide contact information for incident response. No tracking or advertising technologies are present, indicating a privacy-respecting approach. The domain is long-established and uses privacy protection services, consistent with an open source project. Overall, the website is trustworthy, professional, and safe, but could improve by publishing privacy and cookie policies, adding security and incident response information, and providing contact details to enhance transparency and compliance.

U

uwu.dog | the dog ever

uwu.dog

0

The website uwu.dog appears to be a small personal or hobby site with minimal content focused on links to other personal or interest-related sites. The domain is registered with privacy protection through NameCheap and hosted with Cloudflare DNS services. The site lacks any formal business information, privacy or cookie policies, and contact details, indicating it is not a commercial or professional business site. Technically, the site uses basic HTML and CSS with no detected CMS or advanced frameworks. Security posture is minimal with no security headers or HTTPS enforcement details available, and no analytics or tracking scripts are present. Overall, the site is low risk but also low in professionalism and compliance.

S

Stringy Software

mae.wtf

0

The website mae.wtf is a personal portfolio and creative showcase for an individual named vimae, who identifies as a queer programmer, musician, and internet user with interests in technology and creative arts. The site highlights programming skills, music production, and various creative projects, positioning itself as a niche personal brand rather than a commercial business. The domain is registered with privacy protection and hosted using modern web technologies, including React, Next.js, and TailwindCSS, ensuring a fast and responsive user experience. Social media integration includes Discord, Bluesky, and YouTube, supporting community engagement. Security posture is adequate with HTTPS and domain transfer protection, but lacks advanced security headers and explicit policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite analytics usage. Overall, the site is trustworthy, well-designed, and serves its purpose as a personal creative hub.

P

Privacy service provided by Withheld for Privacy ehf

deerz.one

0

The website deerz.one is a personal site operated by an individual known as ida deerz, focusing on creative outputs such as music, blog posts, and technical resources. The site serves a niche audience interested in music production, web development, and personal insights. The business model is primarily content sharing and community engagement without commercial sales directly on the site. The domain is relatively new, registered in April 2024, and uses privacy protection services, which aligns with the personal nature of the site. Technically, the site is built on a custom content management system called Deer Text Format, utilizing standard web technologies including HTML, CSS, JavaScript, and PHP. Hosting is provided by DreamHost, and the site is served over HTTPS with a moderate performance profile. Mobile optimization and accessibility are basic but functional. SEO practices are minimal but present. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and security headers such as Content-Security-Policy. There are no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, as well as incident response information, indicates room for improvement in compliance and security posture. Overall, the site is safe, trustworthy, and well-maintained for a personal project, but it lacks formal privacy and security documentation. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing incident response contacts to enhance trust and compliance.

P

Privacy service provided by Withheld for Privacy ehf

frogs.lgbt

0

Frogs.lgbt operates as a Mastodon instance named The Frogpad, providing a decentralized social networking platform for a niche community. The platform enables users to create accounts, share posts, and interact within the Mastodon federated network. The website is relatively new, founded in 2022, and targets general users interested in privacy-focused social networking. The business model is community-driven without evident commercial monetization or advertising. Technically, the site runs Mastodon version 4.2.23, leveraging modern web technologies including React and Ruby on Rails backend (implied). Hosting utilizes Cloudflare DNS services, though DNSSEC is not enabled. The site is mobile-optimized with good design and navigation, but lacks advanced SEO and accessibility features. Performance is moderate with no major technical issues detected. Security posture is adequate with HTTPS enforced and domain transfer protection enabled. However, the absence of DNSSEC and security headers reduces the overall security maturity. Privacy compliance is partial; a basic privacy policy exists but no cookie consent mechanism or terms of service are found. No incident response or vulnerability disclosure information is provided. Overall, the site is trustworthy and safe for general audiences, with no adult or explicit content. Recommendations include enhancing security headers, enabling DNSSEC, adding cookie consent, and publishing security and incident response policies to improve compliance and trust.

B

bucketfish

bucketfish.me

0

bucketfish.me is a personal portfolio website for an independent creator named bucketfish, who develops games, websites, tools, music, and toki pona content. The site serves as a hub for showcasing creative projects and connecting with audiences via social media and newsletter signup. The business model is centered on personal branding and creative output, targeting a general audience interested in indie games and creative arts. The domain is relatively new (2021) and privacy protected, consistent with a personal project site. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and Google Analytics for visitor tracking. The site is mobile optimized with good design and navigation, though accessibility features are basic. Security posture is moderate; HTTPS is implied but no DNSSEC or security headers are present. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism for tracking. Overall, the site is trustworthy as a personal creative portfolio but lacks formal security and privacy documentation.

Umbreon.online is a personal website operated by an individual named Erin, a web developer with a focus on frontend CSS and browser extensions. The site serves as a personal hub for hosting small projects, guides, and links to related sites including a webring and personal code repositories. The website targets a general audience interested in quirky personal content and web development. Technically, the site uses a simple stack of HTML, CSS, and JavaScript, hosted on DigitalOcean with DNS managed by DigitalOcean's nameservers. The site is mobile optimized and performs moderately well but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing DNSSEC and security headers. No privacy or cookie policies are present, and no formal business or contact information is provided beyond a Fediverse social link. Overall, the site is a small personal project with moderate professionalism and security maturity.

The website at pythons.site appears to be a personal or hobbyist project launched recently in April 2024. It features minimal content focused on creative expression, including an autoplaying audio file and animated images, but lacks any clear business or commercial purpose. The site does not provide privacy, cookie, or terms of service policies, nor does it offer any contact information or business details. Technically, the site uses basic HTML, CSS, and JavaScript without modern frameworks or CMS platforms. Hosting is provided by Namecheap, but no HTTPS or security headers were detected in the provided data, indicating a weak security posture. The presence of a suspicious executable download link hosted on a Discord CDN raises potential security concerns. WHOIS data shows the domain is privacy-protected and very new, consistent with a non-commercial or experimental site. Overall, the site scores low on content quality, security, and business credibility, with no indicators of tracking or advertising.

P

Privacy service provided by Withheld for Privacy ehf

corru.observer

0

The website corru.observer is a niche interactive narrative experience centered around speculative technology and immersive storytelling. It does not represent a traditional business but rather a creative project supported by a community of active supporters and merchandise sales. The technical infrastructure relies on modern JavaScript libraries and Cloudflare hosting, providing moderate performance and good mobile optimization. Security posture is basic with HTTPS enforced and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are absent, and no contact or business information is provided, limiting compliance and trust indicators. Overall, the site is functional and engaging for its target audience but would benefit from improved privacy and security disclosures.

Aquamarine.gay is a personal website serving as a digital aquarium for the owner, aquamarine, who identifies with unique personal and gender identities and has interests in mathematics, programming, music, art, and meteorology. The site functions primarily as a personal blog and contact point, with links to source code repositories and social media. The website is small-scale, niche, and non-commercial, targeting a general audience interested in the owner's content and persona. Technically, the site is hosted on a dedicated server running Arch Linux with the Caddy HTTP server, indicating a modern and stable infrastructure. The site is well-designed with good accessibility and mobile optimization, though it lacks advanced frameworks or CMS. Performance is moderate, and SEO is adequately addressed through meta tags and Open Graph data. From a security perspective, the site uses HTTPS and has domain transfer protection but lacks DNSSEC and explicit security headers. No privacy or cookie policies are published, and no vulnerability disclosure or incident response information is provided. The domain registration uses privacy protection, which aligns with the personal nature of the site. No WAF or blocking mechanisms are detected, and no analytics or tracking scripts are present, indicating a privacy-conscious approach. Overall, the site is trustworthy and professionally maintained for a personal project but would benefit from enhanced security headers, published privacy and cookie policies, and vulnerability disclosure mechanisms to improve compliance and security posture.

T

The LineageOS Project

lineageos.org

0

LineageOS is a well-established open-source Android operating system distribution project founded in 2016. It targets Android device users, developers, and power users seeking customization and extended device longevity. The project operates with a strong community-driven model supported by donations and offers monthly security updates and open-source apps. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the site uses modern web technologies including Material Kit CSS, jQuery, and Cloudflare CDN, ensuring fast performance and mobile optimization. Security posture is good with HTTPS enforced and domain transfer protections, though improvements are possible by enabling DNSSEC and adding security headers. Privacy compliance is basic, with a privacy policy and terms of service present but lacking cookie consent mechanisms and explicit GDPR compliance indicators. Contact information is limited to community channels such as Reddit, with no direct company emails or phone numbers published. Overall, the website is trustworthy, safe, and well-positioned in the open-source Android ecosystem.

The website lifeless.space presents minimal content with a simple heading and a short descriptive phrase. There is no indication of a commercial business or services offered. The domain is newly registered in October 2024 with privacy protection, which obscures registrant details. The site is hosted via Cloudflare DNS but lacks DNSSEC and security headers, indicating a basic security posture. No privacy, cookie, or terms policies are present, and no contact information is provided, limiting trust and compliance. Overall, the site appears to be a placeholder or personal project rather than a professional business presence.

P

Privacy service provided by Withheld for Privacy ehf

nia.dog

0

The website nia.dog is a personal site belonging to an individual named Nia, who identifies as a transfeminine nerd based in Pittsburgh. The site focuses on personal interests such as retro games, niche content, music, and writing. It is a small-scale, non-commercial personal blog hosted likely on Neocities with domain registration through NameCheap. The site content is basic but relevant to its niche audience, with moderate branding consistency and no commercial business model or professional business information provided. Technically, the site uses basic HTML and CSS without advanced frameworks or CMS. Hosting appears to be on a simple platform with moderate performance and basic mobile optimization. There is no evidence of analytics, tracking, or advertising technologies. Security posture is minimal with no DNSSEC, no security headers, and no visible HTTPS enforcement confirmation. Privacy and cookie policies are absent, and no contact or incident response information is provided. Overall, the security posture is weak but typical for a personal site. The domain is privacy protected, which is justified given the personal nature of the site. No suspicious or malicious indicators were found. The site is safe for general audiences with no adult or explicit content. The overall AI score reflects a basic but functional personal website with room for improvement in security and compliance. Strategic recommendations include enabling DNSSEC, adding security headers, enforcing HTTPS, publishing privacy and cookie policies, and providing contact information to improve trust and compliance.

D

Digital Overdose

digitaloverdose.tech

0

Digital Overdose is a small, community-driven platform focused on information security, cybersecurity, and ethical hacking education. Founded in 2021, it provides a welcoming space for enthusiasts and professionals to engage through tutoring sessions, events, and a vibrant Discord server. The platform leverages social media and content hosting on Patreon, YouTube, and GitHub to extend its reach and provide resources to its members. The website is built using modern Angular technology and hosted likely on GitHub Pages with Cloudflare DNS services, reflecting a moderate level of digital maturity.

P

Privacy service provided by Withheld for Privacy ehf

catgirl.global

0

The website catgirl.global appears to be a small, personal or niche project centered around the 'Sharkey' platform and related technology. The site content is minimal, primarily serving as a front for a Misskey instance or similar social platform, with a focus on a user named 'maya' and their activities. The domain is very new, registered in July 2024, and uses privacy protection services, indicating a small or personal scale operation without extensive business infrastructure. Technically, the site uses modern JavaScript frameworks and tools such as Vite and Phosphor Icons, but the content and SEO optimization are basic. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers. Privacy and cookie policies are absent, and no incident response or vulnerability disclosure information is provided, which limits compliance and trust. Overall, the site is accessible without WAF or blocking mechanisms and contains safe content suitable for general audiences.

S

smolderg dot xyz: homepage

smolderg.xyz

0

The website smolderg.xyz is a personal site operated by an individual named Therra, primarily serving as a blog and art showcase with plans for future enhancements such as an art gallery and ActivityPub integration. The site targets niche communities interested in art and social networking within federated platforms. Technically, the site uses basic HTML5, CSS with the Foundation framework, and some external JavaScript for community webring functionality. Hosting appears to be via Namecheap with privacy-protected domain registration. Security posture is basic with HTTPS implied but lacks DNSSEC and security headers. No privacy or cookie policies are present, and no contact information is provided, limiting compliance and trust signals. Overall, the site is safe for general audiences and functions as a small personal hobby site.

B

besties

pages.gay

0

pages.gay is a small technology startup offering a niche service for hosting static websites quickly and easily, tightly integrated with the git.gay source code repository platform. The service targets developers and users who want to deploy static sites with minimal setup, leveraging open source software and git repositories. The website is modern, built with SvelteKit, and uses Cloudflare for DNS hosting, providing fast performance and good mobile optimization. However, the site lacks formal privacy, cookie, and terms of service policies, and does not provide contact information, which limits trust and compliance. Security posture is decent with HTTPS and domain transfer protection, but could be improved by enabling DNSSEC and adding security headers. No analytics or advertising tools are present, indicating minimal user tracking.

Astrid.tech is a personal technology blog and project showcase website maintained by Astrid Yu. The site focuses on topics such as networking, homelab setups, programming languages, and various tech projects. It is a niche site targeting technology enthusiasts and readers interested in detailed technical content. The website is built using a custom Rust-based static site generator CMS called Seams and hosts static assets on Backblaze B2. The site is fast, mobile-optimized, and uses modern web technologies including JavaScript and CSS. Google Analytics is employed for visitor tracking, but no visible cookie consent mechanism is present. Security posture is moderate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal security policies. The domain is privacy protected, registered in 2020, which aligns with the site's personal nature and recent content updates. Overall, the site is trustworthy and professional but would benefit from improved privacy compliance and security best practices.

S

scalar.dev

beampipe.io

0

Beampipe.io is a privacy-focused web analytics SaaS platform offering a simple, cookie-free alternative to Google Analytics. Founded in 2020 and sponsored by scalar.dev, it targets small to medium website owners who prioritize privacy and compliance with regulations such as GDPR, PECR, and CCPA. The platform provides a real-time analytics dashboard, Slack integration, goal tracking, and API access with a free tier for up to 10k monthly page views and paid plans for higher usage. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content. Technically, it uses modern web technologies including React and Next.js, delivering fast performance and good SEO. Security posture is strong with HTTPS enforced and privacy by design, though some security headers and policies could be improved. The WHOIS data shows privacy protection consistent with a legitimate small tech business. Overall, the site demonstrates a mature digital presence with a strong emphasis on privacy and user trust.

G

Grat10berg

grat.gay

0

The website grat.gay is a personal Vtuber content hub created by an individual known as Grat10berg. It serves as a portfolio and social gateway featuring original characters, art galleries, social media links, and commission information. The site is hosted on Neocities and uses Cloudflare DNS, indicating a small-scale personal project rather than a commercial enterprise. The technical infrastructure is basic but functional, leveraging standard web technologies such as HTML5, CSS3, JavaScript, and SVG graphics. The site includes interactive elements like a guestbook and a chat feature, although the chat is noted as unfinished. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, and no contact emails or phone numbers are provided, limiting compliance and trust signals. Overall, the site is safe for general audiences and does not contain adult or explicit content.

Silvercruiser.vip is a personal creative website operated by an individual known as Kato. The site serves as a portfolio and hub for creative content including music, writing, and personal updates. It is a small-scale, niche site without commercial business operations or extensive market positioning. The website is hosted on DigitalOcean and registered through NameCheap with privacy protection, consistent with a personal project. Technically, the site is built with basic HTML and CSS, lacks advanced frameworks or CMS, and has moderate performance and mobile optimization. Security posture is minimal with no detected security headers or privacy policies, and no HTTPS status was explicitly provided. The site does not employ analytics or tracking technologies, reflecting a low user tracking footprint. Overall, the site is safe for general audiences and does not contain adult or explicit content.

N

Neocities

neocities.org

0

Neocities is a technology platform founded in 2013 that offers free static web hosting and tools to empower individuals to create and share personal websites. It positions itself as a community-driven alternative to large cloud hosting providers by focusing on creativity, zero advertising, and open source transparency. The platform supports over 1.1 million websites and is funded by supporter accounts and donations, emphasizing privacy and user control. Technically, Neocities uses a modern but simple tech stack including HTML5, CSS, JavaScript, and jQuery, with hCaptcha integration for bot protection. The site is well optimized for performance and mobile use, with fast loading times and good SEO practices. Security posture is solid with HTTPS enforced and client transfer prohibited domain status, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the domain registration is privacy protected but consistent with the business age and nature, indicating legitimacy.

The website magatrash.biz is currently inaccessible due to a Cloudflare security block page triggered by suspicious or potentially malicious activity. No business content, contact information, or policies are available for review. The domain WHOIS data is privacy protected by a service based in Iceland and shows a creation date set in the future (March 3, 2025), which is highly unusual and raises legitimacy concerns. The site lacks any visible branding, business description, or user engagement features. Technically, the site is protected by Cloudflare but does not expose any security headers or advanced configurations. The absence of accessible content and the presence of a WAF block severely limit the ability to assess the website's business or security posture comprehensively.

P

Privacy service provided by Withheld for Privacy ehf

sc07.tv

0

sc07.tv is a small-scale PeerTube instance launched in early 2024, providing decentralized video hosting and streaming services. It leverages the open-source PeerTube platform with a modern Angular frontend, supporting video uploads, live streaming, and content browsing. The platform targets general audiences interested in alternative video hosting solutions without advertisements or commercial pressures. Technically, the site uses modern web technologies and supports mobile optimization, but lacks advanced SEO and accessibility features. Security posture is moderate, with domain privacy protection and clientTransferProhibited status, but missing DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies, and no contact or incident response information is provided. Overall, the site is functional and trustworthy for its niche but would benefit from improved transparency and security hardening.

P

Park City

park-city.club

0

Park City is a small, community-driven internet platform focused on fostering social connection and creativity among its members. The website offers user profiles, FTP and Gemini protocol access, and previously hosted forums and a radio service, which are currently offline or discontinued. The site emphasizes inclusivity and a relaxed approach to online engagement, targeting users seeking a niche social community rather than commercial services. Technically, the site is built with basic HTML, CSS, and JavaScript, hosted on DigitalOcean, and uses NameCheap as the registrar with privacy protection enabled. The site is mobile-optimized with a moderate performance profile but lacks advanced technical frameworks or CMS integration. Security posture is basic, with no DNSSEC, security headers, or published security policies, and no visible HTTPS enforcement details. Privacy compliance is minimal, with no privacy or cookie policies found, and no GDPR indicators. Overall, the site is functional and trustworthy for its niche but would benefit from improved security and compliance measures.

Flounder.online is a small niche service providing a free web interface and log builder for the Gemini protocol network, a privacy-focused internet protocol. The website targets users of the Gemini network who require simple tools to manage Gemini capsules. The business model is based on offering free services with optional donations via Patreon. The site is modest in scale and content but updated frequently, indicating active maintenance within its community niche. Technically, the website uses basic HTML and CSS without advanced frameworks or CMS, hosted likely via Namecheap. The site is mobile responsive at a basic level and has moderate performance. Security posture is minimal with no advanced security headers or policies detected, and no HTTPS configuration details available from the provided data. Privacy and cookie policies are absent, and no contact or incident response information is provided, limiting compliance and trust signals. Overall, the site is functional and relevant for its audience but lacks formal security and privacy documentation.

gemlog.blue is a niche web service launched in 2020 that enables users to create and maintain gemlogs (journals) accessible via the Gemini protocol. It targets users interested in the Gemini space who prefer a simple, no-frills web interface without requiring technical knowledge or system administration tools. The service emphasizes privacy by avoiding JavaScript, cookies, advertising, and user tracking. The website design is minimalistic and functional, focusing on ease of use and accessibility even in low-bandwidth environments. Technically, the site uses basic HTML and CSS with PHP-based backend scripts for account and post management. The hosting is provided by NameCheap, Inc., with domain privacy protection enabled. The site lacks modern security headers and DNSSEC, which could be improved to enhance security posture. Performance is likely fast due to minimal content and no external dependencies. Mobile optimization and accessibility are basic but functional. From a security perspective, the site demonstrates good privacy practices by not using tracking or cookies and by limiting data collection. However, it lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of security headers and DNSSEC are notable gaps. The domain registration is privacy-protected but consistent with the service's nature and age, indicating legitimacy. No contact emails or phone numbers are provided, which limits direct communication. Overall, gemlog.blue is a small, privacy-focused technology service with a clear niche audience. It would benefit from enhanced security configurations, published policies, and contact information to improve trust and compliance. The current risk level is moderate with no critical vulnerabilities detected but room for security and privacy improvements.

P

Privacy service provided by Withheld for Privacy ehf

itsfoss.community

0

It's FOSS Community is a specialized online forum dedicated to desktop Linux users and readers of the It's FOSS website. Established in 2017, it serves as a niche community platform for Linux enthusiasts to share knowledge, seek help, and discuss open source technologies. The platform is powered by Discourse, a modern forum software, and hosted via NameCheap with domain privacy protection enabled. The community is active with a variety of topics ranging from Linux distributions to hardware and software troubleshooting. The business model centers around community engagement and content sharing rather than direct commercial sales.

M

midwest.social - A lemmy server for, but not limited to, leftists in the Midwest USA

midwest.social

0

Midwest.social is a small, community-driven Lemmy instance targeting leftist users primarily in the US Midwest. It offers a federated social platform with integrated Matrix chat rooms and a focus on moderated, rule-based discussions. The platform has grown organically since its founding in 2021 and maintains a niche position within the broader Lemmy ecosystem. Technically, it employs modern web technologies including Bootstrap and JavaScript, hosted on a VPS with domain registration via NameCheap and privacy protection enabled. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is limited due to absence of explicit privacy and cookie policies. Overall, the site is safe for general audiences and maintains a moderate level of professionalism and trustworthiness.

F

Free Radical

freeradical.zone

0

Free Radical operates an independent Mastodon social networking server focused on infosec, privacy, technology, and leftward politics. The platform offers users a space to engage in the fediverse with trending content, hashtags, and news exploration. The website is built on the Mastodon open-source platform version 4.4.2, utilizing React and modern JavaScript technologies. The domain is registered since 2017 with privacy protection, consistent with the site's privacy-focused mission. While the site provides basic privacy policy information, it lacks cookie consent mechanisms and explicit terms of service. Security posture is moderate with no detected security headers or incident response policies, but no critical vulnerabilities are evident. Overall, the site is functional, well-branded, and serves a niche community with moderate traffic and engagement.

L

LemmyNet

join-lemmy.org

0

Lemmy is an open source, federated forum and link aggregation platform designed for the fediverse. It enables users to join or host servers that interconnect, allowing cross-server community participation. The platform emphasizes privacy, no advertising, and user control over content. The website presents a modern, clean design with a focus on technical transparency and community engagement. The technical infrastructure leverages high-performance technologies such as Rust, Actix, and TypeScript, ensuring a fast and responsive user experience across web and mobile platforms. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and published policies. Privacy compliance is minimal, with no visible privacy or cookie policies, which should be addressed to improve trust and regulatory adherence. Overall, Lemmy's website reflects a credible and technically competent open source project with room for improvement in formal privacy and security documentation.

M

Mander

mander.xyz

0

Mander.xyz is a small, community-driven Lemmy instance dedicated to nature and science, focusing on STEM fields and fostering respectful, constructive discussions. It operates as part of the fediverse, allowing users to interact across federated communities. The platform emphasizes minimal political content in local communities and active moderation to maintain quality. Technically, it uses modern web technologies including Inferno.js and Bootstrap, hosted on Serverspace.io, with HTTPS enabled and basic anti-spam measures such as captcha and application questions for registration. However, the site lacks explicit privacy, cookie, and terms of service policies, which impacts its privacy compliance score. Security posture is decent with HTTPS and domain transfer protection but could be improved by enabling DNSSEC and adding security headers. Overall, the site is trustworthy and serves a niche audience of science and nature enthusiasts within the fediverse.

P

Persuva

persuva.ai

0

Persuva is a SaaS platform launched in 2023 that provides dropshippers with tools to rapidly create high-converting product pages, landing pages, and advertorials from AliExpress or Shopify product links. It offers a proprietary Shopify theme optimized for conversion and average order value, alongside audience analysis and ad mastery educational content. The platform targets dropshippers aiming to scale their eCommerce stores efficiently. Technically, the website is built on Webflow with integrations including Google Analytics, Facebook Pixel, Bing UET, and PostHog for analytics and marketing. The site is well-optimized for performance, mobile, and SEO, with a professional design and clear navigation. Security posture is good with HTTPS and domain transfer protection, though DNSSEC is not enabled and no explicit security policies are published. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates a mature digital presence for a startup SaaS business in the eCommerce niche.

P

Privacy service provided by Withheld for Privacy ehf

musicfy.lol

0

Musicfy.lol is a recently launched AI-powered voice song generator platform that enables users to create music covers using AI voices, including cloning their own voice. The service targets general users interested in music creation and leverages a modern web infrastructure built on Framer with Cloudflare DNS and tracking via Google Tag Manager and Microsoft Clarity. While the website demonstrates good design quality and user experience, it lacks critical compliance elements such as privacy and cookie policies, and does not provide explicit contact information. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. Overall, the domain registration is privacy protected but consistent with a legitimate small tech startup.