Security Directory

I

is-a.dev - Free subdomains for developers

is-a.dev

0

The website is-a.dev offers a free subdomain registration service targeted primarily at developers. It enables users to obtain free `.is-a.dev` subdomains by following instructions hosted on a GitHub repository. The service is positioned as a niche developer tool with a small-scale operation founded in 2020. The website content is clear, relevant, and professionally presented with consistent branding and a focus on developer engagement through GitHub and Discord communities. From a technical perspective, the site uses modern web technologies including HTML5, CSS3, JavaScript, and is hosted behind Cloudflare, ensuring fast performance and good mobile optimization. The presence of Carbon Ads and Cloudflare Insights indicates minimal advertising and analytics usage, with a low level of user tracking. SEO and accessibility are adequately addressed, though accessibility is basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the site lacks explicit security headers and formal privacy or cookie policies, which are important for compliance and trust. Incident response is partially addressed via a GitHub abuse reporting mechanism, but no dedicated security contact or vulnerability disclosure policy is present. Overall, the website is trustworthy and functional with a good balance of usability and security for its scope. The main risks relate to privacy compliance and formal security governance, which could be improved to enhance user trust and regulatory adherence.

H

H4LO

h4lo.ca

0

H4LO.ca is a personal portfolio website created and maintained by an individual developer named H4LO. The site serves as a showcase for projects, an online storefront, and a code repository linked via GitHub. The business model is personal branding and project demonstration, targeting a general audience interested in technology and development. The website is relatively new, founded in 2024, and positions itself as a niche personal brand rather than a commercial enterprise. The content is concise, well-structured, and professionally presented with consistent branding and clear navigation.

R

refact0r

refact0r.dev

0

The website refact0r.dev is a personal portfolio and blog belonging to a student interested in computer science, web development, and design. It serves as a platform to showcase projects, share blog content, and present personal interests. The site is built using modern web technologies including SvelteKit, and it demonstrates good design quality, mobile optimization, and user experience. However, it lacks formal business information, contact details, and compliance documentation such as privacy or cookie policies. From a technical perspective, the site uses a modern JavaScript framework (SvelteKit) and includes minimal analytics via umami, indicating a lightweight and privacy-conscious approach. The performance appears fast, and the site is mobile responsive. However, no security headers were detected in the provided data, and there is no evidence of HTTPS enforcement or advanced security practices. Security posture is moderate but could be improved by implementing standard security headers, privacy policies, and incident response information. The absence of contact information and compliance documents reduces trust and business credibility. No vulnerabilities or suspicious content were detected, and the domain registration uses privacy protection, which is appropriate for a personal site. Overall, the site is a well-designed personal portfolio with room for improvement in security, privacy compliance, and business transparency. Strategic recommendations include adding privacy and cookie policies, implementing security headers, providing contact information, and considering a vulnerability disclosure policy to enhance trust and compliance.

The website zacharykai.net currently serves a bot verification page employing Google reCAPTCHA invisible to prevent automated access. This indicates a security mechanism or WAF challenge blocking direct content access, limiting visibility into the actual business or service offered. The domain is newly registered in early 2024 via NameCheap without privacy protection, suggesting transparency but also a nascent online presence. No business, contact, or policy information is publicly accessible on the landing page, and no SEO or analytics technologies are detected beyond the reCAPTCHA scripts. The security posture shows basic use of CAPTCHA but lacks DNSSEC and security headers, and HTTPS status is unknown from the provided data. Overall, the site is in an early stage with minimal content and limited trust signals, resulting in a low AI score primarily due to access restrictions and lack of business information.

The website perseuslynx.dev is a personal portfolio and blog site for an individual named Perseus Lynx. It serves as a digital space to showcase projects, share blog posts, and provide personal information. The site targets a general audience interested in technology and personal projects. The business model is that of a personal brand with no commercial or enterprise scale operations. Technically, the site uses standard web technologies including HTML5, CSS3, and JavaScript, with modern image formats like WebP. Hosting appears to be via Cloudflare, with analytics provided by Umami and Cloudflare Insights. The site is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. Security posture is basic; HTTPS is presumed but no explicit security headers or policies are present. No privacy, cookie, or terms of service policies are found, indicating low privacy compliance. No contact information or incident response details are provided, limiting business credibility and user trust. Overall, the site is functional and professional for a personal portfolio but lacks formal security and compliance measures.

B

bricked

bricked.dev

0

The website bricked.dev serves as a personal portfolio and blog for an individual known as bricked, who is an open-source enthusiast specializing in NixOS configurations, accessible websites, and Discord bots. The site highlights several personal projects and community engagements, positioning itself as a niche personal technology presence rather than a commercial enterprise. Technically, the site is built using the modern Astro framework, employs responsive design, and uses optimized image formats such as WebP. The site is performant and mobile-friendly, with good SEO practices evident from meta tags and structured content. Security-wise, the site enforces HTTPS but lacks additional security headers and formal privacy or cookie policies, which limits its compliance posture. No forms or data collection mechanisms are present, reducing attack surface but also limiting user interaction. Overall, the site is trustworthy and safe, with no adult or questionable content detected.

S

Sydney Newmark

sydneyn.dev

0

Sydney Newmark's website is a personal portfolio and blog focused on computer science topics, projects, and personal interests. The site targets a general audience interested in technology and programming. It serves as a digital presence for Sydney as an individual rather than a commercial business entity. The website is built using modern technologies such as Astro and includes integrations with social media platforms like GitHub, Bluesky, and Mastodon. Hosting and analytics are provided via Cloudflare and Umami, indicating a lightweight and privacy-conscious approach. From a security perspective, the site enforces HTTPS and does not expose sensitive data or include forms that collect user input, reducing attack surface. However, it lacks explicit security headers and formal privacy or cookie policies, which are recommended for compliance and enhanced security posture. No incident response or vulnerability disclosure information is present, which is typical for personal sites but could be improved for transparency. Overall, the website demonstrates good technical implementation and content quality for a personal site, with moderate security and privacy compliance. The domain registration data aligns well with the website content and owner identity, supporting legitimacy. Strategic improvements include adding privacy and cookie policies, implementing security headers, and providing contact or security incident information to enhance trust and compliance.

The website pyrox.dev is a personal blog and portfolio site operated by an individual known as 'dish', who identifies as a student, sysadmin, and UX crafter. The site focuses on topics related to computers, programming, and system administration, targeting a general audience interested in technology. The content is well-structured, with a clear navigation menu and recent blog posts, though limited in volume. The site uses the Lume static site generator, indicating a modern and lightweight technical infrastructure. Performance and mobile optimization are good, but accessibility features are basic. Security posture is moderate; the site lacks security headers and formal privacy or cookie policies, which impacts compliance and trust. No forms or data collection mechanisms are present, reducing privacy risks but also limiting user engagement. The domain registration is privacy protected, which is typical for personal sites, and no suspicious patterns were detected. Overall, the site is safe, professional, and suitable for general audiences.

S

Saahil

saahild.com

0

Saahild.com is a personal website owned by an individual named Saahil, currently under redevelopment. The site primarily serves as a personal portfolio or presence with minimal content and a link to a retro version of the site. The domain is relatively new, created in 2022, and hosted via Cloudflare with modern frontend technologies such as React and Animate.css. The site lacks comprehensive business information, privacy policies, or contact details, indicating it is not a commercial enterprise but rather a personal project. Technically, the site is moderately optimized with good mobile responsiveness but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing DNSSEC and security headers. No analytics or tracking scripts are present, reflecting a privacy-conscious or minimalistic approach. Overall, the site is safe, with no adult or explicit content detected.

The website garnix.dev is a personal blog and content sharing platform maintained by an individual named Emilia. It primarily offers blog posts, music recommendations, and personal content, targeting a general audience interested in technology and related community topics. The site is small in scale and operates as a niche personal blog without commercial business infrastructure or formal corporate presence. Technically, the site is built with standard HTML, CSS, and JavaScript, featuring a simple but consistent design and basic mobile optimization. It uses a fetch API call to an external HTTPS endpoint for form submissions, indicating some level of modern web technology usage. However, there is no evidence of advanced frameworks, CMS, or hosting provider details. SEO and accessibility features are basic, and no structured metadata or Open Graph tags are present. From a security perspective, the site uses HTTPS for external requests but lacks visible security headers and formal security policies. The contact form is minimal and lacks CSRF protection or input validation beyond a non-empty check. No privacy, cookie, or terms of service policies are published, which limits compliance with GDPR and other privacy regulations. The domain uses WHOIS privacy protection, which is common for personal sites and justified here. No suspicious or malicious indicators were found. Overall, the site is safe and trustworthy for general audiences but would benefit from improved security practices, privacy disclosures, and business contact information to enhance credibility and compliance. The AI score reflects a functional but basic personal website with room for improvement in security and privacy compliance.

ProjNULL is a small team of IT students focused on learning programming and experimenting with projects, primarily participating in hackathons. The website serves as a hub for their activities, showcasing their projects and blog content. The business model is educational and experimental, targeting fellow students and programming enthusiasts. The site is hosted by WEDOS Internet, a reputable registrar and hosting provider. Technically, the site uses standard web technologies such as HTML5, CSS3, and JavaScript, with moderate performance and good mobile optimization. However, it lacks advanced frameworks or CMS platforms and has basic SEO and accessibility features. Security posture is minimal, with no detected security headers or published security policies, and no contact information for incident response. Privacy and cookie policies are absent, indicating low privacy compliance. Overall, the site is safe for general audiences and does not contain adult or questionable content.

I

tgt

incognitotgt.me

0

The website www.incognitotgt.me is a personal portfolio of a young fullstack developer showcasing projects, skills, and contact information. It targets individuals interested in developer portfolios, potential collaborators, or employers. The site uses modern frontend technologies including Next.js and various JavaScript frameworks, indicating a good level of technical maturity. The content is well structured and professionally presented, with clear navigation and mobile optimization. Security posture is moderate due to lack of visible security headers and unknown SSL configuration. Privacy compliance is low as no privacy or cookie policies are present. Overall, the site is safe and trustworthy but could improve transparency and security practices.

U

uncenter

uncenter.dev

0

The website uncenter.dev is a personal portfolio site of a high school student and open source software developer. It showcases the individual's passion for programming, open source projects, and learning new technologies such as Rust. The site targets a general audience interested in software development and technology, positioning itself as a personal brand rather than a commercial business. The key services highlighted include software development, open source contributions, and educational content. Technically, the site is built using modern frameworks like Eleventy, Vue, and SolidJS, with a focus on performance and mobile optimization. The site uses HTTPS and minimal tracking via Umami analytics, reflecting a privacy-conscious approach. Security posture is good but could be improved by adding security headers and formal policies. Overall, the site is professional, trustworthy, and safe for general audiences.

Cat@ Power Tools is a brand associated with Caterpillar, offering a comprehensive range of power tools and accessories targeting professional and industrial users globally. The website presents a broad product portfolio including drills, hammers, grinders, fastening tools, and garden tools, supported by marketing materials and service information. The brand leverages its international presence with multiple regional domains and social media channels to engage customers and dealers worldwide. Technically, the website uses common JavaScript libraries such as jQuery and Slick Carousel to provide a responsive and interactive user experience, with moderate performance and good mobile optimization. Security posture shows basic HTTPS usage and secure login forms but lacks visible security headers and privacy compliance documentation, indicating areas for improvement. Overall, the domain registration aligns well with the brand identity, supporting legitimacy and trustworthiness.

A

ASICS Runkeeper

runkeeper.com

0

ASICS Runkeeper is a well-established digital fitness platform focused on running tracking and training. The website serves as a community hub and app promotion portal, offering users tools to set goals, train, and monitor progress. The business is positioned strongly in the fitness technology sector, supported by the reputable ASICS brand. The technical infrastructure is based on WordPress CMS with modern SEO and analytics tools, hosted under Amazon Registrar with secure HTTPS and domain protections. Security posture is solid with room for improvement in DNSSEC and security headers. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the site reflects a mature, professional digital presence with high trustworthiness.

Polar Global is a recognized brand specializing in heart rate monitors, fitness trackers, and sports watches targeting fitness enthusiasts and athletes worldwide. The website presents professional content aligned with its business focus and employs modern web technologies including Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is secured with HTTPS and implements a comprehensive cookie consent mechanism, reflecting a good privacy posture. However, the absence of WHOIS data and explicit contact or security policy information limits full trust assessment. Overall, the website is professional and trustworthy with room for improvement in transparency and security disclosures.

micr0byte is a small-scale developer and community builder focused on creating accessible tools for the Fediverse and open-source ecosystem. The website showcases a variety of open-source projects, including accessibility bots and AI-powered terminal assistants, targeting developers and technology enthusiasts. The site demonstrates a strong commitment to privacy, inclusivity, and practical technology solutions. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and Three.js, with backend projects primarily in Go, Python, and C#. The site is well-designed, mobile-optimized, and provides a seamless user experience with clear navigation and professional content. Security posture is moderate; while no critical vulnerabilities or exposed sensitive data are evident, the absence of security headers, privacy and cookie policies, and vulnerability disclosure mechanisms represent areas for improvement. Overall, the website is trustworthy and professional, but enhancing privacy compliance and security best practices would strengthen its risk profile.

C

Commenter25

commenter.cc

0

Commenter25 is a personal website showcasing the work and interests of an individual developer and enthusiast focused on Linux, web development, PC gaming, security, privacy, and FOSS. The site serves as a portfolio and creative outlet, featuring various mods, projects, and personal expressions. The market position is niche, targeting tech-savvy and gaming communities with a strong personal branding approach. Technically, the site is built with standard web technologies (HTML, CSS, JavaScript) and hosted on Neocities, indicating a small-scale, self-managed infrastructure. The website is well-structured with good content quality and basic SEO and accessibility features. Security posture is moderate with HTTPS implied but lacking advanced security headers and policies. Privacy compliance is minimal with a basic privacy policy but no cookie consent or GDPR indicators. Overall, the site is safe, trustworthy, and suitable for general audiences with no adult or questionable content detected.

K

KitsuDev

kitsunes.dev

0

KitsuDev is a small-scale technology service provider specializing in hosting Forgejo instances and offering free static page hosting through its KitsuPage service. The website targets developers and small project owners who seek free and safe hosting solutions. The business model is primarily donation-supported, emphasizing community and small-scale operations. The site branding is consistent and content quality is good, focusing on clear messaging and developer-centric services. Technically, the website is built on Forgejo, a modern Git forge platform, with standard web technologies including JavaScript, HTML5, and CSS3. The site performs well with fast loading times and good mobile optimization. Accessibility is basic but functional. SEO practices are present but could be enhanced. The infrastructure appears modern and well-maintained, though hosting provider details are not explicitly disclosed. From a security perspective, the site enforces HTTPS and implements CSRF tokens, indicating a baseline security posture. However, it lacks explicit security headers such as Content Security Policy and HSTS, and does not provide privacy or cookie policies, which are important for compliance and user trust. No contact information or incident response channels are provided, limiting transparency. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a moderate risk profile with good technical foundations but gaps in privacy compliance and security best practices. Strategic improvements in policy publication, security headers, and contact transparency would enhance trust and compliance. The domain uses privacy protection, which is justified given the small-scale nature of the business. No suspicious patterns were found in WHOIS data or website content.

The Catppuccin Webring is a community-driven website that aggregates links to various personal and developer websites themed around the Catppuccin aesthetic. It serves as a niche platform for enthusiasts and developers to connect and share their sites. The website is simple, primarily built with HTML and CSS, and uses the ringfairy framework to manage the webring functionality. There is no indication of commercial activity or a formal business entity behind the site. From a technical perspective, the site is lightweight and performs well with good mobile optimization and basic accessibility. However, it lacks advanced SEO features and does not implement security best practices such as HTTPS enforcement or security headers. No analytics or tracking technologies are present, indicating a privacy-conscious or minimalistic approach. Security posture is minimal; no security policies, incident response contacts, or vulnerability disclosures are provided. The absence of HTTPS confirmation and security headers lowers the security score. Privacy compliance is also lacking, with no privacy or cookie policies found. The site does not collect user data via forms or other means, reducing privacy risks but also limiting engagement. Overall, the site is safe and appropriate for general audiences, with no adult or explicit content detected. The lack of business information and policies suggests it is a hobbyist or community project rather than a commercial enterprise. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, and improving security headers to enhance trust and compliance.

H

Humaan

humaan.com

0

Humaan is an award-winning digital product agency specializing in designing and building websites, web applications, mobile apps, eCommerce platforms, and data visualizations for forward-thinking brands. Their market position is strong within the technology sector, offering comprehensive design and development services with a focus on user experience and innovative technology stacks such as React.js, Laravel, and headless CMS solutions. The website demonstrates a high level of digital maturity with modern frameworks, responsive design, and integration of advanced analytics and marketing tools. Security posture is generally good with HTTPS and asynchronous script loading, but lacks explicit security headers and formal privacy or cookie policies. The absence of WHOIS data raises concerns about domain registration legitimacy, though the professional presentation and client logos suggest a credible business. Overall, the site is well-built and trustworthy but would benefit from enhanced transparency and security disclosures.

C

Cohere

cohere.com

0

Cohere is an established enterprise AI platform provider founded in 2000, offering secure and private AI solutions including multilingual language models, advanced retrieval models, and an integrated AI workspace tailored for modern enterprises. The company positions itself as a leader in secure AI innovation, targeting large enterprises seeking advanced AI capabilities. Technically, the website is built on modern frameworks such as Next.js, hosted likely on Vercel, and employs multiple analytics and marketing tools including Marketo, Google Tag Manager, and CookieYes for consent management. The site demonstrates excellent design quality, mobile optimization, and SEO practices. Security-wise, the site enforces HTTPS, uses domain transfer protections, and provides a comprehensive cookie consent mechanism, though explicit security policies and incident response contacts are not published. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

D

Depositor Control Panel

depositorcontrol.com

0

DepositorControl.com appears to be a web-based control panel application, likely serving internal or registered users rather than the general public. The website uses modern Angular framework technology and is hosted on Amazon AWS infrastructure, indicating a moderate level of technical maturity. The presence of Google Analytics and Google Tag Manager scripts shows some level of user tracking and marketing analytics integration. However, the public-facing content is minimal, with no visible business descriptions, contact information, or legal policies such as privacy or cookie policies. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers which are recommended for enhanced protection. Overall, the site appears legitimate with a domain age of over a decade, but lacks transparency and compliance features expected for public-facing business websites.

H

HRT Cafe

hrtcafe.net

0

HRT Cafe is a niche healthcare informational website focused on providing resources and vendor listings for DIY hormone replacement therapy (HRT) targeted at transgender individuals who cannot access traditional medical channels. The site offers detailed medication guides, vendor information for homebrew and pharmaceutical suppliers, and DIY compounding instructions. The business operates as a small-scale, community-oriented resource launched in early 2024, with a clear focus on serving a specialized audience. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, and Font Awesome, hosted via Cloudflare. The site is mobile-optimized with good navigation and content structure, though accessibility features are basic. No CMS or advanced analytics tools are detected, indicating a lightweight and privacy-conscious implementation. From a security perspective, the site enforces HTTPS and uses Cloudflare as registrar and likely CDN provider, but lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. There are no published security or incident response policies, and privacy compliance is limited due to absence of privacy and cookie policies. Contact information is minimal, limited to a ProtonMail email address. Overall, the website is functional, informative, and safe for general audiences, but would benefit from enhanced security practices, privacy compliance improvements, and more transparent business information to increase trust and credibility.

P

pronouns.cc

pronouns.cc

0

pronouns.cc is a small, community-driven technology project focused on providing a platform for users to create and share their preferred pronouns and names. The service supports multiple linked pronoun lists per user, catering to plural systems and other identity needs. The website is open source, licensed under GNU AGPL, and encourages community contributions. It is positioned as a niche alternative inspired by similar projects such as Pronouns.page and pronouny.xyz. Technically, the site uses modern frameworks like SvelteKit and Bootstrap, with Plausible Analytics for privacy-conscious user tracking. The site is performant, mobile-optimized, and well-structured, offering a good user experience.

S

Stalwart Management

chpu.eu

0

The website 'Stalwart Management' appears to be a minimalistic login portal with no publicly available business description or contact information. The site uses modern web technologies such as WebAssembly and JavaScript ES modules, indicating a contemporary technical infrastructure. However, the lack of visible content beyond the login form limits the ability to fully assess the business model or market position. Security posture is moderate with HTTPS assumed but no explicit security headers or policies detected. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site presents a basic professional appearance but requires enhancements in transparency, security, and compliance to improve trustworthiness and user confidence.

The website floof.gay is a personal site belonging to an individual named Olivia, serving as a small corner of the internet to share personal interests, social media presence, and blog content. The site is positioned as a personal brand rather than a commercial business, targeting a general audience interested in the author's activities and social links. The site leverages modern web technologies such as Dev.css and web fonts to provide a clean and responsive user experience. The technical infrastructure is straightforward, hosted likely via NameCheap with privacy-protected WHOIS registration, reflecting a typical personal website setup. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and security headers, which are recommended for improved security posture. There are no privacy or cookie policies present, and no contact information or forms for data collection, indicating minimal compliance with privacy regulations. No analytics or advertising scripts were detected, suggesting limited tracking and data collection. Overall, the site is safe and appropriate for general audiences, with no adult or questionable content detected. The domain is recently registered and privacy protected, consistent with a personal site. The security posture is moderate but could be improved with additional headers and policies. The site’s business credibility is limited due to its personal nature and lack of formal business information. Strategic recommendations include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and considering a security.txt file for vulnerability disclosure to enhance trust and compliance.

C

ChloeCat

catwithaclari.net

0

Cat With a Clarinet is a personal instance of the Sharkey social platform operated by an individual named ChloeCat. The website serves as a niche social platform with a small user base, supported by a community of CWAC Pro supporters. The business model revolves around hosting this personal social instance with supporter contributions and donations. The site is relatively new, having been registered in May 2024, and targets users interested in the Sharkey platform and related social networks. Technically, the website employs modern web technologies including JavaScript, the Vite bundler, and Phosphor icons, running on a web platform with HTTPS enabled. The hosting registrar is Porkbun LLC, and the domain is protected against unauthorized deletion and transfer but lacks DNSSEC. The site shows moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. From a security perspective, the site benefits from HTTPS and domain status protections but lacks DNSSEC and security headers such as Content-Security-Policy or X-Frame-Options. No privacy or cookie policies are present, and no incident response or security contact information is provided. There are no signs of vulnerabilities or malicious content, but improvements in security best practices and compliance documentation are recommended. Overall, the website is a trustworthy personal project with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and incident response readiness would enhance its security and trustworthiness.

KitsuPage is a small technology service offering free static hosting for user repositories, leveraging Git branches to serve content automatically. The service targets developers and users seeking simple, no-cost static site hosting with optional custom domain support. The website is minimalistic, providing essential information about usage and configuration but lacks comprehensive business or legal documentation. Technically, the site uses basic HTML and CSS without advanced frameworks or CMS, and no analytics or advertising scripts are present, indicating a lightweight and privacy-conscious approach. Security posture is limited with no visible security headers or privacy policies, and no contact information is provided except for an abuse report link. The domain uses privacy protection, which is typical for small tech projects, and no suspicious WHOIS patterns were detected. Overall, the site is functional but basic, with room for improvement in security, compliance, and user engagement.

T

Techland

callofjuarez.com

0

Call of Juarez: Gunslinger is an established video game franchise with a dedicated official website promoting the game across multiple platforms including Nintendo Switch, PlayStation 3, Xbox, and PC. The website targets gamers and Western genre enthusiasts, providing rich content about the game, its characters, and purchase options. The business operates in the media sector with a medium-sized digital presence and a history dating back to 2005. Technically, the site uses modern analytics and consent management tools such as Google Analytics, Google Tag Manager, and Cookiebot, hosted on AWS infrastructure. The site is mobile-optimized with good SEO and accessibility basics. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published incident response policies. Overall, the domain registration is privacy-protected but consistent with the business profile, indicating legitimacy. No blocking or WAF challenges were detected, allowing full content access.

T

Toki Pona (official site)

tokipona.org

0

The website tokipona.org serves as the official hub for the Toki Pona constructed language, created by Sonja Lang in 2001. It offers comprehensive educational resources including books, dictionaries, community links, and multimedia content. The site targets language learners, conlang enthusiasts, and educators globally, positioning itself as the authoritative source for Toki Pona with recognition from ISO 639-3 and university usage. The business model is primarily informational with commercial elements through book and merchandise sales. Technically, the site employs modern frontend technologies such as Bootstrap 5, jQuery, Chart.js, and Google Fonts, hosted by Vodien Internet Solutions. Performance and mobile optimization are good, though accessibility and SEO are basic. The site uses HTTPS and Google Analytics for tracking but lacks advanced security headers and privacy/cookie policies, indicating room for compliance improvement. Security posture is moderate with no visible vulnerabilities or exposed sensitive data, but the absence of security headers and vulnerability disclosure policies are notable gaps. The domain is well-established since 2001, registered with a reputable registrar, and shows no suspicious patterns, supporting legitimacy. Overall, the site is professional, content-rich, and trustworthy but should enhance privacy compliance and security best practices to improve user trust and regulatory adherence.

C

Carl Barenbrug

carlbarenbrug.com

0

Carl Barenbrug's website serves as a professional portfolio showcasing his work as a product designer and creative director. The site highlights his involvement with Minimalissimo, 099, and his creative lab FormFeelingFunction®. The business operates in the technology and creative services sector, targeting design professionals and enthusiasts. The website is well-structured with clear navigation and professional design, supporting a niche personal brand model. Technically, the site uses modern web standards with custom fonts and responsive design, hosted on Hover's infrastructure. However, no CMS or advanced frameworks are detected, indicating a lightweight custom build. Security posture is moderate; domain registration includes transfer and update prohibitions, but DNSSEC is not enabled and no security headers are present. Privacy compliance is low due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in security and compliance aspects.

S

SCS Software

worldoftrucks.com

0

World of Trucks is an online community platform operated by SCS Software that complements their popular truck simulation games, Euro Truck Simulator 2 and American Truck Simulator. The website serves as a hub for players to engage in community events, share content such as screenshots and videos, and stay updated with news and DLC releases. The platform targets simulation gaming enthusiasts and supports community-driven activities enhancing player engagement. Technically, the website is well-structured with modern web technologies, uses HTTPS exclusively, and integrates Google Analytics with privacy considerations such as IP anonymization. Media assets are hosted on Amazon S3, ensuring reliable content delivery. Security posture is solid with session protection and cookie consent mechanisms, though some security headers and explicit incident response policies are not publicly documented. The absence of WHOIS data is notable but does not detract from the site's legitimacy given the professional presentation and strong brand association with SCS Software. Overall, the site demonstrates a mature digital presence with good privacy compliance and user experience.

T

Techland

techland.net

0

Techland is a well-established AAA game developer and publisher known for popular titles such as Dying Light, Call of Juarez, and Dead Island. The company targets gamers and industry professionals with a focus on delivering high-quality gaming experiences. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive privacy and cookie policies. Technically, the site employs modern analytics and advertising technologies, hosted on Amazon AWS infrastructure, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and explicit security policies are not published. Overall, the site is trustworthy and compliant with GDPR, but could improve transparency around incident response and security disclosures.

T

Techland

techland.pl

0

Techland is a well-established AAA game developer and publisher known for popular titles such as Dying Light and Call of Juarez. The company targets gamers and industry professionals with a business model focused on game development and publishing. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content about their products and services. Technically, the site uses modern web technologies including Google Tag Manager, analytics, and multiple advertising pixels, hosted on Amazon AWS infrastructure. The site is mobile optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though there is room for improvement in DNSSEC and security policy disclosures. Overall, the domain registration data supports the legitimacy and longevity of the business. No critical security issues or adult content were detected, and privacy compliance is strong with GDPR-aligned cookie consent. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding terms of service for legal completeness.

E

Erewhon

erewhonmarket.com

0

Erewhon operates as an organic grocer and cafe, targeting health-conscious consumers seeking organic and natural food products. The website reflects a retail business model with a focus on organic groceries and cafe services. The company appears to be established since 1995, indicating a mature presence in the market. The website uses modern web technologies including React and Next.js, integrates Google Maps API for location services, Stripe for payments, and Forter for fraud prevention. Accessibility is addressed through the AccessiBe widget, enhancing usability for users with disabilities. Security posture is generally good with HTTPS enforced and fraud prevention scripts in place; however, there is room for improvement in security headers and published security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. No contact information or business certifications are explicitly provided on the site, which may impact user trust. Overall, the website is professional and functional but would benefit from enhanced transparency and compliance documentation.

The website hannaford.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking access, presenting an 'Access Denied' error page. This prevents direct analysis of the website's content, metadata, and business information. The domain is well-established, created in 1995, and registered through a reputable registrar, indicating a legitimate retail business presence. The technical infrastructure includes Cloudflare DNS services but lacks DNSSEC, which is a minor security improvement opportunity. Due to the blocked content, no privacy, cookie, or security policies are visible, and no contact information or forms can be analyzed. The website does not contain adult or explicit content based on the error page content. Overall, the site’s security posture and compliance cannot be fully assessed without access to the actual content.

S

(un)Squeakable Code

squeakable.dev

0

The website squeakable.dev is a personal portfolio and blog site titled '(un)Squeakable Code'. It primarily serves as a space for the owner to share projects, blog posts, and links to related community sites. The content is minimal and informal, targeting a general audience interested in technology and personal projects. The site does not represent a commercial business entity and lacks formal business information or contact details. Technically, the site is a simple static HTML/CSS implementation without detectable CMS or advanced frameworks. There is no evidence of analytics, advertising, or tracking technologies. The site appears moderately optimized for mobile and accessibility but lacks advanced SEO features. No security headers or HTTPS status information was detected from the provided data, indicating potential areas for improvement in security posture. From a security perspective, the site does not provide privacy policies, cookie consent mechanisms, or incident response information. The WHOIS data is privacy protected, which is reasonable for a personal site. No vulnerabilities or suspicious patterns were identified, but the absence of security best practices and policies limits the overall security maturity. Overall, the site is low risk but would benefit from implementing HTTPS, security headers, privacy and cookie policies, and contact information to improve trust and compliance. The content is safe for general audiences with no adult or explicit material detected.

C

CATRAXX

catraxx.de

0

The website catraxx.de is a personal portfolio and hobbyist site belonging to an individual frontend developer and musician known as catraxx. The site showcases personal projects, music mixes, and shares insights into the author's development journey and interests. It targets frontend developers, musicians, and members of the Fediverse community, positioning itself as a niche personal brand with a focus on technology and electronic music. The business model is non-commercial, primarily serving as a creative outlet and community engagement platform. Technically, the site is built using modern static site generation technology (11ty), with a clean HTML5 and CSS3 codebase. Hosting appears to be with a German provider (kasserver.com), and the site is optimized for fast performance and good mobile experience. SEO and accessibility are basic but adequate. No CMS or analytics tools are detected, indicating a lightweight and privacy-conscious setup. From a security perspective, the site uses HTTPS as inferred from the Open Graph URL, but no explicit security headers are detected. There are no forms or data collection points, reducing attack surface. However, the absence of privacy and cookie policies, as well as lack of verified contact information, represents compliance and trust gaps. No vulnerabilities or suspicious patterns are found, but security best practices could be improved. Overall, the site is safe, professional, and trustworthy for its intended personal and community use. The main risks relate to privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and providing verified contact details to enhance credibility and compliance.

Chloe's Website is a personal and community-focused site that provides links to a blog, gallery, donation page, and visitor information. The site also features numerous external links to related personal and community websites, many of which reflect LGBTQ+ and transgender/non-binary themes. The website appears to serve as a hub for personal expression and community engagement rather than a commercial business. Technically, the site is built with straightforward HTML and CSS, validated by W3C badges, and hosted under a domain registered with Porkbun, LLC. However, the WHOIS data shows a suspicious future creation date, which raises concerns about the accuracy or legitimacy of the domain registration information. Security posture is minimal, with no detected security headers or privacy policies, and no analytics or tracking services are present, indicating a privacy-conscious but basic security setup. Overall, the site is safe for general audiences and provides a good user experience with clear navigation and consistent branding, but lacks formal business and compliance information.

A

Amy

amy.rip

0

Amy.rip is a personal website representing an individual named Amy, who identifies as a programmer and content creator sharing humorous and personal content. The site includes a link tree to a Git repository and integrates Discord OAuth2 for user reviews, indicating some community engagement. The website is small-scale, with a niche audience primarily composed of friends or followers interested in Amy's personal projects and content. Technically, the site uses modern JavaScript modules and React framework, suggesting a contemporary development approach, though performance and accessibility are basic. Security posture is minimal with no detected security headers or privacy policies, and no contact information is provided, limiting trust and compliance. The domain is privacy protected, which aligns with the personal nature of the site. Overall, the site is functional but lacks professional business features and security best practices.

G

Gen's Website

genshibe.ca

0

Gen's Website is a personal, non-commercial site run by an individual known as Gen, who self-identifies as a catgirl. The site serves as a personal homepage with minimal content, linking to related personal and community sites such as potatoe.ca and the Catppuccin Webring. The website does not represent a formal business entity and lacks professional business information or commercial services. Technically, the site is built with basic HTML and CSS, is mobile responsive, and includes some meta tags for social media previews. However, it lacks modern security features such as HTTPS and security headers, and no privacy or cookie policies are present. The WHOIS data for the domain is missing, raising questions about domain registration legitimacy. Overall, the site is a simple personal blog with limited technical sophistication and minimal security posture.

S

benjae's site

sillydomain.name

0

The website sillydomain.name is a personal site owned by an individual named benjae, showcasing various personal projects including software bots and tools. The site serves as a portfolio and personal blog (currently inactive), targeting a general audience interested in indie software and personal content. The business model is non-commercial and hobbyist in nature, with no clear revenue streams or corporate structure. Technically, the site is built using the Astro framework with a custom theme and accessible fonts, delivering good performance and basic mobile optimization. Security posture is minimal with no detected security headers or policies, and no privacy or cookie policies are present. The domain registration is consistent with a personal site, registered via Porkbun LLC with protective domain statuses. Overall, the site is safe, trustworthy, and well-structured but lacks formal privacy, security, and contact information, which limits its professional credibility.

The website microspinny.zip is a personal microsite belonging to an individual named Niko, known as 'micro'. The site serves as a personal branding and content sharing platform focused on programming, gaming, and social media presence. It features personal projects, daily content strings, and links to various social and federated platforms. The site is small-scale and targets a general audience interested in the individual's activities and interests. Technically, the site is built using PHP with a PostgreSQL backend and includes JavaScript for theme switching. The design is informal but functional, with basic mobile optimization and accessibility. SEO is basic with proper meta tags and Open Graph data. No CMS or major frameworks are detected. Performance is moderate, with no explicit hosting provider identified. From a security perspective, the site lacks HTTPS confirmation and security headers, which lowers its security posture. There are no privacy or cookie policies, nor incident response or vulnerability disclosure information. However, the presence of published GPG keys indicates some level of identity verification and security awareness. No forms or sensitive data collection are present, reducing attack surface. Overall, the site is safe for general audiences, with no adult or explicit content. The business credibility is moderate given the personal nature of the site and limited formal business information. Recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and improving mobile and accessibility features to enhance trust and security.

The website ww2.freshthyme.com is currently inaccessible due to a Cloudflare security block, which prevents any meaningful content or business information from being retrieved or analyzed. The WHOIS lookup for this subdomain failed, indicating that it may not be registered independently or is protected by privacy measures, which raises questions about the legitimacy or configuration of this subdomain. Without access to the actual website content, no metadata, structured data, or contact information could be extracted. The technical infrastructure appears to rely on Cloudflare for security and hosting, but no further details are available. The security posture cannot be properly assessed due to the block, but the absence of visible security headers and policies is a concern. Overall, the risk assessment is high due to lack of transparency and accessibility.

T

TCS Sydney Marathon | Run Sydney’s Iconic Marathon

tcssydneymarathon.com

0

The website www.tcssydneymarathon.com represents an event-focused platform for the TC Sydney Marathon, likely targeting runners and sports enthusiasts interested in marathon participation. The site is built on the Wix platform, leveraging Wix's hosting and content management capabilities. The technical infrastructure is standard for Wix sites, including JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel. However, the absence of WHOIS registration data raises concerns about domain legitimacy and registration status. Security posture is basic with HTTPS enabled but lacking advanced security headers and policies. Privacy compliance is minimal with no visible privacy or cookie policies, and no contact information is provided, which impacts business credibility. Overall, the site serves its informational purpose but requires improvements in transparency, security, and compliance to enhance trust and professionalism.

I

IRONMAN

ironman.com

0

IRONMAN is a globally recognized brand specializing in organizing world-class triathlon events and providing training resources for athletes. The website serves as a comprehensive platform for race information, athlete community engagement, and merchandise sales. The brand holds a strong market position as a leader in triathlon sports, targeting athletes and enthusiasts worldwide. Technically, the website is built on Drupal 10, leveraging modern web technologies and third-party services such as Google Tag Manager and Cloudflare Zaraz for analytics and performance. The site is well-optimized for mobile and accessibility, with good SEO practices in place. Security posture is strong with HTTPS enforcement and security headers, though there is room for improvement in publishing explicit privacy policies and incident response contacts. Overall, the website is professional, trustworthy, and content-rich, but the absence of publicly available WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include enhancing privacy disclosures, publishing security policies, and providing clear contact information for security incidents.

R

Red Wheel / Weiser

redwheelweiser.com

0

Red Wheel / Weiser operates a specialized online bookstore focusing on spirituality, occult, esoteric, and personal growth literature. Established in 2001, it serves a niche market with a medium-sized e-commerce platform built on WordPress and WooCommerce. The website is professionally designed with good navigation and mobile optimization, targeting readers interested in these specialized topics. Technically, the site leverages a modern WordPress ecosystem with multiple plugins for search, menu management, and analytics, hosted with GoDaddy domain registration and Cloudflare DNS services. Security posture is adequate with HTTPS enabled and domain status locks, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is basic with a GDPR cookie banner but no explicit privacy policy or terms of service detected. Overall, the site is trustworthy and functional but could improve in privacy transparency and security hardening.

R

Rodeo

rodeo.club

0

Rodeo.club is a newly established creative social network platform launched in 2024. The website presents a modern, clean design with a focus on creative social networking services. The platform targets a general audience interested in creative social interactions. The business appears to be a startup with a small scale and no explicit parent or subsidiary companies identified. The website uses modern web technologies including Next.js, Stripe for payments, and PostHog for analytics, hosted on AWS infrastructure. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for user trust and compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. No contact information or incident response details are provided, limiting transparency. Overall, the site is functional and professionally designed but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

M

Minimalism Life

minimalism.com

0

Minimalism.com is a well-established lifestyle brand focused on promoting minimalism through content, art, design, and e-commerce. Founded in 2003, it targets a general audience interested in simplifying life and sustainable design. The website offers diverse content including a journal, projects, and a shop, supported by a newsletter with over 40,000 subscribers. The brand maintains a consistent and professional online presence with active social media channels. Technically, the site uses standard web technologies with moderate performance and good mobile optimization but lacks advanced CMS or frameworks indications. Security posture is basic with HTTPS enabled but missing key security headers and DNSSEC. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or GDPR indicators. Contact information is limited to a general email and newsletter form, with no phone or physical address provided. Overall, the site is trustworthy and professionally maintained but could improve security and privacy practices.