Security Directory

The website deltarune.com serves as the official portal for the indie game DELTARUNE, created by Toby Fox. It provides information about the game available on multiple platforms including Nintendo Switch, PC/Mac, and PlayStation. The site offers direct links to purchase or download the game, soundtrack, and merchandise, targeting gamers and fans of the UNDERTALE series. The business model revolves around digital sales and merchandising with a strong niche market presence and a dedicated fanbase. Technically, the site is a modern, fast-loading static website using Bridgetown framework and Cloudflare DNS services, optimized for mobile and desktop with good SEO and accessibility features. Security posture is solid with HTTPS and domain transfer protections, though some improvements like DNSSEC and security headers could be made. Privacy compliance is basic with a privacy policy linked externally but lacks cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-maintained, reflecting a small but reputable indie game business.

O

OpenVK

ovk.to

0

OpenVK is a small-scale social networking platform designed to facilitate colleague and friend searches based on the VKontakte social network structure. It offers users the ability to find and reconnect with people from their past and present social circles, promoting ongoing communication and content sharing. The platform targets a general audience interested in social connections and community building. Technically, the website employs a modern technology stack including PHP 8.2, MySQL 8.0, React, and various JavaScript libraries such as jQuery and Leaflet for mapping. Analytics are handled via Piwik PRO with a cookie consent mechanism in place, indicating some attention to privacy compliance. However, the site lacks advanced security headers and explicit security or incident response policies, which could expose it to certain risks. Overall, the site is functional and moderately professional but would benefit from enhanced security and compliance measures.

K

Konsilio pri Neŭtrala Lingvo

pronomejo.net

0

Pronomejo.net is a volunteer-driven, open-source project dedicated to promoting gender-neutral and non-binary language through multilingual pronoun resources and personal pronoun cards. The project is positioned as a niche leader in inclusive language tools, targeting individuals interested in gender inclusivity, linguists, and the LGBTQ+ community. The website offers community engagement, terminology resources, and a public API, supported by a small but active team. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted with reputable DNS and registrar services, and integrates Shopify for merchandise. The site demonstrates good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security headers are not visible. Privacy compliance is generally good with a privacy policy and terms of service present, but lacks a cookie consent mechanism despite using analytics. Contact information is provided via multiple company emails and social media channels. Overall, the site is trustworthy, professional, and serves its community well.

C

Cooperativa “Consejo de Lenguaje Neutro”

pronombr.es

0

Pronombr.es is a community-driven cooperative project dedicated to promoting inclusive language and the correct use of personal pronouns. It offers educational resources, personalized pronoun cards, and fosters a supportive environment for the queer community and allies. The project is open source and supported by a small but active team, with a strong emphasis on respect, freedom, and inclusivity in language use. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, leveraging CDN services for performance and Shopify for merchandise sales. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is strong with HTTPS and public key cryptography, though it lacks some formal policies like a security.txt and cookie consent mechanisms. Overall, the site is trustworthy, professional, and serves a niche but important community function.

D

Das „Rat für neutrale Sprache“ Kollektiv

pronomen.net

0

Pronomen.net is a community-driven, multilingual platform dedicated to providing information and resources about non-binary and gender-neutral language, focusing on pronouns and inclusive communication. The website serves a niche audience interested in gender inclusivity and offers tools such as pronoun cards, cultural examples, and a queer calendar. It operates as a non-profit public source project supported by volunteers and offers merchandising to support its activities. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted with Cloudflare DNS and uses Shopify's Buy SDK for merchandising. The site is well-optimized for mobile and accessibility, with good SEO practices and fast performance. Security-wise, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and some security headers. Privacy compliance is good with a clear privacy policy and GDPR adherence, though no cookie consent mechanism is present despite using Plausible Analytics. Contact information is available via multiple company emails, and the project maintains an active presence on Mastodon, Bluesky, Discord, and GitLab. Overall, the site is trustworthy, professional, and serves its community well, though it could improve security headers and cookie consent to enhance compliance and security posture.

D

Dyne.org foundation

dev-1.org

0

Devuan.org is the official website for Devuan GNU+Linux, a free and open source operating system forked from Debian that emphasizes freedom from systemd and promotes Init Freedom. The project is supported by the Dyne.org foundation, which acts as its fiscal sponsor and trademark holder. The website provides comprehensive information about Devuan releases, installation instructions, community resources, and development efforts. It targets Linux users, system administrators, and free software advocates who seek an alternative Linux distribution without systemd dependencies. The business model is community-driven and donation-supported, positioning Devuan as a niche player in the Linux distribution ecosystem focused on systemd-free environments.

D

Dyne.org foundation

dev-one.org

0

Devuan.org represents the official website for Devuan GNU+Linux, a free and open source operating system forked from Debian that emphasizes systemd-free environments and Init Freedom. The project is supported by the Dyne.org foundation, a non-profit organization acting as fiscal sponsor. The website provides comprehensive information about releases, installation, community, and development resources, targeting Linux users, system administrators, and free software advocates. The business model is community-driven and donation-supported, focusing on niche Linux distribution needs. Technically, the website is a simple, static HTML/CSS site with no client-side scripting or tracking technologies, reflecting a strong commitment to user privacy and minimalism. The site is mobile optimized with good navigation and SEO practices but lacks advanced frameworks or CMS platforms. Performance is moderate, consistent with a lightweight static site. From a security perspective, the site uses HTTPS (implied by the URL), but no explicit security headers were detected in the provided data. The absence of cookies and JavaScript reduces attack surface and tracking risks. However, the lack of privacy and cookie policies and missing WHOIS registration details reduce overall trust and compliance posture. No vulnerability disclosure or incident response information is provided. Overall, the website is trustworthy and professional for its niche audience but would benefit from improved transparency in domain registration, privacy compliance, and security best practices to enhance credibility and user trust.

The website myslivets.com serves as a personal portfolio and content hub for Daniel Myslivets, a young content creator focused on technology, photography, and digital media. The site highlights his YouTube channel, photography hobby, short video content, and contributions to open-source social network design. The business model is personal branding with a niche audience primarily interested in technology and creative content. The website is small-scale and consistent with a personal brand rather than a corporate entity. Technically, the site is built with standard HTML, CSS, and JavaScript, leveraging Cloudflare for DNS and analytics. The site performs well with good mobile optimization and basic SEO. However, it lacks advanced security headers and privacy compliance mechanisms such as privacy and cookie policies. Analytics usage is moderate with custom and Cloudflare tracking scripts but without clear user consent. From a security perspective, the site uses HTTPS and has domain status protections but does not enable DNSSEC or implement security headers. There are no visible vulnerabilities or exposed sensitive data. The absence of privacy policies and cookie consent represents a compliance gap. The WHOIS data is consistent with the website content, showing a recently registered domain appropriate for the personal brand timeline. Overall, the site is safe, professional, and trustworthy for general audiences but would benefit from improved privacy compliance and enhanced security headers. Strategic recommendations include enabling DNSSEC, adding privacy and cookie policies, implementing security headers, and publishing a security.txt file to improve transparency and security posture.

L

Lisikpng.com

lisikpng.com

0

Lisikpng.com appears to be a small personal or hobbyist website created in 2022, with minimal content welcoming visitors and linking to nostalgic computing resources. The site lacks formal business information, contact details, and privacy or security policies, indicating it is not a commercial or enterprise-level operation. The technical infrastructure is basic, utilizing standard HTML and CSS with Google Fonts and Cloudflare DNS services, but lacks advanced frameworks or CMS platforms. Security posture is minimal with no DNSSEC enabled and no visible security headers or policies. There are no forms or data collection mechanisms, reducing privacy risks but also limiting user engagement. Overall, the site is safe for general audiences but lacks professional and compliance features expected in business websites.

The domain mlr.press currently hosts a GitHub Pages 404 error page indicating that no active website content is published. The site lacks any business-related information, contact details, privacy or cookie policies, and security incident response data. The domain is registered with privacy protection through WhoisGuard, Inc., and has been active since 2015, but the absence of content suggests the site is either abandoned or misconfigured. The technical infrastructure is minimal, relying on GitHub Pages hosting with a basic Content-Security-Policy header. No analytics, advertising, or tracking technologies are present. Security posture is limited but benefits from the CSP header; however, no HTTPS or SSL details are available from the content. Overall, the site has very low business credibility and privacy compliance, with critical issues due to lack of content and policies.

T

TRABIT

trabit.eu

0

TRABIT is a European interdisciplinary training network focused on computational brain imaging in clinical applications. The website serves as an information portal for the consortium, providing details about training events, researchers, and project results. The project is funded by the European Union's Horizon 2020 program under a Marie Sklodowska-Curie grant, positioning it as a credible academic initiative in healthcare and technology sectors. The target audience includes researchers, clinicians, and industry professionals involved in neuroimaging and brain health. Technically, the site is built on Joomla CMS with common web technologies like jQuery, Bootstrap, and UIkit, offering moderate performance and good mobile optimization. Security posture is basic with HTTPS implied but lacking explicit security headers and privacy compliance documentation. No blocking or WAF mechanisms were detected, and content is fully accessible and safe for general audiences.

I

icometrix

icometrix.com

0

The website www.icometrix.com appears to be a healthcare technology-related site built on the Wix platform. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and registration status. The site uses Google Analytics with some consent management scripts but lacks visible privacy or cookie policies, which is a compliance gap. The content is minimal and lacks detailed business or contact information, limiting trust and credibility. Technically, the site uses standard Wix scripts and polyfills but does not demonstrate advanced security configurations or SEO optimizations. Overall, the security posture is weak due to missing HTTPS confirmation and security headers. Strategic recommendations include verifying domain registration, implementing comprehensive privacy and cookie policies, adding clear contact information, and enhancing security headers and HTTPS enforcement.

LavaTech is a small technology company pioneering in the 'Friend Cloud' space, offering a hybrid cloud service that blends public and private cloud features. Their portfolio includes open source image hosting, uptime tracking, Linux mirrors, XMPP services, DNS solutions, and gaming-related DNS blocking for Nintendo Switch and PlayStation. The company targets technology enthusiasts, open source communities, and gamers, providing free and premium services with a community-driven approach. The website content is basic but relevant, with moderate branding consistency and trust indicators such as testimonials and a public service agreement. Technically, the website uses simple HTML and CSS with Google Fonts, lacking advanced frameworks or CMS. Performance and mobile optimization are basic, with no detected analytics or advertising scripts, indicating minimal user tracking. Security posture is moderate; HTTPS is implied but no security headers or incident response contacts are found. Some services are currently down due to infrastructure issues, which may impact reliability. Overall, the security posture shows room for improvement, especially in publishing privacy and cookie policies, implementing security headers, and enhancing incident response readiness. The domain uses privacy protection in WHOIS, which is justified for this business type. No suspicious patterns or vulnerabilities were detected in the provided data. Strategic recommendations include improving security headers, publishing comprehensive privacy and cookie policies, enhancing infrastructure resilience, and increasing transparency in contact information to build trust and compliance.

The website xmpp.net hosts the IM Observatory project, a community-driven initiative started in 2013 to test the security of the Jabber/XMPP network. The project has been discontinued since October 2022, with archival content remaining to inform users about its history and successor services. The site provides links to open source repositories and related successor projects but does not offer active services or interactive features. The target audience includes XMPP network users, server administrators, and security researchers interested in instant messaging security. Technically, the site uses basic Bootstrap CSS and HTML5 with minimal SEO and accessibility features. Security posture is limited, with no evident security headers or privacy policies, and DNSSEC is not enabled on the domain. The domain is long-established and consistent with the project's history, indicating legitimacy. Overall, the site serves as an informational archive rather than an active service platform.

G

Gplus.to

gplus.to

0

Gplus.to is a small-scale technology and business news website providing articles on technology, startups, business, entrepreneurship, and real estate. The site targets a general audience interested in tech and business trends. It operates on a WordPress platform using the GeneratePress theme and integrates advertising networks such as Google Adsense and Advanced Ads for monetization. The website demonstrates good content quality with regularly updated articles and a consistent branding approach. Technically, it employs modern web technologies and offers good mobile optimization and SEO practices, though accessibility features are basic. Security posture is moderate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or GDPR indicators. Contact information is limited to a contact form without direct emails or phone numbers. WHOIS data is privacy protected, which is typical for such websites but limits transparency. Overall, the site is functional, moderately secure, and professionally presented but could improve in privacy compliance and security best practices.

Meet Magento is a globally recognized event series dedicated to the Magento e-commerce ecosystem, connecting merchants, agencies, technology providers, and community members worldwide. The platform offers curated events that focus on learning, networking, and business development within the Magento community. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive event information. Technically, it is built on WordPress with modern plugins and integrates Google Analytics and Tag Manager for performance and user insights. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness, supporting a medium-sized event organization with a strong community focus.

Deltadel is a small business providing technology, logistics, and talent support services to partners. The website is minimalistic, serving primarily as a landing page with a clear business description and a single contact email. The technical infrastructure is simple, using basic HTML, CSS, and SVG graphics, hosted behind Cloudflare DNS and CDN services. Mobile optimization is adequate, but the site lacks advanced features, analytics, or marketing tools. Security posture is moderate with HTTPS likely enabled, but no security headers or DNSSEC are configured. The WHOIS data raises concerns due to a future domain creation date and lack of registrant details, which impacts trustworthiness. Privacy and cookie policies are absent, limiting compliance with GDPR and other regulations. Overall, the site is functional but basic, with room for improvement in security, compliance, and business credibility.

G

.:: dscp46 ～ 幻想郷 ::.

gensokyo.tf

0

The website gensokyo.tf is a personal blog and link collection site maintained by an individual named Celestine, who identifies as a network and phone system enthusiast. The site serves as a portfolio and a hub for sharing blog articles and links to other interesting users and pages within niche communities. The domain has been registered since 2014 with OVH, indicating a stable and long-term presence. The website's market position is niche and personal, targeting general audiences interested in the author's content and network-related topics. From a technical perspective, the site uses basic HTML5 and CSS with vanilla JavaScript, hosted on OVH infrastructure. The performance is moderate with basic mobile optimization and accessibility features. SEO optimization is minimal, and no CMS or advanced frameworks are detected. The site lacks modern security headers and does not display evidence of HTTPS enforcement in the provided data, which limits its security posture. Security-wise, the website does not provide privacy, cookie, or terms of service policies, nor does it offer contact information or incident response channels. No forms or data collection mechanisms are present, reducing the attack surface but also limiting user engagement. The absence of security headers and HTTPS (not confirmed but no evidence of SSL) lowers the security score. No vulnerabilities or suspicious patterns were detected, and the domain registration data supports legitimacy. Overall, the website is low risk but could benefit from improved security practices, privacy compliance, and enhanced technical implementation. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and providing contact information to improve trust and compliance.

The website jaisal.dev is a personal portfolio and contact page primarily focused on showcasing the individual's social media presence and personal projects. It uses modern web technologies such as Astro and Svelte, indicating a technically proficient setup. The site is hosted behind Cloudflare, leveraging Cloudflare Insights for analytics, which suggests a basic level of performance monitoring and security. However, the site lacks formal privacy, cookie, and terms of service policies, which limits its compliance posture. No direct contact emails or phone numbers are provided, only social media links, which may reduce ease of direct communication. Security-wise, HTTPS is enabled, but no additional security headers were detected, and no vulnerability disclosure or incident response information is present, indicating room for improvement in security maturity. Overall, the site is safe, well-designed, and suitable for general audiences but would benefit from enhanced privacy and security practices.

Mobius Digital is an indie video game developer known for creating acclaimed games such as Outer Wilds and its expansions. The company targets gamers and indie game enthusiasts with a focus on exploration and unique game experiences. Their website serves as a promotional and informational platform showcasing their games, team, and news. The business model centers on game development and publishing across multiple platforms including consoles and PC digital stores. Technically, the website is built on the Weebly platform, utilizing standard web technologies such as jQuery and Google Analytics, with a cookie consent mechanism powered by Osano, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit incident response information. Overall, the site is professional, well-branded, and trustworthy, though the absence of WHOIS data and contact details slightly reduces transparency. Strategic improvements in security headers, incident response disclosure, and accessibility would enhance the security and compliance posture.

H

Horse Music Herald

horsemusicherald.com

0

Horse Music Herald is a niche media website dedicated to music related to horses and the brony fandom. It provides music reviews, artist spotlights, and curated playlists targeting the brony community and horse enthusiasts. The site operates on WordPress.com hosting with Jetpack plugins, leveraging managed infrastructure for performance and security. Advertising is integrated via WordAds and Google DoubleClick, supporting the site's business model. The website demonstrates consistent branding and good content quality, with active social media engagement on Twitter, Tumblr, and YouTube. However, explicit privacy and terms of service pages are not found, though a cookie consent mechanism is implemented. Security posture is moderate with HTTPS enforced but lacks advanced security headers and DNSSEC. The domain is well maintained since 2016, consistent with the site's history and content.

The website 'Twilight Sparkle's Secret Shipfic Folder Online' is a niche community platform dedicated to hosting and playing the TSSSF game online. It provides resources such as rulebooks, FAQs, card references, and community links to Discord and Reddit, fostering player engagement. The site is small-scale and community-driven, with a focus on fan interaction rather than commercial enterprise. The domain is relatively new, registered in 2020, consistent with the site's beta status and niche audience. Technically, the site uses basic HTML, CSS, and JavaScript without advanced frameworks or CMS. Hosting details are not explicit but the domain registrar is Squarespace Domains II LLC, and DNS is managed via Google Cloud DNS. The site is mobile-optimized with good navigation and design quality but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site lacks visible HTTPS enforcement details and security headers, and DNSSEC is not enabled. The domain status includes protections against unauthorized transfer or deletion, which is positive. However, the absence of privacy, cookie, and terms of service policies indicates compliance gaps. No contact or incident response information is provided, limiting transparency and trust. Overall, the website is functional and serves its community well but should improve security posture and compliance documentation to enhance trust and protect users. Strategic recommendations include enabling DNSSEC, implementing HTTPS with security headers, publishing privacy and cookie policies, and providing clear contact information for support and security incidents.

K

Kushagra Srivastava

skushagra.com

0

The website 'Declarative' is a personal technical blog authored by Kushagra Srivastava, a recent Computer Science graduate specializing in Systems and AI. The blog shares insights, projects, and thoughts primarily focused on technology, programming, and AI. It is hosted on the Blogger platform with a custom domain. The site targets a general technical audience interested in computer science and software development. The business model is that of a personal blog without commercial services or products. The content quality is good with consistent branding and professional presentation.

K

Kamila Szewczyk

palaiologos.rocks

0

The website iczelia.net is a personal technical blog authored by Kamila Szewczyk, focusing on advanced topics in mathematics, cryptography, programming, and technology. It serves a niche audience interested in these specialized subjects and offers blog posts, a personal journal, and links to a personal Git repository. The business model is content publishing and knowledge sharing without commercial or transactional elements. The site is small scale and consistent in branding with good quality content and navigation. Technically, the site is built using the Hugo static site generator with CSS and JavaScript enhancements, including KaTeX for math rendering. It is hosted with Name.com as the registrar and uses HTTPS, but lacks DNSSEC and advanced security headers. Performance and mobile optimization are moderate to good, but accessibility and SEO are basic. No analytics or tracking scripts are detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS and has domain transfer protection, but lacks DNSSEC and security headers, which are recommended for improved security. No privacy, cookie, or terms of service policies are present, and no contact or incident response information is provided. The WHOIS data shows a suspicious future domain creation date inconsistent with the website content dates, which lowers trustworthiness. No forms or user input mechanisms are present, reducing attack surface. Overall, the site is a well-maintained personal technical blog with moderate technical maturity and basic security posture. The main risks relate to missing compliance documentation and inconsistent domain registration data. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and clarifying domain registration details to improve trust and compliance.

J

jiktim

jikt.im

0

jiktim is a small, international group of developers focused on creating software, utilities, and apps with a hacker culture identity. Their website is built using Jekyll and hosted with Cloudflare DNS services, reflecting a lightweight static site approach. The site content is minimal but consistent with their niche audience of developers and technology enthusiasts. Social media presence is leveraged for community engagement, with multiple Twitter and GitHub profiles linked. Security posture is basic, with no evident security headers or policies, and privacy compliance is lacking due to absence of privacy and cookie policies. The domain registration aligns with the claimed founding year and shows no suspicious patterns, supporting legitimacy. Overall, the site is functional but lacks professional polish and comprehensive compliance or security measures.

D

deepy site!

deepy.me

0

The website deepy.me is a newly created personal portfolio site with minimal content and no clear business presence. It uses the Astro framework and is hosted with DNS services provided by NS1, with domain registration through NameCheap and privacy protection enabled. The site lacks essential business and compliance information such as privacy policies, cookie consent, terms of service, and contact details. Technically, the site is lightweight and fast but lacks security headers and advanced security configurations. The domain is very new, consistent with the minimal content and absence of established business operations. Overall, the security posture is weak due to missing policies and security best practices, and the site does not collect user data or use analytics or advertising tools. The content is safe for general audiences with no adult or questionable material.

B

byeoon

byeoon.dev

0

The website byeoon.dev is a personal portfolio site for an individual programmer named byeoon. The site showcases the developer's skills in software, web, and backend/fullstack development, along with personal projects and social media links. The target audience is general users interested in the developer's work and projects. The business model is primarily personal branding and project sharing without commercial transactions. The site positions itself as a small-scale personal developer portfolio within the technology industry. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and popular libraries such as jQuery, particles.js, and moment-timezone. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Hosting and CMS details are not explicitly provided. Navigation is handled via JavaScript with hash-based menu changes. From a security perspective, the site lacks explicit security headers and privacy or cookie policies, which reduces its compliance posture. No forms or sensitive data collection mechanisms are present, reducing attack surface. The site uses HTTPS (assumed from URL) but SSL configuration details are unknown. No vulnerability disclosures or incident response contacts are provided. The domain uses privacy protection for WHOIS data, which is typical for personal sites. Overall, the site is safe, professional, and trustworthy as a personal developer portfolio. However, it would benefit from adding privacy and cookie policies, security headers, and improving accessibility and SEO. The risk level is low given the nature of the site and lack of sensitive data collection. Strategic recommendations include enhancing security posture and compliance documentation to improve trust and professionalism.

LavaTech operates a public XMPP server under the domain a3.pm, providing a compliant and moderated messaging platform with features such as multi-user chat, OMEMO encryption, and audio/video call support. The service targets XMPP users seeking a reliable and privacy-conscious communication server. The business model is based on free public access with controlled registration to maintain moderation and service quality. The domain is stable and appropriately aged, supporting the legitimacy of the service. Technically, the website uses ejabberd 23.04 as the XMPP server software and Cloudflare for DNS services, indicating a modern and reliable infrastructure. The presence of converse.js allows browser-based chat access. However, the website's technical implementation is basic with limited SEO, accessibility, and mobile optimization features. No CMS or advanced frameworks are detected. From a security perspective, the site demonstrates good practices such as disabling in-band registration to reduce abuse and providing clear contact channels for complaints and support. However, it lacks formal security policies, vulnerability disclosure mechanisms, and explicit security headers, which are areas for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and serves a niche community effectively but would benefit from enhanced security and privacy documentation, improved technical features, and formalized policies to strengthen compliance and user trust.

T

Tim O'Brien

t413.com

0

The website t413.com is a niche platform dedicated to providing free and community-driven 3D designs for FPV drones and accessories. It targets hobbyists and makers interested in 3D printing and FPV technology. The site has been operational since 2005, indicating a stable presence in its niche. The business model revolves around sharing designs and encouraging donations to support ongoing projects. Technically, the site uses standard web technologies with a custom or lightweight CMS and is hosted on a solar-powered infrastructure, reflecting a sustainable approach. Security posture is basic with HTTPS enabled but lacking advanced security headers and policies. Privacy and compliance documentation are absent, which is a gap for GDPR and general privacy best practices. Overall, the site is functional, safe, and trustworthy for its audience but would benefit from enhanced security and compliance measures.

SankeyMATIC is a niche online tool focused on enabling users to create Sankey diagrams easily and visually. It targets a broad audience including analysts, educators, and anyone interested in visualizing flow data such as budgets, elections, or financial results. The website is small-scale, independently produced by Steve Bogart, and offers free access without requiring user registration. The business model relies on voluntary contributions and advertising revenue via Google AdSense. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and the D3.js library for rendering diagrams. Hosting is provided by pair Networks, Inc. The site is moderately optimized for performance and mobile use, with good SEO practices and basic accessibility features. The source code is openly available on GitHub, enhancing transparency and trust. From a security perspective, the site uses HTTPS but lacks advanced security headers and DNSSEC is not enabled, which could be improved. No forms or user data collection mechanisms are present, reducing attack surface. Privacy compliance is basic with a privacy policy present but no cookie consent or GDPR-specific statements. No incident response or vulnerability disclosure policies are published. Overall, SankeyMATIC presents a trustworthy and professional web presence with a clear focus on its specialized service. Security and privacy practices could be enhanced to align with modern standards, and adding contact information and terms of service would improve business credibility and compliance.

S

Shilaan Alzahawi

shilaan.com

0

The website www.shilaan.com serves as the personal academic portfolio of Dr. Shilaan Alzahawi, an Assistant Professor of Management at Texas A&M University. It provides a professional platform showcasing academic posts, talks, and a downloadable CV, targeting academics and researchers in organizational behavior and data science. The site is well-structured, visually consistent, and optimized for mobile devices, reflecting a high level of digital maturity. Technically, it leverages modern web technologies including Hugo with the Wowchemy theme, Bootstrap, and various JavaScript libraries, hosted likely on Netlify, ensuring fast performance and good accessibility. Security posture is solid with HTTPS enforced and no exposed sensitive data, though it lacks some recommended security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, but the professional content and verified external links mitigate some risk. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced compliance and security documentation.

H

Hugo Blox

hugoblox.com

0

Hugo Blox is an open source, no-code website builder platform launched in 2023, targeting technical creators, researchers, and marketers who want to build websites, landing pages, and online courses with ease and flexibility. Positioned as the best open source website builder for 2024, it boasts a strong community with over 250,000 users and 10,000+ GitHub stars. The platform emphasizes privacy, ownership of content, and ease of use without coding knowledge. Technically, the website leverages modern frameworks such as Hugo, Astro, and Tailwind CSS, hosted with Cloudflare DNS and CDN services, and integrates popular analytics and advertising tools like Google Analytics and Bing Ads. Security posture is good with HTTPS and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Overall, the site is professional, trustworthy, and technically sound but should improve privacy disclosures and security policies to enhance compliance and user trust.

D

Dyne.org foundation

devuan.org

0

Devuan.org represents the official website for Devuan GNU+Linux, a free and open source operating system forked from Debian without systemd. The project emphasizes user freedom, system control, and avoidance of systemd entanglement, targeting Linux users and free software advocates. The website is maintained under the Dyne.org foundation, which acts as the fiscal sponsor. The site provides information about releases, installation, community, and development, with a donation-based funding model. Technically, the website is simple, using clean HTML and CSS without JavaScript or cookies, enhancing privacy but lacking advanced security headers and policies. The WHOIS data is unavailable, which limits domain trust verification, but the website content and branding are consistent and professional. Security posture is moderate with room for improvement in headers and policy disclosures. Overall, the site is trustworthy, privacy-conscious, and focused on a niche Linux distribution community.

P

Pronouns.page

pronouns.page

0

Pronouns.page is a specialized educational platform providing usage examples of personal pronouns and promoting gender neutral language. It serves a general audience interested in linguistics and inclusivity, offering multilingual support through various language-specific subdomains. The website is positioned as a niche resource with a focus on accessibility and educational content rather than commercial services. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, hosted on Cloudflare infrastructure with CDN support, ensuring good performance and mobile optimization. The use of privacy-conscious analytics tools like Plausible and error monitoring via Sentry indicates a mature approach to technical operations. Security posture is strong with HTTPS enforcement and standard security headers, though the absence of explicit privacy and cookie policies suggests room for improvement in compliance. Overall, the site is trustworthy and professional but would benefit from enhanced transparency and formal policies to strengthen user trust and regulatory adherence.

S

Serenity Laboratories

deadinsi.de

0

Serenity Laboratories operates the deadinsi.de Mastodon instance, providing a decentralized social networking platform emphasizing privacy, no ads, and ethical design. The platform targets general users interested in federated social media and positions itself as an independent Mastodon server within the fediverse. The website is technically modern, leveraging Mastodon version 4.4.2+slis, React, and JavaScript, hosted on DigitalOcean infrastructure. The site is accessible, mobile-optimized, and presents a professional user experience with clear navigation and branding consistency. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is partial, with a privacy policy present but no cookie consent or terms of service published. Overall, the site is trustworthy and safe for general audiences.

T

The Irrawaddy

irrawaddy.com

0

The Irrawaddy is a professional news media organization focused on delivering news and analysis about Myanmar and Southeast Asia. The website offers a variety of content including news articles, opinion columns, interviews, and video reports, positioning itself as a regional leader in its niche. The digital infrastructure is built on WordPress with popular plugins such as Elementor and Yoast SEO, indicating a modern and maintainable platform. The site integrates Google Adsense for monetization and Google Tag Manager for analytics, reflecting standard digital marketing practices. Security posture is adequate with HTTPS enabled and secure form handling, but lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, although the active and professional nature of the website mitigates this to some extent. Overall, the site is functional, content-rich, and moderately secure but would benefit from enhanced privacy compliance and security best practices.

The website 'Dollthing's Place' is a personal portfolio and blog primarily focused on showcasing projects, gaming content related to Final Fantasy XIV, and social media engagement. It targets a general audience interested in personal creative works and gaming communities. The site is hosted on Neocities and uses a simple technology stack including HTML5, CSS, JavaScript, and jQuery. The design is basic and the content is currently a work in progress with plans for future expansion. Social media links serve as the primary contact points, with no formal business contact information or policies present. From a technical perspective, the site employs standard web technologies and external libraries such as jQuery from Google's CDN. Hosting on Neocities suggests a small-scale personal site without enterprise infrastructure. Performance and mobile optimization are basic but functional. SEO and accessibility features are minimal. Security posture is limited, with no detected security headers and unknown SSL configuration. The site includes Cloudflare Insights for analytics but lacks privacy and cookie policies, which impacts compliance. Security evaluation indicates a low maturity level with no explicit security policies or incident response contacts. The absence of privacy and cookie policies and security headers are notable gaps. No vulnerabilities or exposed sensitive data were detected in the provided content. The domain WHOIS data is consistent with the personal nature of the site, showing no suspicious patterns or privacy protection, which aligns with the site's transparency. Overall, the site is a legitimate personal project with moderate trustworthiness but limited security and privacy compliance. Strategic recommendations include implementing security headers, enforcing HTTPS, adding privacy and cookie policies, and providing clear contact information for security incidents to improve trust and compliance.

F

fawn

fawn.moe

0

The website 'fawn.moe' is a personal portfolio site for an individual self-taught software developer named fawn. The site showcases personal interests such as movies and music, with links to social media and friends' profiles. It is a small-scale personal site without commercial business operations or formal company structure. Technically, the site is built using modern frameworks Astro and Svelte, indicating a contemporary approach to web development. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture is minimal with no detected security headers or policies, and no HTTPS status was confirmed from the data. Privacy and cookie policies are absent, and no contact information is provided, limiting compliance and trust signals. Overall, the site is safe for general audiences and does not contain adult or explicit content. The domain WHOIS data was not provided, so domain legitimacy and registration details could not be fully assessed.

M

Manti's website

mantikafasi.dev

0

The website mantikafasi.dev is a personal portfolio site belonging to a hobbyist programmer showcasing various programming projects primarily related to gaming and Discord bots. The site serves as a hub linking to multiple personal projects hosted on subdomains and GitHub repositories, targeting an audience of programmers, gamers, and Discord users. The business model is informal and non-commercial, focusing on sharing hobby projects rather than monetization or enterprise services. Technically, the site is built using the Astro static site generator with CSS Pico for styling and uses Cloudflare Insights for basic analytics. The site is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. Security posture is basic with no visible security headers or privacy policies, and no contact or incident response information is provided. The domain uses privacy protection in WHOIS, which is typical for personal sites, and no suspicious patterns are detected. Overall, the site is safe, professional enough for a personal portfolio, but lacks formal compliance and security best practices.

The website www3.rinici.de is a parked domain landing page primarily designed to advertise the domain rinici.de for sale. It lacks substantive business content, contact information, or any service offerings. The site relies heavily on advertising scripts and tracking technologies, with minimal user-facing content. Technically, the site uses standard HTML and JavaScript with external ad and tracking services, hosted via Amazon Cloudfront CDN. There is no evidence of HTTPS or security headers, and privacy compliance is minimal, with only a basic privacy policy accessible via a popup. The security posture is weak due to lack of HTTPS and absence of security best practices. Overall, the site presents a low trust profile and limited business credibility.

N

N/A

megu.dev

0

The website megu.dev is a personal portfolio for a software engineer named Rie T., showcasing expertise in multiple programming languages including TypeScript, JavaScript, Rust, and others. The portfolio highlights experience in backend, API, and internal tooling development, particularly in the Television & Broadcasting industry. The site targets potential employers and collaborators in the technology sector, serving as a professional branding and job-seeking platform. Technically, the site uses modern web frameworks such as React, Next.js, Remix, Svelte, Vue, and Angular, and is hosted behind Cloudflare with performance and mobile optimization rated as good. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security headers and formal privacy or cookie policies. Overall, the site is professional, trustworthy, and safe for general audiences, but could improve compliance and security transparency.

K

katlyn

katlyn.dev

0

The website katlyn.dev is a personal portfolio site primarily focused on coding and related projects. The content is minimal but well structured, presenting a clear personal brand with links to social and development platforms such as GitHub, Mastodon, and Matrix. The site targets a general audience interested in technology and coding, likely peers or potential collaborators. The business model appears to be personal branding rather than commercial operations, with no direct sales or service offerings evident. Technically, the site uses standard HTML5 and CSS3 with custom fonts hosted on a static subdomain, indicating a lightweight and fast-loading infrastructure. There is no evidence of a CMS or complex frameworks, suggesting a static or custom-built site. Mobile optimization and accessibility are basic but adequate for the site's scope. No analytics or advertising technologies are detected, reflecting a privacy-conscious or minimalistic approach. From a security perspective, the site lacks visible security headers and does not provide privacy, cookie, or terms of service policies, which limits compliance with GDPR and other regulations. No contact information or incident response channels are provided, reducing transparency and trust. However, no vulnerabilities or malicious content are detected in the provided HTML content. The absence of forms or data collection reduces attack surface but also limits user engagement features. Overall, the site presents a low-risk profile but would benefit from improved security practices, privacy compliance, and contact transparency to enhance trustworthiness and professionalism.

K

🌱 sammy's site

khcrysalis.dev

0

The website khcrysalis.dev is a personal site of a developer named Sammy, focused on Darwin-related software platforms such as iOS and macOS. The site primarily showcases open-source projects hosted on GitHub and highlights community contributions. The target audience is developers and programmers interested in Apple ecosystem software. The business model is individual open-source development without commercial offerings or services. Technically, the site is built using the Astro framework with modern web technologies, delivering good performance and mobile optimization. However, it lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS implied but no explicit security headers or incident response information. Privacy compliance is minimal with no privacy or cookie policies present. Overall, the site is professional and trustworthy for its scope but could improve in privacy and security transparency.

M

Materii

materii.dev

0

Materii is a small technology-focused organization hosted on GitHub, specializing in developing Material You (Material 3) themed client applications for popular platforms. The organization maintains a verified domain materii.dev and has a consistent brand presence on GitHub. Their business model revolves around open source software development and community engagement within the developer ecosystem. The website content is professional, well-structured, and optimized for performance and accessibility, leveraging GitHub's infrastructure and React-based frameworks. Security posture is strong with HTTPS enforcement and domain verification, though explicit privacy and security policies are absent. Overall, the site is trustworthy and safe for general audiences, targeting developers and users interested in Material You applications.

G

GameBanana

gamebanana.com

0

GameBanana is a well-established online community platform focused on game modding, offering a wide range of mods, tutorials, and community features since 2001. The platform supports modders and gamers by providing free access to mods without paywalls, sustained primarily through advertising revenue. The website demonstrates a mature digital infrastructure leveraging modern JavaScript frameworks and multiple analytics and advertising technologies to optimize user engagement and monetization. Security-wise, the site enforces HTTPS and uses Cloudflare for DNS and domain registration, but lacks some best practices such as DNSSEC and explicit security headers. Privacy compliance is weak due to the absence of visible privacy and cookie policies, which could expose the platform to regulatory risks. Overall, the site is functional, safe for general audiences, and maintains moderate trustworthiness, but should improve privacy and security disclosures to enhance compliance and user trust.

H

HRT.COFFEE

hrt.coffee

0

HRT.COFFEE is a specialized informational website focused on providing verified supplier listings for hormone replacement therapy products such as estradiol, progesterone, and anti-androgens. The platform serves a niche audience seeking reliable pharmaceutical sources, primarily targeting individuals involved in hormone therapy. The business operates as a referral and informational service without direct sales, emphasizing supplier verification and discount information. Technically, the website is built with standard web technologies including HTML5, CSS3, and JavaScript libraries like jQuery and DataTables, hosted via Cloudflare. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is moderate with domain registration protections but missing DNSSEC and security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR indicators. Contact information is limited to a contact page form, with no direct emails or phone numbers visible. Overall, the website is functional, trustworthy within its niche, but could improve in security and privacy transparency.

J

Joshua Barrett

ptnote.dev

0

PT_NOTE is a personal website and blog operated by Joshua Barrett, focusing on personal writing and project showcases. The site targets general internet users interested in personal content rather than commercial services. The website is built using the Zola static site generator, employing standard web technologies such as HTML, CSS, and JavaScript. The technical infrastructure is simple and lightweight, with moderate performance and basic mobile optimization. No advanced CMS or hosting provider details are evident. Security posture is basic; no security headers or incident response contacts are present, and privacy compliance is minimal due to the absence of privacy and cookie policies. The site uses HTTPS (assumed from domain), but no explicit security headers were detected in the HTML content. Overall, the site is safe, with no adult or questionable content detected, and minimal user tracking or advertising. The domain registration is privacy protected, which is appropriate for a personal blog. The website demonstrates moderate trustworthiness but lacks formal business or compliance documentation.

S

Sam Randa

samranda.com

0

Sam Randa's website is a personal portfolio showcasing a recent computer science graduate's skills and creative projects in web platform engineering, 2D graphics, generative art, game development, and fashion. The site targets tech enthusiasts, creative hobbyists, and niche communities interested in design and urban history. The business model is primarily personal branding and project showcasing without commercial transactions or services. Technically, the website uses standard HTML5, CSS, and JavaScript with no detected CMS or advanced frameworks. Hosting appears to be via NameCheap with basic DNS configuration but lacks DNSSEC and security headers. The site is moderately optimized for mobile and accessibility but could improve SEO and performance further. Security posture is basic with HTTPS implied but no advanced headers or policies. No privacy, cookie, or terms of service policies are present, indicating low privacy compliance. No contact information or incident response details are provided, limiting trust and professional credibility. Overall, the site is safe, professional, and consistent with a personal portfolio but lacks advanced security and compliance features. Strategic improvements in privacy policies, security headers, and contact transparency would enhance trust and compliance.

Pixilic.com is a personal technical blog operated by Hunter Fuller, focusing on topics such as networking, Linux, VoIP, and home automation. The site serves a niche audience of technology enthusiasts and IT professionals, providing detailed blog posts, tutorials, and talks. The business model is content publishing without apparent commercial transactions or services. The domain has been registered since 2009, indicating a stable and long-term presence. Technically, the website is built on WordPress 6.4.5 using the JupiterX Lite theme, with jQuery and standard web technologies. The site is hosted likely via NameCheap, with HTTPS enabled and moderate performance. Mobile optimization and accessibility are basic to good, with room for improvement in SEO and security headers. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and important security headers. No privacy or cookie policies are present, which is a compliance gap. No contact or incident response information is provided, limiting trust and transparency. Overall, the site is trustworthy and safe, with good content quality but limited privacy and security compliance. Strategic improvements in privacy policies, security headers, and contact transparency would enhance the site's credibility and compliance.

G

Gianni's Site

giannirosato.com

0

The website giannirosato.com serves as a personal portfolio and informational hub for Gianni Rosato, a student and open-source software enthusiast specializing in digital compression algorithms. The site highlights Gianni's work on video and image compression technologies, accessible encoding tools, and public resources related to codecs such as AV1, JPEG XL, and QOI. The target audience includes students, programmers, and open-source community members interested in multimedia compression. The business model is primarily personal branding and knowledge sharing, with no commercial transactions evident. Technically, the site is built with standard HTML5, CSS3, and JavaScript, incorporating Umami Analytics for privacy-conscious visitor tracking. Hosting is managed via Packetframe, inferred from the nameservers. The site is mobile-optimized and performs well with good SEO practices, though accessibility features are basic. No CMS or major frameworks are detected, indicating a lightweight, custom-built site. From a security perspective, the site uses HTTPS and has domain registration protections such as clientDeleteProhibited and clientTransferProhibited statuses. However, DNSSEC is not enabled, and no security headers are present, which are areas for improvement. There is no privacy or cookie policy, nor a vulnerability disclosure or incident response policy published. The site does not collect data via forms, limiting exposure to input-based vulnerabilities. Overall, the website is safe, professional, and trustworthy for its intended purpose, with moderate security posture and room for enhanced privacy compliance. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and publishing a vulnerability disclosure policy to improve trust and security maturity.