Security Directory

T

Thord D. Hedengren

tdh.se

0

The website tdh.se is a personal site owned and operated by Thord D. Hedengren, primarily serving as a platform for blogging, sharing personal projects, and promoting a fantasy novel. The site targets a general audience interested in literature and personal content. It is a small-scale, niche personal brand site with a long domain history dating back to 2003, indicating stable ownership and consistent presence. Technically, the site is built using the Astro static site generator and uses Cloudflare for DNS services, resulting in fast performance and good mobile optimization. The site employs minimal tracking with a privacy-respecting analytics service (Umami) and explicitly states no cookies or tracking, enhancing user privacy. Security posture is generally good with HTTPS enforced, but lacks DNSSEC and security headers, which are recommended for improvement. No privacy or cookie policies are published, which is a compliance gap. Contact information is not explicitly provided, limiting direct communication channels. Overall, the site is safe, professional, and trustworthy for general audiences with room for security and compliance enhancements.

M

Mattia Compagnucci

mattiacompagnucci.com

0

Mattia Compagnucci's website serves as a personal portfolio and creative outlet showcasing his work as a product designer, photographer, and writer. The site offers various sections including a journal, photography portfolio, shop, newsletters, and curated web links, targeting individuals interested in design, storytelling, and mindful living. The business model is primarily personal branding with monetization through shop sales and donations. Technically, the website employs a moderate tech stack including jQuery 2.0.0, Flickity for image sliders, Simple Lightbox, Font Awesome icons, Google Fonts, and Plausible Analytics for tracking. Hosting is provided by JustHost, and the site is HTTPS enabled. However, the use of an outdated jQuery version and lack of DNSSEC and security headers indicate areas for improvement. The site is mobile optimized with good SEO and accessibility basics. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and security headers. No privacy or cookie policies are present, and no contact information or incident response details are provided. The site does not collect data via forms and uses minimal tracking through Plausible Analytics, indicating a low privacy risk but also low compliance with GDPR best practices. Overall, the website is safe, professional, and well-structured for its purpose but would benefit from enhanced security measures, privacy compliance, and clearer contact information to improve trust and compliance posture.

The website andzuck.com is a personal blog and project showcase site for Andrew Zuckerman, featuring a variety of essays, blog posts, and multimedia projects. The site targets a general audience interested in thoughtful content and personal insights. It operates on a small scale with a business model centered on content publishing and audience engagement through blog posts and a newsletter subscription. The domain has been active since 2015, consistent with the content timeline. Technically, the site is built using the Hugo static site generator, styled with Tachyons and Tufte CSS, and hosted on Netlify. It uses modern web technologies including jQuery and integrates Google Analytics for visitor tracking. The site performs well with good mobile optimization and basic accessibility features, though SEO optimization is basic. From a security perspective, the site uses HTTPS and has domain status protections clientDeleteProhibited and clientTransferProhibited, enhancing domain security. However, DNSSEC is not enabled, and no explicit security headers are present in the HTML content. Privacy and cookie policies are absent, and no contact information for security or general inquiries is provided, which limits compliance and trust. Overall, the website is safe, professional, and functional but would benefit from improved privacy compliance, enhanced security headers, and clearer contact information to strengthen trust and security posture.

J

Jaga Santagostino

jagasantagostino.com

0

The website jagasantagostino.com serves as a personal digital garden for Jaga Santagostino, featuring minimal content and primarily acting as a landing page directing visitors to a newer version at 2024.jagasantagostino.com. The site is built using the Astro framework and utilizes Google Fonts, hosted on infrastructure associated with Zeit (now Vercel). The technical setup is modern but basic, with no detected CMS or advanced platform integrations. The website is mobile optimized with basic accessibility and SEO features but lacks comprehensive content and navigation clarity. From a security perspective, the site uses HTTPS and has domain status protections to prevent unauthorized changes. However, it lacks DNSSEC, security headers, privacy and cookie policies, and any contact or incident response information. No analytics or tracking scripts are present, indicating minimal data collection and user tracking. The domain registration is consistent and appropriate for a personal or small business website, with no suspicious patterns detected. Overall, the website presents a low-risk profile but is limited in content, security posture, and compliance features. It is suitable as a personal digital garden but would benefit from enhanced security practices, privacy compliance, and richer content to improve trust and professionalism.

G

Nikita Galaiko

galaiko.rocks

0

The website nikita.galaiko.rocks serves as a personal homepage for an individual named Nikita Galaiko. It primarily functions as a personal portfolio and contact point, sharing curated lists of interests such as vinyl records, restaurants, cocktails, movies, and blogrolls. The site targets a general audience interested in these personal interests and provides contact options via email and scheduling calls. The business model is informational and personal, with no commercial or corporate presence evident. Technically, the website is built with standard HTML5 and CSS3, utilizing custom fonts loaded via WOFF2. There is no evidence of a CMS or advanced frameworks. The site appears moderately optimized for performance and mobile devices, with basic accessibility and SEO features. No advanced analytics or tracking technologies are detected, indicating a privacy-conscious approach. From a security perspective, the site lacks visible HTTPS enforcement and security headers, which lowers its security posture. There are no published security policies, incident response contacts, or cookie consent mechanisms, which are typical for personal sites but represent areas for improvement. The WHOIS data is unavailable or privacy protected, which is common for personal domains and does not raise immediate concerns. No vulnerabilities or suspicious patterns were detected. Overall, the website is a safe, personal informational site with moderate technical quality but limited security and privacy compliance features. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and security policies, and introducing cookie consent mechanisms to enhance trust and compliance.

B

Brad Barrish

bradbarrish.com

0

Brad Barrish's website is a personal blog featuring content primarily about music, technology, and personal experiences. The site is built using the Hugo static site generator and is hosted with DNS managed by Cloudflare. The content is well-structured and regularly updated, targeting a general audience interested in cultural and technological topics. The site includes affiliate marketing links but lacks formal business or corporate structure indications. Technically, the website demonstrates moderate digital maturity with a clean design, good mobile optimization, and basic SEO practices. The use of GoatCounter analytics indicates a minimal approach to user tracking, aligning with privacy-conscious practices. However, the absence of privacy and cookie policies, as well as missing security headers, suggests room for improvement in compliance and security hardening. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and security headers that could enhance its security posture. No vulnerability disclosure or incident response information is provided, which could be a concern for transparency and trust. Overall, the domain registration is consistent and legitimate, supporting the site's credibility. The overall risk is moderate with no critical vulnerabilities detected, but improvements in privacy compliance and security best practices are recommended to enhance trust and protect user data.

Lars-Christian.com is a personal website and blog operated by Lars-Christian Simonsen from Oslo, Norway. The site features a collection of longer posts and shorter notes covering various personal interests, including reading and workout logs. The website targets a general audience interested in personal reflections and curated content. It operates as a small-scale personal publishing platform without commercial business operations or extensive user engagement features. Technically, the website is built with clean HTML and CSS, featuring responsive design and basic accessibility. It uses Atom feeds and supports Webmention for social interactions. Hosting is managed through Hover.com, with domain registration dating back to 2005, indicating a mature and stable online presence. However, no CMS or advanced frameworks are detected, reflecting a minimalist and self-managed technical infrastructure. From a security perspective, the website benefits from domain transfer protections but lacks DNSSEC and visible security headers. There is no evidence of HTTPS enforcement or cookie consent mechanisms, which limits privacy compliance. No forms or scripts that collect user data are present, reducing attack surface but also limiting interactivity. The site does not publish a security policy or incident response contacts, which is typical for personal blogs but could be improved for trust. Overall, the website is safe, trustworthy, and professionally maintained for a personal blog. Strategic recommendations include enabling DNSSEC, adding security headers, enforcing HTTPS, and implementing privacy compliance features such as cookie consent. These improvements would enhance security posture and user trust without compromising the site's simplicity.

Ivan Moreale's website is a personal portfolio showcasing graphic design services with a casual and informal tone. The site targets a general audience interested in creative design work, emphasizing personal branding rather than corporate presence. The business model appears to be freelance or individual service provision with a niche market position. The website is minimalistic, with limited content and contact information, primarily an email and Instagram link. Technically, the site is built with basic HTML, CSS, and JavaScript without any detected CMS or frameworks. Hosting is managed via Hover, a common domain and DNS provider. The site shows moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. No analytics or tracking technologies are present, indicating minimal data collection. From a security perspective, the site lacks critical security headers and does not indicate HTTPS enforcement explicitly. DNSSEC is not enabled, and no privacy or cookie policies are published, which impacts compliance posture. The WHOIS data shows a stable domain registration with appropriate protections against unauthorized transfers, consistent with a legitimate personal brand site. No vulnerabilities or incident response information is available. Overall, the website presents a low-risk profile but would benefit from improved security practices, privacy compliance, and richer content to enhance trust and professionalism.

C

Chuck Grimmett

cagrimmett.com

0

The website cagrimmett.com is a personal blog and digital garden maintained by Chuck Grimmett, featuring a variety of content including blog posts, microblogs, woodworking projects, reading lists, and likes. The site targets a general audience interested in personal reflections, woodworking, and curated reading. It operates on a WordPress platform with modern plugins and integrations such as Jetpack, ActivityPub, and Webmention, reflecting a mature digital infrastructure. The domain is well-established, registered since 2007, and uses Cloudflare DNS services, indicating a stable hosting environment. From a security perspective, the site employs HTTPS and has domain transfer protections enabled, but lacks DNSSEC and security headers, which are recommended for enhanced security. No privacy, cookie, or terms of service policies are published, which presents compliance gaps, especially regarding GDPR. Contact information and incident response channels are not explicitly provided, limiting direct communication for security or privacy concerns. Overall, the website demonstrates good content quality, technical implementation, and business credibility for a personal blog. However, privacy compliance and security posture could be improved by adding relevant policies, security headers, and vulnerability disclosure mechanisms. The site is safe for general audiences with no adult or explicit content detected.

M

Michael Warren

mwarrenarts.com

0

Michael Warren is a multi-disciplinary creative professional specializing in design, music, and sculpture. His website serves as a personal brand platform showcasing his experience, projects, and creative pursuits. The site highlights his role in the FinTech sector as a senior designer and his founding of Designed Space, a creative writing and interview platform. The business operates as a small personal brand targeting creative and professional audiences. Technically, the website is built on the Kirby CMS, hosted on DigitalOcean, and uses modern web fonts and responsive design techniques. The site is accessible, well-structured, and optimized for mobile devices, though it lacks some advanced accessibility features and security headers. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site benefits from HTTPS and domain registration protections but lacks DNSSEC and security headers that could enhance its security posture. There are no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies represents a compliance gap, especially regarding GDPR and similar regulations. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in privacy compliance and security hardening would enhance its risk profile and user trust.

D

DomRobot UG (haftungsbeschraenkt)

muhh.lol

0

The website muhh.lol is a personal blog and notes repository maintained by Markus Heurung, a family man based in Hammelburg, Germany. It serves as a personal happy place on the internet with content focused on personal journaling, notes, and links to related social and personal projects. The site is small-scale and niche, targeting a general audience interested in personal blogs and technology notes. The domain is relatively new, registered in 2022, and hosted likely on a personal or small-scale server infrastructure.

Skyhold.org is a personal website operated by C Jackdaw, a writer and witch, serving as a platform for creative expression, personal blogging, and resource sharing. The site targets a niche audience interested in writing, witchcraft, solarpunk, ADHD, and related topics. It is a small-scale, non-commercial site with regular content updates and a modest but consistent brand presence. The business entity behind the domain is Private by Design, LLC, a US-based organization, which aligns with the website's personal and creative nature. Technically, the site is hand-coded with standard HTML, CSS, and JavaScript, leveraging modern IndieWeb protocols such as IndieAuth and Webmention. Analytics are implemented via privacy-conscious services like GoatCounter and Tinylytics, reflecting a minimal user tracking approach. The site demonstrates good mobile optimization and basic accessibility but lacks advanced SEO and security headers. Hosting details are not explicit, but DNS indicates use of messagingengine.com name servers, possibly related to email hosting. From a security perspective, the site uses HTTPS and has domain status protections against unauthorized transfer or deletion. However, it lacks DNSSEC and common security headers, which are recommended to enhance security posture. No privacy or cookie policies are present, indicating compliance gaps. No forms or input fields are present, reducing attack surface but also limiting user interaction. Overall, the security posture is moderate but could be improved with standard best practices. The overall risk is low given the personal nature and limited business impact of the site. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, and considering a security.txt file for vulnerability disclosure. These steps would improve trust, compliance, and security without significant overhead.

F

fLaMEd fury

flamedfury.com

0

fLaMEd fury is a personal website and blog operated by an individual known as fLaMEd, focusing on web culture, personal interests, and collections such as books and records. The site serves as a digital diary and a curated index of various personal content, targeting a general audience interested in web and personal storytelling. The website is small-scale and niche, with a consistent brand and good content quality. Technically, the site is built using modern web standards and the Eleventy static site generator, hosted with Cloudflare as registrar and DNS provider. The site demonstrates good performance, mobile optimization, and accessibility, with no detected tracking or advertising scripts, reflecting a privacy-conscious approach. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, and does not publish formal security or incident response policies. Overall, the site is trustworthy and well-maintained but could improve privacy compliance and security posture by adding cookie consent and security policies.

The website '𓆱 softlandings' appears to be a personal or thematic blog with dated posts and minimal business or commercial content. It does not present clear business information, contact details, or commercial services, indicating a small-scale or individual operation. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript without detectable CMS or advanced frameworks. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Security posture is weak due to absence of HTTPS confirmation, security headers, and privacy policies. The WHOIS data is malformed and provides no registrar or registrant information, limiting trust and verification. Overall, the site is safe for general audiences but lacks professional business and security maturity.

The website chrishannah.me is a personal blog and portfolio site maintained by Chris Hannah. It features a variety of content including essays, technical articles, photography, and personal updates. The site targets a general audience interested in technology, programming, and personal storytelling. The business model is primarily content publishing for personal branding and sharing knowledge. The site is small-scale and has been active since 2016, with consistent content updates and a clear personal identity. Technically, the site is well-structured with modern HTML5 and CSS3 standards, uses JavaScript libraries such as Highlight.js for code syntax highlighting, and Lightbox.js for image display. Hosting is via Vercel DNS, indicating a modern and performant infrastructure. The site is mobile-optimized and has good navigation clarity, although accessibility features are basic. SEO optimization is present but could be improved. From a security perspective, the site enforces HTTPS with good SSL configuration and has domain transfer protections enabled. However, it lacks DNSSEC and security headers such as Content Security Policy or HSTS. There are no published privacy or cookie policies, nor a security.txt or vulnerability disclosure page, which are areas for improvement. Analytics are minimal and privacy-respecting, using Tinylytics with no aggressive tracking. Overall, the site is trustworthy and professional for a personal blog but has gaps in privacy compliance and security best practices. Strategic recommendations include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and publishing a vulnerability disclosure policy to enhance trust and compliance.

Feadin.eu is a personal blog maintained by Paolo, an EU citizen and IT professional with interests in film and personal opinions. The site serves as a platform for sharing weekly film-related posts, lists, and links. It targets a general audience interested in cinema and personal reflections. The business model is non-commercial, focusing on content sharing rather than monetization or services. The website is built using the Hugo static site generator with the PaperMod theme, indicating a modern, lightweight technical infrastructure. The site is moderately optimized for mobile and SEO, with basic accessibility features. Security posture is minimal, lacking standard security headers and privacy policies, which presents compliance and trust challenges. No contact or business information is provided, limiting business credibility. Overall, the site is safe and suitable for general audiences but would benefit from enhanced security and privacy compliance measures.

T

Tangible Life

tangiblelife.net

0

Tangible Life is a personal blog established in 2021 that publishes reflective and experiential content focused on lifestyle, technology, and personal growth. The site targets readers interested in the IndieWeb community and thoughtful living. It operates as a small-scale personal publishing platform without commercial transactions or extensive business infrastructure. Technically, the website uses a simple tech stack including HTML5, CSS, JavaScript with jQuery and Galleria.js, and is likely hosted on Blot.im, a platform for personal blogs. The site demonstrates good design quality, mobile optimization, and clear navigation, though accessibility and SEO optimizations are basic. Security posture is moderate with HTTPS implied but lacking DNSSEC and security headers. No privacy or cookie policies are present, indicating compliance gaps. Analytics usage is minimal via Tinylytics, with no forms or personal data collection evident. The domain registration is consistent and appropriate for the site’s age and content, registered with Porkbun LLC since 2021 with no privacy protection. Overall, the website is trustworthy as a personal blog but would benefit from improved security and privacy compliance.

The website worldlit.org currently serves a security challenge page that blocks direct access to its content, indicating the presence of a Web Application Firewall or similar security mechanism. The domain is registered with privacy protection via Domains By Proxy, LLC, and uses Cloudflare DNS services. The visible metadata reveals the use of very outdated content management systems (Joomla 1.5 and WordPress 2.5), which pose significant security risks. No business or contact information, privacy policies, or terms of service are present on the accessible page, limiting the ability to assess the business or compliance posture. The site links externally only to bitninja.io, a security service provider, suggesting some level of security monitoring. Overall, the site appears minimal and likely inactive or under maintenance, with a poor security and compliance posture based on available data.

L

Language Creation Society

conlang.org

0

The Language Creation Society operates a well-established website dedicated to the art and community of language creation. Founded in 1999 and based in the US, it serves a niche audience of conlang enthusiasts by providing membership services, conferences, grants, and a variety of resources. The website is built on WordPress with a modern theme and plugins, hosted by DreamHost, and demonstrates good technical maturity with responsive design and clear navigation. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced DNS security and security headers. Privacy compliance is supported by a comprehensive privacy policy, though cookie consent mechanisms are absent. Overall, the site is trustworthy, professional, and serves its community effectively.

F

Finĉjejo

fincxjejo.com

0

The website fincxjejo.com is a personal site dedicated to sharing ideas, projects, and creations related to the Esperanto language by an individual named Fingtam (Finĉjo). It serves as a cultural and educational platform targeting Esperanto learners and enthusiasts. The site is hosted on Google Sites, leveraging Google's infrastructure and technologies such as Google Fonts and APIs. The content is primarily textual with links to social media channels including YouTube and Facebook. The site lacks formal business structure and operates as a small-scale personal project without commercial intent. From a technical perspective, the site is built on a modern, stable platform (Google Sites) ensuring reliable hosting and HTTPS security. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. No custom frameworks or CMS beyond Google Sites are used. The absence of security headers beyond HTTPS is noted, and no forms or interactive data collection mechanisms are present. Security posture is adequate for a personal site with HTTPS enforced, but the lack of additional security headers and absence of privacy or terms of service pages indicate room for improvement. The WHOIS data is unavailable, raising concerns about domain registration legitimacy, although the site content and hosting platform suggest no malicious intent. Privacy compliance is minimal, with only a cookie consent banner present. Overall, the site is low risk but would benefit from improved transparency regarding domain registration, privacy policies, and enhanced security practices. Strategic recommendations include adding privacy and terms pages, implementing security headers, and clarifying domain registration status to improve trustworthiness.

P

Private by Design, LLC

lipukule.org

0

Lipukule.org is a niche cultural and linguistic website dedicated to the toki pona language and related content. It provides articles and posts that explore various themes in toki pona, targeting enthusiasts and learners of this constructed language. The website operates under the ownership of Private by Design, LLC, a US-based entity, with domain registration consistent with the site's scale and focus. The business model centers on content publication and community engagement via Discord and Telegram channels, without evident commercial transactions or e-commerce features. Technically, the website is built using the modern SvelteKit framework with JavaScript and CSS, delivering a good user experience with responsive design and clear navigation. Performance is moderate, and accessibility is basic but functional. No major technical debt or outdated technologies were detected. However, the site lacks advanced SEO optimization and accessibility features. From a security perspective, the site uses HTTPS but lacks security headers and published security policies. No privacy or cookie policies are present, and no contact information is provided, which limits compliance with GDPR and other privacy regulations. No vulnerability disclosure or incident response information is available. The domain registration is transparent and consistent with the website's purpose, supporting legitimacy. Overall, the website is safe, with no adult or explicit content detected. The content quality and business credibility are good, but privacy compliance and security posture need improvement. Strategic recommendations include implementing privacy and cookie policies, adding security headers, publishing a vulnerability disclosure policy, and enhancing accessibility and SEO.

P

Privacy service provided by Withheld for Privacy ehf

wikipesija.org

0

Wikipesija is a niche community-driven wiki platform focused on the toki pona language, providing an open content knowledge base for speakers and learners. The website operates on the MediaWiki platform and hosts over 3,000 pages, emphasizing educational and cultural content. The technical infrastructure is basic but functional, with moderate performance and limited mobile optimization. Security posture is minimal, lacking advanced security headers and published policies, and the domain uses privacy protection services typical for small community projects. Overall, the site is safe, trustworthy, and serves a specialized audience with no commercial intent or advertising.

The website 'lipamanka.gay' is a personal site primarily focused on sharing essays, stories, and linguistic resources related to the creator's interests. It is a small-scale, niche site without commercial intent or business contact information. The site is hosted likely on GitHub Pages with domain registration through NameCheap, protected by privacy services. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript, with minimal external dependencies. Analytics are implemented via GoatCounter, providing lightweight user tracking without aggressive data collection. From a security perspective, the site uses HTTPS and has domain transfer protection enabled, but lacks DNSSEC and security headers, which could be improved to enhance security posture. There are no privacy or cookie policies, nor terms of service, which limits compliance with GDPR and other privacy regulations. No contact or incident response information is provided, reducing transparency and trustworthiness from a security standpoint. Overall, the site is safe for general audiences, containing no adult or explicit content. The domain registration is recent and privacy protected, appropriate for a personal website. The lack of business information and policies limits the site's credibility and compliance maturity. Strategic improvements in security headers, privacy disclosures, and contact transparency would enhance trust and compliance.

P

Private Registry Authority

ranaseme.org

0

The website 'ranaseme.org' serves as a cultural and linguistic resource focused on the choral libretto 'suno sama', supporting multiple constructed and minority languages such as Esperanto, Tokipona, and Guosa. It targets linguistic communities and enthusiasts, offering free downloadable content and promoting international language collaboration. The site is small-scale, non-commercial, and community-oriented. Technically, it uses modern frontend technologies like Bootstrap and Google Fonts, hosted by Dreamscape Networks. However, the domain WHOIS data shows an anomalous future creation date and uses privacy protection, which slightly reduces trustworthiness. Security posture is minimal with no visible security headers or policies, and privacy compliance is lacking due to absence of privacy or cookie policies. Overall, the site is safe, educational, and accessible but would benefit from improved transparency and security practices.

P

pona.la: a domain for Toki Pona

pona.la

0

pona.la is a niche community website dedicated to hosting and curating projects related to the constructed language Toki Pona. It serves as a hub for educational resources, community news, cultural events, and creative contests, targeting enthusiasts and speakers of Toki Pona. The site leverages modern web technologies such as the Astro framework and uses privacy-conscious analytics via GoatCounter. The domain is relatively new, registered in 2022, and shows consistent registration data with no suspicious indicators. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks advanced security headers and DNSSEC. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the website is safe, well-structured, and serves its community effectively, though improvements in compliance and security practices are recommended.

P

Private Registry Authority

sunosama.org

0

The website sunosama.org represents a niche cultural and linguistic community project focused on international choirbooks supporting languages such as Esperanto, Guosa, and Tokipona. It provides free downloadable choirbook PDFs and promotes collaboration among language communities. The site is small-scale and non-commercial, targeting enthusiasts and speakers of these constructed and minority languages. Technically, the site uses modern frontend technologies like Bootstrap and Google Fonts, hosted on Vodien infrastructure. However, it lacks advanced SEO, accessibility features, and comprehensive privacy or security policies. Security posture is minimal with no DNSSEC and no visible security headers. The WHOIS data shows privacy protection but contains a suspicious domain creation date in the future, which reduces trust. Overall, the site is safe, with no adult or malicious content detected, but lacks business transparency and compliance documentation.

K

Kitty Cat

kitty.social

0

Kitty.social is a niche social networking platform focused on cat enthusiasts, including neko and furry communities, operating within the fediverse ecosystem. The platform offers a cozy, community-driven space for users to share content and interact, leveraging the Misskey software framework. The business model centers on providing a specialized social experience rather than commercial services, targeting a small but dedicated audience. Technically, the website employs modern JavaScript tooling with Vite and Misskey 2025.2.1, ensuring a contemporary and responsive user experience. The site uses HTTPS with reCAPTCHA integration to prevent bot registrations, and media proxying enhances user privacy. However, some standard security headers are missing, and no privacy or cookie policies are published, which limits compliance maturity. From a security perspective, the platform demonstrates good baseline practices such as HTTPS enforcement and bot mitigation but lacks comprehensive security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of privacy and cookie policies is a notable compliance gap, especially for GDPR considerations. Overall, Kitty.social presents a well-implemented niche social platform with good technical foundations and a safe content environment. To enhance trust and compliance, the site should publish privacy and cookie policies, implement security headers, and provide incident response information. These steps will improve user confidence and regulatory adherence.

The website opengatelabs.com is currently inaccessible beyond a Cloudflare Turnstile human verification challenge page, which blocks access to any substantive content. Due to this, no business description, contact information, or policies are available for review. The domain is newly registered in March 2024 with a reputable registrar and uses Cloudflare services for security and CDN. The lack of accessible content and policies limits the ability to assess the company's market position, services, or compliance posture. Technically, the site employs modern Cloudflare security mechanisms but lacks visible security headers or metadata due to the blocking. Overall, the security posture cannot be fully evaluated, and the website's trustworthiness is low based on available data.

The website 'noololly.studio' is a personal portfolio site primarily showcasing a software project named 'Uno'. The site is minimalistic and informal, targeting a general audience likely familiar with the site owner. The business model is non-commercial, focusing on personal project display rather than a formal business offering. The domain registration data is inconsistent, showing a future creation date which undermines trust and raises questions about data accuracy or legitimacy. Technically, the site uses basic HTML, CSS, and minimal JavaScript with no detected CMS or advanced frameworks. Hosting appears to be via Name.com based on WHOIS data. Security posture is weak with no security headers, no DNSSEC, and no privacy or cookie policies. No contact information or incident response details are provided, limiting trust and compliance. Overall, the site is low risk but lacks professional security and privacy practices.

T

tnixc.space

tnixc.space

0

The website tnixc.space appears to be a small personal or portfolio site created recently in 2023. It is built using modern web technologies such as Astro and Tailwind CSS, hosted on Vercel, and includes minimal content primarily serving as an index or landing page. The site has a clean and responsive design with good navigation and performance characteristics. However, it lacks critical compliance elements such as privacy and cookie policies, terms of service, and contact information, which limits its business credibility and privacy compliance maturity. Security posture is moderate with HTTPS enabled but no DNSSEC or security headers detected. Analytics are implemented via Umami, indicating minimal user tracking. Overall, the site is safe for general audiences with no adult or explicit content detected.

The website duanin2.top currently presents no accessible content beyond an empty HTML skeleton. There is no metadata, no visible text, no forms, no contact information, and no business-related content. The domain is registered with HOSTINGER operations, UAB, with privacy protection enabled, and uses Cloudflare DNS servers. The domain age is approximately one year, consistent with a newly created or placeholder site. Due to the lack of content and contact details, the website does not provide any meaningful business information or user engagement opportunities. From a technical perspective, the site lacks any detectable technologies, scripts, or frameworks. There is no evidence of HTTPS or security headers, which are critical for secure web operations. The absence of privacy, cookie, or terms of service policies indicates non-compliance with common data protection regulations such as GDPR. No analytics or tracking mechanisms are present, suggesting minimal or no user data collection. Security posture is weak due to the absence of HTTPS and security headers, and no incident response or vulnerability disclosure information is available. The domain registration is privacy protected, which is common for small or new sites but reduces transparency. No suspicious patterns were detected, but the overall trustworthiness is low given the lack of content and business information. Overall, the website appears to be inactive or a placeholder with no substantive content or business presence. Strategic recommendations include implementing HTTPS, adding essential security headers, publishing privacy and cookie policies, providing clear contact information, and developing meaningful website content to improve trust, compliance, and user engagement.

The website zacharykai.net currently serves a bot verification page employing Google reCAPTCHA invisible to prevent automated access. This indicates a security mechanism or WAF challenge blocking direct content access, limiting visibility into the actual business or service offered. The domain is newly registered in early 2024 via NameCheap without privacy protection, suggesting transparency but also a nascent online presence. No business, contact, or policy information is publicly accessible on the landing page, and no SEO or analytics technologies are detected beyond the reCAPTCHA scripts. The security posture shows basic use of CAPTCHA but lacks DNSSEC and security headers, and HTTPS status is unknown from the provided data. Overall, the site is in an early stage with minimal content and limited trust signals, resulting in a low AI score primarily due to access restrictions and lack of business information.

J

Jan's Website

jan-osing.de

0

Jan's website is a personal portfolio and social presence site for a young developer from Germany. It focuses on personal interests such as gaming, anime, open source software, and Linux distributions. The site is simple, well-structured, and provides links to various social and community platforms. The technical infrastructure is basic, relying on static HTML and CSS with Cloudflare DNS services. There is no evidence of advanced frameworks or CMS usage. Security posture is minimal with no visible security headers or policies, but no critical vulnerabilities or malicious content were detected. Privacy compliance is lacking as no privacy or cookie policies are present. Overall, the site is low risk but would benefit from improved security and compliance documentation.

S

Saahil

saahild.com

0

Saahild.com is a personal website owned by an individual named Saahil, currently under redevelopment. The site primarily serves as a personal portfolio or presence with minimal content and a link to a retro version of the site. The domain is relatively new, created in 2022, and hosted via Cloudflare with modern frontend technologies such as React and Animate.css. The site lacks comprehensive business information, privacy policies, or contact details, indicating it is not a commercial enterprise but rather a personal project. Technically, the site is moderately optimized with good mobile responsiveness but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing DNSSEC and security headers. No analytics or tracking scripts are present, reflecting a privacy-conscious or minimalistic approach. Overall, the site is safe, with no adult or explicit content detected.

M

MultiSport Australia

multisportaustralia.com.au

0

MultiSport Australia is a specialized sports timing service provider focused on delivering timing and tracking solutions for races and sporting events primarily within Australia. The company targets race organizers and participants, offering services such as race timing, a tracking app, and race postcards. The website is professionally designed, mobile-optimized, and provides clear navigation to key services and event listings. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and various UI plugins, hosted on a CDN-backed infrastructure ensuring moderate performance and good user experience. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and cookie consent mechanisms indicates room for improvement. WHOIS data is limited due to auDA privacy policies, but the domain and website content appear legitimate and consistent with the business purpose. Overall, the website demonstrates a solid digital presence with moderate risk and good business credibility.

M

My Atlas Events

myatlasevents.com.au

0

My Atlas Events is a medium-sized Australian event management company specializing in organizing mass participation running festivals, marathons, triathlons, and multisport events. The company positions itself as a premium event organizer with a strong community and charity focus, having raised significant funds for local causes. The website reflects a professional and consistent brand image, targeting runners, athletes, sponsors, and community members interested in sports events. Technically, the site is built on WordPress using Oxygen Builder, with integrations such as Google Analytics and Cloudflare DNS services, indicating a modern and moderately optimized digital infrastructure. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security practices.

The website micenest.xyz represents a nascent creative collective or idea incubation platform with minimal current content. The site serves primarily as a placeholder with a unique custom font and a promise of future content additions by 2025. The business behind the domain is registered under a privacy-protected entity, Private by Design, LLC, based in the US, consistent with the early-stage nature of the project. The lack of detailed business information, contact details, or policies indicates the site is not yet fully operational or publicly mature. From a technical perspective, the website employs basic HTML and CSS with a custom font and minimal external dependencies. Hosting is provided by Porkbun, LLC, the domain registrar. There is no evidence of advanced frameworks, CMS, or analytics tools. Performance and mobile optimization are basic but functional. SEO and accessibility features are minimal, reflecting the placeholder status. Security posture is limited; no security headers or DNSSEC are enabled, and no privacy or cookie policies are present. The domain uses privacy protection, which is reasonable for the business type and stage. No vulnerabilities or malicious indicators were detected. Overall, the site is safe but lacks maturity in security and compliance. The overall risk is low given the minimal content and no sensitive data handling. Strategic recommendations include implementing security best practices, adding privacy and cookie policies, and providing contact and incident response information to improve trust and compliance as the site develops.

The Catppuccin Webring is a community-driven website that aggregates links to various personal and developer websites themed around the Catppuccin aesthetic. It serves as a niche platform for enthusiasts and developers to connect and share their sites. The website is simple, primarily built with HTML and CSS, and uses the ringfairy framework to manage the webring functionality. There is no indication of commercial activity or a formal business entity behind the site. From a technical perspective, the site is lightweight and performs well with good mobile optimization and basic accessibility. However, it lacks advanced SEO features and does not implement security best practices such as HTTPS enforcement or security headers. No analytics or tracking technologies are present, indicating a privacy-conscious or minimalistic approach. Security posture is minimal; no security policies, incident response contacts, or vulnerability disclosures are provided. The absence of HTTPS confirmation and security headers lowers the security score. Privacy compliance is also lacking, with no privacy or cookie policies found. The site does not collect user data via forms or other means, reducing privacy risks but also limiting engagement. Overall, the site is safe and appropriate for general audiences, with no adult or explicit content detected. The lack of business information and policies suggests it is a hobbyist or community project rather than a commercial enterprise. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, and improving security headers to enhance trust and compliance.

D

Depositor Control Panel

depositorcontrol.com

0

DepositorControl.com appears to be a web-based control panel application, likely serving internal or registered users rather than the general public. The website uses modern Angular framework technology and is hosted on Amazon AWS infrastructure, indicating a moderate level of technical maturity. The presence of Google Analytics and Google Tag Manager scripts shows some level of user tracking and marketing analytics integration. However, the public-facing content is minimal, with no visible business descriptions, contact information, or legal policies such as privacy or cookie policies. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers which are recommended for enhanced protection. Overall, the site appears legitimate with a domain age of over a decade, but lacks transparency and compliance features expected for public-facing business websites.

The website at fedi.gay is a minimal, non-commercial site containing only a literary poem themed on Elven lore from Tolkien's universe. There is no business description, contact information, or commercial content. The domain is registered to Private by Design, LLC, a US-based entity, but the website content does not reflect any business operations or services. The domain WHOIS data is suspicious due to a future creation date, which raises concerns about legitimacy. Technically, the site uses basic HTML and CSS with no advanced frameworks or scripts detected. There are no privacy, cookie, or terms of service policies, and no contact or incident response information is provided. Security posture is weak with no DNSSEC, no security headers, and unknown SSL status. Overall, the site appears to be a placeholder or personal page rather than a professional business site.

S

Stalwart Management

chpu.eu

0

The website 'Stalwart Management' appears to be a minimalistic login portal with no publicly available business description or contact information. The site uses modern web technologies such as WebAssembly and JavaScript ES modules, indicating a contemporary technical infrastructure. However, the lack of visible content beyond the login form limits the ability to fully assess the business model or market position. Security posture is moderate with HTTPS assumed but no explicit security headers or policies detected. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site presents a basic professional appearance but requires enhancements in transparency, security, and compliance to improve trustworthiness and user confidence.

P

Private by Design, LLC

symtrkl.gay

0

The website symtrkl.gay is a personal portfolio and creative hub for Jennifer (SymTrkl), a transfeminine artist and writer based in the United States. The site showcases her work in illustration, web design, FPV drone piloting, and writing, with links to various social media and creative platforms. The business model centers on personal branding, commissions, and community support through platforms like Ko-Fi and Patreon. The site targets a general audience with a mature content segment including erotica and adult social media links. Technically, the site is built with standard HTML, CSS, and JavaScript, hosted via Porkbun with domain privacy protection. The site is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. No CMS or major frameworks are detected, indicating a custom or static site approach. From a security perspective, the domain uses registrar locks to prevent unauthorized changes but lacks DNSSEC and security headers. There is no visible HTTPS enforcement information, no privacy or cookie policies, and no incident response contacts. The site does not use analytics or tracking scripts, minimizing privacy risks but also limiting business intelligence. Overall, the site is legitimate and consistent with a personal creative portfolio but would benefit from improved security practices, privacy compliance, and clearer contact information to enhance trust and professionalism.

S

🌸 Lily's Moon Garden 🌸

sapphicyearn.ing

0

The website 'Lily's Moon Garden' is a personal hobby site currently under construction, primarily serving as a stable host for a small 88x31 button image. The site is minimalistic with basic HTML and CSS, no dynamic content or forms, and no evident business operations. The owner appears to be an individual named Lily, with a personal Mastodon social link provided. The site content is safe, non-commercial, and targeted at a general audience. Technically, the site uses simple static web technologies with no detected CMS or advanced frameworks. There is no evidence of HTTPS or security headers, and no privacy or cookie policies are present, indicating a low level of privacy compliance and security posture. The domain WHOIS is privacy protected, which is reasonable for a personal site. Overall, the site has a basic design and limited content, with room for improvement in security and compliance.

The website floof.gay is a personal site belonging to an individual named Olivia, serving as a small corner of the internet to share personal interests, social media presence, and blog content. The site is positioned as a personal brand rather than a commercial business, targeting a general audience interested in the author's activities and social links. The site leverages modern web technologies such as Dev.css and web fonts to provide a clean and responsive user experience. The technical infrastructure is straightforward, hosted likely via NameCheap with privacy-protected WHOIS registration, reflecting a typical personal website setup. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and security headers, which are recommended for improved security posture. There are no privacy or cookie policies present, and no contact information or forms for data collection, indicating minimal compliance with privacy regulations. No analytics or advertising scripts were detected, suggesting limited tracking and data collection. Overall, the site is safe and appropriate for general audiences, with no adult or questionable content detected. The domain is recently registered and privacy protected, consistent with a personal site. The security posture is moderate but could be improved with additional headers and policies. The site’s business credibility is limited due to its personal nature and lack of formal business information. Strategic recommendations include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and considering a security.txt file for vulnerability disclosure to enhance trust and compliance.

The website nekomimi.party currently serves as a minimal placeholder page with very limited content and no clear business description or services. The domain is newly registered in early 2023 and uses Cloudflare as its registrar and hosting provider. There is no evidence of a mature or established business presence, and no contact or policy information is provided on the site. Technically, the site uses basic HTML and CSS with no advanced frameworks or CMS detected. Security posture is minimal with no security headers or DNSSEC enabled, and privacy compliance is absent due to missing policies. Overall, the site appears to be in an early or inactive stage of development with low trustworthiness and limited user engagement potential.

The website citrons.xyz is a personal website belonging to an individual named raven, featuring journal entries, podcasts, galleries, and personal anecdotes. It does not represent a commercial business or organization and lacks formal business information or contact details. The site is modest in technical sophistication, built with basic HTML and CSS, and hosted on Mythic Beasts servers. There is no evidence of advanced frameworks, CMS, or analytics tools. Security posture is minimal with no detected HTTPS or security headers, and no privacy or cookie policies are present, indicating low compliance with modern web security and privacy standards. The domain is privacy protected and registered in 2021, consistent with the personal nature of the site. Overall, the site is safe for general audiences but lacks professional and security maturity.

The website 'mira's site' hosted on twoneis.site is a minimal personal presence site with a friendly and informal tone. It primarily serves as a placeholder with links to social platforms such as the Fediverse and Matrix, and provides a contact email. The site lacks substantive business content, policies, or commercial services, indicating a small-scale personal or community-oriented project. The domain WHOIS data is inconsistent, showing a future creation date and a registrant organization unrelated to the website content, which raises legitimacy concerns. Technically, the site is built with basic HTML and CSS, hosted via Porkbun, LLC. There is no evidence of advanced frameworks, CMS, or analytics tools. The site appears accessible without WAF or blocking mechanisms but lacks HTTPS confirmation and security headers, which weakens its security posture. Privacy and cookie policies are absent, and no forms or data collection mechanisms are present, limiting privacy compliance. Security-wise, the absence of HTTPS and security headers, combined with suspicious WHOIS data, lowers the trustworthiness and security score. No vulnerabilities or malware indicators were detected, but the site would benefit from implementing standard security best practices and compliance policies. Overall, the site is low risk but also low maturity in business and security terms. Strategic improvements in security, privacy compliance, and domain legitimacy verification are recommended to enhance trust and professionalism.

Chloe's Website is a personal and community-focused site that provides links to a blog, gallery, donation page, and visitor information. The site also features numerous external links to related personal and community websites, many of which reflect LGBTQ+ and transgender/non-binary themes. The website appears to serve as a hub for personal expression and community engagement rather than a commercial business. Technically, the site is built with straightforward HTML and CSS, validated by W3C badges, and hosted under a domain registered with Porkbun, LLC. However, the WHOIS data shows a suspicious future creation date, which raises concerns about the accuracy or legitimacy of the domain registration information. Security posture is minimal, with no detected security headers or privacy policies, and no analytics or tracking services are present, indicating a privacy-conscious but basic security setup. Overall, the site is safe for general audiences and provides a good user experience with clear navigation and consistent branding, but lacks formal business and compliance information.

A

Amy

amy.rip

0

Amy.rip is a personal website representing an individual named Amy, who identifies as a programmer and content creator sharing humorous and personal content. The site includes a link tree to a Git repository and integrates Discord OAuth2 for user reviews, indicating some community engagement. The website is small-scale, with a niche audience primarily composed of friends or followers interested in Amy's personal projects and content. Technically, the site uses modern JavaScript modules and React framework, suggesting a contemporary development approach, though performance and accessibility are basic. Security posture is minimal with no detected security headers or privacy policies, and no contact information is provided, limiting trust and compliance. The domain is privacy protected, which aligns with the personal nature of the site. Overall, the site is functional but lacks professional business features and security best practices.

G

Gen's Website

genshibe.ca

0

Gen's Website is a personal, non-commercial site run by an individual known as Gen, who self-identifies as a catgirl. The site serves as a personal homepage with minimal content, linking to related personal and community sites such as potatoe.ca and the Catppuccin Webring. The website does not represent a formal business entity and lacks professional business information or commercial services. Technically, the site is built with basic HTML and CSS, is mobile responsive, and includes some meta tags for social media previews. However, it lacks modern security features such as HTTPS and security headers, and no privacy or cookie policies are present. The WHOIS data for the domain is missing, raising questions about domain registration legitimacy. Overall, the site is a simple personal blog with limited technical sophistication and minimal security posture.