Security Directory

F

FiloSottile

age-encryption.org

0

The website is a GitHub repository page for 'age', a simple, modern, and secure encryption tool and Go library developed by the user FiloSottile. It serves a technical audience of developers and security professionals seeking encryption solutions. The project is well-regarded with over 19k stars and a significant number of forks, indicating strong community interest and usage. The repository is hosted on GitHub's platform, leveraging its infrastructure and design system, ensuring good performance, mobile optimization, and accessibility. However, the page itself lacks explicit privacy, cookie, and terms of service policies, which is typical for GitHub-hosted project pages but impacts privacy compliance scores. Security posture benefits from HTTPS enforced by GitHub and domain registration protections, though DNSSEC is not enabled. No direct contact information or vulnerability disclosure policies are present, which could be improved for better security transparency.

Uguu.se is a small, Sweden-based free temporary file hosting service established in 2013. It offers users a simple platform to upload and share files up to 128 MiB with a 3-hour expiration time. The service is donation-supported and emphasizes privacy by avoiding ads, account sign-ups, and tracking. The website is minimalistic and functional, targeting general users needing quick file sharing without long-term storage or registration. Technically, the site uses standard web technologies including JavaScript, HTML5, and CSS3, with no detected CMS or complex frameworks. Hosting and domain registration are consistent with the Swedish domain and registrar Loopia AB. The site performs well with fast loading and good mobile optimization but lacks advanced SEO and accessibility features. From a security perspective, the site uses HTTPS (implied by domain and modern standards though SSL configuration details are not explicit), but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, and no contact or incident response information is provided, which limits compliance and trust. No tracking or analytics scripts are detected, aligning with the privacy-focused business model. Overall, Uguu.se is a legitimate, niche service with a good reputation for privacy and simplicity but would benefit from improved security headers, formal privacy documentation, and contact information to enhance trust and compliance.

Termbin.com is a specialized online service providing a command line pastebin utility that enables users to share terminal output easily using netcat. The service targets developers and system administrators who require quick and simple text sharing from terminal environments. The business operates as a small-scale, niche utility powered by open source software, with indirect support through the developer's game sales on Steam. The website content is clear, concise, and focused on technical usage instructions, with a consistent branding approach and a basic but functional design. From a technical perspective, the website employs standard web technologies including HTML5, CSS, and JavaScript, and integrates Google Analytics for usage tracking. Hosting is managed through OVH with DNS services via Cloudflare. The site demonstrates fast performance and basic mobile optimization but lacks advanced accessibility features and SEO enhancements. There are no forms or complex data collection mechanisms, reducing attack surface but also limiting user engagement features. Security posture is moderate; the site uses HTTPS and domain registration protections such as clientDeleteProhibited and clientTransferProhibited statuses. However, DNSSEC is not enabled, and no security headers are detected in the HTML content. Privacy compliance is limited, with no cookie policy or consent mechanism, and only a basic acceptable use policy serving as a privacy-related document. Contact information is minimal, limited to a support email address. No incident response or vulnerability disclosure policies are published. Overall, termbin.com is a functional and trustworthy niche service with a moderate security posture and limited privacy compliance. Strategic improvements in security headers, DNSSEC implementation, privacy policies, and user consent mechanisms would enhance trust and compliance. The site is safe for general audiences with no adult or questionable content detected.

B

BreezeWiki developer (Cadence)

breezewiki.com

0

BreezeWiki is a small independent technology project founded in 2022 that offers an ad-free, streamlined mirror service for Fandom wiki pages. Its core value proposition is improving user experience by removing ads, videos, and suggested content, thereby enhancing page load speed and reducing data usage. The service is supported by multiple mirror sites and a browser extension for automatic redirection, targeting users who seek a cleaner alternative to Fandom's ad-heavy environment. The website is simple and content-focused, with clear navigation and good mobile optimization, but lacks formal privacy and cookie policies, which impacts compliance ratings. Technically, BreezeWiki uses basic HTML and CSS hosted on Vultr infrastructure with DNS managed via Vultr name servers. The domain is registered with Gandi SAS and is relatively new but consistent with the project's timeline. No advanced frameworks or CMS are detected, reflecting a lightweight and minimalistic approach. Performance is moderate with good mobile responsiveness, but accessibility and SEO optimizations are basic. Security posture is moderate; HTTPS is implied but no security headers or DNSSEC are enabled, and no vulnerability disclosure or incident response policies are published. From a security perspective, the site shows no signs of blocking or WAF interference, and no vulnerabilities or exposed sensitive data were detected in the content. However, the absence of privacy and cookie policies, security headers, and incident response information are notable gaps. The domain registration is consistent and legitimate for a small independent project, but enabling DNSSEC and adding security best practices would improve trust and resilience. Overall, BreezeWiki is a niche, small-scale service with a clear user-focused mission and moderate technical maturity. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance its security posture and user trust. The site is safe for general audiences and does not contain any adult or questionable content.

S

See PrivacyGuardian.org

tilde.team

0

tilde.team is a small, non-commercial digital community focused on providing unix shell accounts and related social and educational services. Founded in 2017, it serves a niche audience of unix enthusiasts and hobbyists, offering a variety of community tools such as forums, wikis, and collaborative platforms. The site is community-supported with optional donations and is a founding member of the tildeverse.org network, indicating a collaborative and open approach. Technically, the site uses a basic but functional tech stack including Bootstrap, jQuery, and PHP on an Ubuntu 22.04 server. While the site is accessible and content-rich, it lacks formal privacy and cookie policies, and security practices such as DNSSEC and security headers are not implemented. The domain registration is privacy protected but consistent with the community nature of the site. Overall, the site is trustworthy and safe for general audiences but could improve its compliance and security posture.

J

Jortage

jortage.com

0

Jortage is a small, community-driven technology project focused on providing cost-effective, communal object storage primarily for fediverse instances. Their key service is the Jortage Storage Pool, which offers S3-compatible storage with file-level deduplication to reduce storage costs significantly. The service is accelerated by Fastly's CDN under their Fast Forward program and uses Backblaze B2 as the storage backend. The website is well-structured, informative, and targets a niche audience of fediverse administrators. Technically, the site is lightweight, fast, and mobile-friendly, though it lacks some modern security headers and DNSSEC. Security posture is moderate with room for improvement, especially in formalizing security policies and enabling DNSSEC. Privacy compliance is basic, relying on third-party providers' policies without a dedicated cookie consent mechanism. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the project.

The website kernelpanic.neocities.org is a personal site hosted on NeoCities, primarily serving as a personal blog or information page for an individual interested in programming, Linux distributions, and leftist politics. It lacks commercial or business-oriented content and does not present a professional business presence. The site contains basic HTML and CSS with minimal content and no advanced technical frameworks or CMS detected. The hosting is provided by NeoCities, a free web hosting platform for personal sites. From a security perspective, the site does not present any immediate vulnerabilities or malicious content but lacks essential security features such as HTTPS enforcement, security headers, and privacy or cookie policies. The WHOIS data for the domain is unavailable or malformed, which limits the ability to verify domain ownership and trustworthiness. No forms or data collection mechanisms are present, reducing risk but also limiting interactivity. Overall, the site is low risk but also low in professionalism and business credibility. It is suitable for general audiences with no adult or explicit content. Strategic improvements include implementing HTTPS, adding privacy and cookie policies, and improving SEO and accessibility to enhance user experience and trust.

T

elixi.re

toaster.sh

0

elixi.re is a small, niche technology service offering free and open-source file hosting and link shortening. The platform supports multiple vanity domains and emphasizes privacy and transparency, with all source code publicly available on GitLab. The service targets a general audience seeking lightweight file hosting and URL shortening without advertising or tracking. Technically, the website uses modern JavaScript and Bootstrap frameworks, hosted behind Cloudflare DNS, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and no tracking scripts, but lacks explicit security headers and documented incident response contacts. Privacy compliance is supported by a privacy policy and GDPR consent modal, though cookie policy and terms of service are absent. Overall, the site is trustworthy and legitimate, with a domain age consistent with its operational history.

Open Pit is an independent virtual events platform specializing in hosting immersive virtual music festivals primarily within the Minecraft environment. The organization is recognized for producing notable events such as #COALCHELLA and #FIREFEST2019, positioning itself as a leader in the virtual event space. Their business model focuses on accessibility and inclusivity, offering free events to a diverse community. The platform leverages Minecraft as a unique medium to engage audiences and artists alike, creating a niche market presence. Technically, the website employs modern JavaScript frameworks and integrates Google Analytics and Google Tag Manager for user tracking and performance monitoring. The site is mobile-optimized with good SEO practices, though accessibility features are basic. Hosting details and CMS usage are not explicitly identified. The platform's infrastructure supports scaling and community engagement, particularly through Minecraft server infrastructure managed by core team members. From a security perspective, the site enforces HTTPS, ensuring encrypted communications. However, it lacks visible security headers and published privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the active content and press coverage mitigate some risk. No critical vulnerabilities or exposed sensitive data were detected, but improvements in transparency and security best practices are recommended. Overall, Open Pit presents a credible and innovative virtual event platform with strong community ties and media recognition. Strategic enhancements in privacy compliance, security policies, and domain registration transparency will strengthen its trustworthiness and regulatory adherence.

D

elixi.re

downloadmoredownloads.download

0

elixi.re is a small, open-source technology service providing free file hosting and link shortening functionalities. The platform supports multiple vanity domains and emphasizes privacy by avoiding non-free JavaScript and tracking code. The website is technically modern, using Bootstrap and Cloudflare for hosting and DNS, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and open-source transparency, but lacks some security headers and explicit incident response policies. Privacy compliance is partially addressed with a privacy policy and GDPR consent modal, though cookie policies and terms of service are missing. Overall, the site is trustworthy for its niche audience but could improve in security and compliance documentation.

C

elixi.re

cursed-images.xyz

0

elixi.re is a small, open-source technology service providing free file hosting and link shortening functionalities. The platform supports multiple vanity domains and emphasizes privacy and open-source principles, with all client-side code available on GitLab. The website is designed with a modern Bootstrap framework and hosted with Cloudflare DNS services, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no tracking scripts, but lacks explicit security headers and cookie consent mechanisms. Privacy compliance is supported by a clear privacy policy and GDPR consent modal, although no cookie policy or terms of service are present. Overall, the site is trustworthy for its niche audience but could improve in security and compliance documentation.

The website timokats.xyz is a personal portfolio site for Timo Kats, a technology enthusiast and developer from The Netherlands. The site showcases open source CLI tools, Python libraries, and project downloads, targeting individuals interested in computer tinkering and software development. The business model is primarily personal branding and project sharing, with a niche market position in the technology and open source community. The website content is well structured and relevant, providing clear contact via email and GitHub links. Technically, the site is built with basic HTML and CSS, hosted likely via Namecheap, with no detected CMS or advanced frameworks. The site performs moderately well with basic mobile optimization and accessibility. There are no analytics or tracking scripts, indicating a privacy-conscious approach. However, no security headers or HTTPS enforcement details were found, which could be improved. From a security perspective, the site provides a PGP key for secure email communication, which is a positive indicator. The domain is privacy protected but consistent with the personal nature of the site. No vulnerabilities or security incidents are evident, but the absence of privacy and cookie policies and security headers suggests room for improvement in compliance and security posture. Overall, the site is safe, professional, and trustworthy for its intended audience, but would benefit from enhanced security practices and formal privacy compliance documentation.

Temp.sh is a small, niche technology service providing temporary file upload capabilities with a 3-day expiry and a 4GB file size limit. The service targets general users needing quick and easy file sharing, supporting command line uploads and ShareX integration. The business operates on a donation model without formal commercial offerings or extensive branding. Technically, the website is minimalistic, custom-built with basic HTML, CSS, and JavaScript, hosted by OVH SAS. The domain is registered in Ireland since 2018, consistent with the service's operational timeline. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers. No privacy or cookie policies are present, and no vulnerability disclosure mechanisms are provided. Overall, the site is functional but lacks advanced security and compliance features.

The website gsthnz.com is a personal blog maintained by Gustavo Heinz, a software developer based in Brazil. The site primarily serves as a platform for sharing personal insights, software development topics, and updates. It targets a general audience interested in technology and software development. The business model is non-commercial, focusing on content sharing rather than monetization. The domain was registered in 2018 and shows consistent updates, indicating an active personal project. From a technical perspective, the website uses basic HTML and CSS without any detected CMS or advanced frameworks. Hosting appears to be through NameCheap, inferred from registrar DNS servers. The site has moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. Security posture is modest; the domain uses HTTPS (implied by URL scheme), but no security headers or DNSSEC are enabled. There are no forms or data collection points, reducing attack surface but also limiting interactivity. No privacy, cookie, or terms of service policies are present, which is typical for personal blogs but limits compliance with GDPR or similar regulations. Overall, the site is low risk with a trustable domain registration matching the site owner. Recommendations include adding basic security headers, enabling DNSSEC, and publishing privacy and cookie policies to improve compliance and trust. The site is safe for general audiences with no adult or questionable content detected.

H

hcrypt

hcrypt.net

0

The website hcrypt.net is a small personal technical blog focused on topics such as homelabs, self-hosting, logging, and scraping. It targets technology enthusiasts and developers interested in these niche areas. The site uses Jekyll as its CMS and serves static content with basic design and navigation. The technical infrastructure appears modest, likely self-hosted or on a VPS, with no HTTPS detected in the provided HTML content, which is a significant security concern. Analytics are implemented via Plausible, indicating some privacy awareness, but no privacy or cookie policies are present. Security posture is weak due to lack of HTTPS, missing security headers, and no evident incident response or security policies. Overall, the site is functional but lacks professional security and compliance features.

Steamosaic.com is a small-scale web utility designed to generate mosaic images based on public Steam profiles. It targets Steam users and gamers who want a visual representation of their gaming profile. The website is simple, with minimal content and a single form input for the Steam profile identifier. It is hosted on Cloudflare infrastructure and uses HTTPS, ensuring secure transport. The technical implementation is basic but functional, relying on standard HTML, CSS, and JavaScript without any complex frameworks or CMS. The site links externally only to its GitHub repository and the author's personal website, indicating a small independent project. From a security perspective, the website benefits from HTTPS and domain registration protections such as clientTransferProhibited status. However, it lacks important security headers and DNSSEC, which could enhance its security posture. There are no privacy or cookie policies, nor any contact information or incident response details, which limits its compliance with privacy regulations such as GDPR. No vulnerability disclosure or security.txt file is present, reducing transparency for security researchers. Overall, the site is low risk given its limited scope and content, but it would benefit from improved privacy compliance and security best practices. The absence of advertising and tracking technologies is a positive privacy indicator. The domain registration is consistent and legitimate, with a reasonable age and reputable registrar. The site content is safe for general audiences with no adult or explicit material. Strategic recommendations include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing contact information for security and privacy concerns. These improvements would enhance user trust, regulatory compliance, and security posture.

The website m-chrzan.xyz is a personal professional site belonging to Martin Chrzanowski, a software engineer specializing in smart contracts and blockchain technology. The site serves primarily as a personal blog and portfolio, targeting software developers and blockchain enthusiasts. The content is well-structured and relevant, though the design and technical implementation are basic, relying on simple HTML and CSS without advanced frameworks or CMS. Hosting appears to be via Namecheap with no advanced hosting platform detected. From a security perspective, the site lacks key elements such as privacy and cookie policies, security headers, and incident response information. No HTTPS or SSL configuration details were provided, which is a critical area for improvement. The domain is privacy protected, which is reasonable for a personal site, and the domain age aligns well with the owner's professional timeline. No suspicious or malicious indicators were found. Overall, the site is safe and trustworthy but would benefit from enhanced security practices, privacy compliance, and improved technical sophistication to better protect visitors and enhance professionalism. The lack of contact information and policies limits business credibility and privacy compliance scores.

The website www.stchris.net is a personal portfolio site for Christian Ştefănescu, a software engineer engaged in open source projects and software development, notably contributing to Aleph for OCCRP. The site serves primarily as a showcase for public projects and blog content aimed at developers and the open source community. The business model is individual and project-focused, with no commercial transactions or large-scale operations evident. Technically, the site is built with standard HTML and CSS, optimized for mobile devices, and includes links to external reputable platforms such as GitHub and Mastodon. The site is lightweight and fast-loading, though it lacks advanced frameworks or CMS usage. There is no evidence of analytics or tracking technologies, indicating a privacy-conscious approach. From a security perspective, the site lacks visible security headers and privacy or cookie policies, which are important for compliance and user trust. The WHOIS data is missing or indicates the domain is unregistered or expired, which is inconsistent with the active website presence and lowers the trust score. No forms or data collection mechanisms are present, reducing attack surface but also limiting user interaction. Overall, the site is safe, professional, and well-maintained from a content perspective but requires improvements in security headers, privacy compliance, and domain registration legitimacy to enhance trust and compliance.

I

IRCv3 Working Group

ircv3.net

0

IRCv3.net represents the official website of the IRCv3 Working Group, a collaborative community focused on enhancing the IRC protocol through open standards and extensible specifications. The group is composed of IRC client and server software authors who contribute to the development and maintenance of modern IRC extensions. The website serves as a hub for documentation, specifications, FAQs, and community engagement, targeting IRC developers and users interested in protocol improvements. From a technical perspective, the website is built using modern web standards including HTML5 and CSS3, leveraging frameworks such as Pure.css and FontAwesome for styling and icons. The site is hosted on a reputable DNS provider (NS1) and uses HTTPS with a valid SSL configuration, ensuring secure communications. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses domain transfer protection, but lacks DNSSEC and important security headers which could enhance its security posture. There is no published security policy or incident response information, and no privacy or cookie policies are present, which are areas for improvement especially for GDPR compliance. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Overall, the website is trustworthy, professional, and focused on its niche community. The domain age and WHOIS data support legitimacy. Strategic recommendations include enabling DNSSEC, publishing privacy and security policies, adding security headers, and improving GDPR compliance to strengthen trust and security posture.

ActivityPub Rocks! is a niche, community-driven informational website dedicated to promoting and supporting the ActivityPub protocol, a W3C standard for decentralized social networking. The site offers guides, tutorials, test suites, and news updates aimed at developers, implementers, and users interested in federated social web technologies. It occupies a specialized position within the technology sector, focusing on open standards and decentralized communication. Technically, the website is built with standard HTML5 and CSS, hosting SVG images for branding. It is hosted on Linode infrastructure, as indicated by the nameservers. The site lacks a CMS and advanced frameworks, reflecting a lightweight and straightforward technical implementation. Performance and mobile optimization are basic but adequate for the informational purpose. SEO and accessibility features are minimal but present. From a security perspective, the site uses HTTPS (implied by the URL), but no advanced security headers or DNSSEC are enabled. The domain registration is consistent and legitimate, with a long registration period and clientTransferProhibited status to prevent unauthorized transfers. However, the absence of privacy and cookie policies, contact information, and security incident response details indicates gaps in compliance and user trust facilitation. Overall, the website is trustworthy and professional within its niche but would benefit from enhanced privacy compliance, security hardening, and clearer contact channels to improve user confidence and regulatory adherence.

F

Fedi.Garden

fedi.garden

0

Fedi.Garden is a small, human-curated directory website focused on listing well-run Mastodon and Fediverse servers that adhere to responsible moderation and reliability standards. It serves a niche audience of users seeking trustworthy Fediverse communities and provides categorized listings by language, topic, country, and other criteria. The website is built on WordPress using a classic theme, with basic but clear navigation and content relevant to its target audience. Technical infrastructure is standard for a small WordPress site, hosted under a reputable registrar, with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or detailed GDPR indicators. No contact emails or phone numbers are provided, but a Mastodon social link is available for communication. The site does not employ advertising or analytics tracking, reflecting a privacy-conscious approach. Overall, the site is trustworthy and safe for general audiences, with room for improvement in security hardening and privacy compliance.

P

Private by Design, LLC

thefedi.wiki

0

The Fediverse Wiki is a community-driven informational website dedicated to documenting the Fediverse and its associated services. It serves as a central knowledge repository for users interested in understanding and participating in the Fediverse ecosystem. The site encourages user contributions and provides resources on various Fediverse software, tools, and concepts. The business operates as a small, technology-focused entity registered in the US under Private by Design, LLC, emphasizing privacy and community engagement. Technically, the website is built on the DokuWiki CMS platform, utilizing Bootstrap 3 for responsive design and jQuery for interactivity. The site demonstrates good mobile optimization and SEO practices, with a moderate performance profile. Hosting details are limited, but the domain is registered through Porkbun with standard domain protection statuses. The site uses HTTPS and includes minimal tracking via Tinylytics, reflecting a privacy-conscious approach. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and explicit HTTP security headers, which are recommended for enhanced security. No privacy or security policies are explicitly published, and contact information is limited to a contact form without direct email or phone contacts. There are no indications of vulnerabilities or malicious content, and the site content is safe for general audiences. Overall, the Fediverse Wiki presents a trustworthy, well-maintained community resource with room for improvement in formal privacy and security disclosures. Strategic enhancements in security headers, DNSSEC implementation, and publishing clear privacy and security policies would strengthen its security posture and user trust.

L

Home — Linus Groh

linus.dev

0

Linus Groh's personal website serves as a professional portfolio and hub for his open source projects and contributions to web standards. The site highlights his expertise in programming, particularly in JavaScript infrastructure and standards work, and showcases his active involvement in projects like Kiesel and SerenityOS. The website targets developers and technology enthusiasts, positioning Linus as a knowledgeable generalist in the tech community. Technically, the site is built using the Eleventy static site generator, leveraging modern web technologies such as Zig, Vue.js, and WebAssembly for project development. The website is performant, mobile-optimized, and accessible, with a clean and consistent design. Privacy-respecting analytics tools like Matomo and Shynet are used, reflecting a commitment to user privacy. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published policies such as privacy, cookie, or vulnerability disclosure policies. No forms collect sensitive user data, reducing attack surface. The use of WHOIS privacy protection is justified given the personal nature of the site. Overall, the website is trustworthy and professional, with minor gaps in privacy and security policy documentation. Strategic improvements in these areas would enhance compliance and user trust.

H

Hugh Wells

crablab.uk

0

The website crablab.co.uk serves as a personal professional portfolio for Hugh Wells, a Platform Engineer at Wise with extensive experience in cloud engineering, consultancy, and public sector digital projects. The site highlights his involvement in hackathon organization and community events, positioning him as an active technology professional and community contributor. The website is modest but well-structured, providing clear contact information and links to professional social media and code repositories. Technically, the site uses basic HTML and CSS with Font Awesome icons, hosted under a reputable registrar (Gandi) with a domain age consistent with the professional history presented. Security posture is adequate for a personal site, with HTTPS assumed but lacking advanced security headers and policies. Privacy and cookie policies are absent, which is a compliance gap. Overall, the site is trustworthy, safe, and professionally presented, though it would benefit from enhanced privacy and security disclosures.

S

Stichting IFCAT Foundation

why2025.org

0

WHY2025 is a nonprofit organization hosting an international hacker camp event in the Netherlands scheduled for August 2025. The event focuses on technology, cybersecurity, and community knowledge sharing, targeting hackers and technology enthusiasts. The business operates in the technology and nonprofit sectors with a small organizational size and a recent founding date in 2024. The website is professionally designed using modern JavaScript frameworks (Vue.js and Vuetify) and provides structured event data for clarity. The technical infrastructure is hosted by TransIP with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the domain registration is consistent and trustworthy, matching the business claims and event details.

H

HackTheMidlands

hackthemidlands.com

0

HackTheMidlands is a regional technology hackathon event founded in 2016, targeting technologists aged 14 and above of all skill levels. The website serves as a platform to promote the event, provide community engagement, and showcase sponsors and partners. The business model revolves around organizing hackathons and fostering a collaborative tech community. Technically, the site is built using modern React and Gatsby frameworks, hosted with Cloudflare DNS, and optimized for performance and mobile devices. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in compliance and security transparency.

S

Soluciones Corporativas IP, c/o Whois Proxy

nadia.moe

0

Nadia.moe is a personal website representing Nadia Santalla, a systems programmer and container enthusiast. The site serves as a professional portfolio and contact hub, linking to social media profiles and providing downloadable CV content. The business model is personal branding within the technology sector, targeting a general audience interested in software engineering. The website is newly established in 2024 and uses privacy protection for domain registration, which is common for personal sites. Technically, the site employs modern CSS frameworks such as matcha.css and XP.css, along with Material Design icons, resulting in a visually appealing and mobile-optimized experience. The site is simple, with no complex CMS or analytics tools detected, which reduces attack surface but also limits tracking and marketing capabilities. Performance is moderate with good mobile responsiveness and basic accessibility. From a security perspective, the domain is protected with clientTransferProhibited status, but DNSSEC is not enabled. No security headers were detected in the provided data, and no privacy or cookie policies are present, indicating room for improvement in compliance and security best practices. No forms or data collection mechanisms are present, reducing risk exposure. The site content is safe and professional with no adult or questionable material. Overall, the website is trustworthy and professionally presented but would benefit from enhanced security headers, privacy policies, and DNS security improvements. The domain registration is legitimate and consistent with the website's personal branding purpose.

S

Soluciones Corporativas IP, c/o Whois Proxy

owo.cafe

0

owo.cafe is an independent Mastodon server providing a decentralized social media platform focused on a transinclusive, antifascist, and anticapitalist community centered around hobbies such as gaming, cinema, books, and technology. The platform leverages the open-source Mastodon software to offer users a safe and engaging environment within the fediverse. The website is well-structured with good content quality and consistent branding, targeting a niche audience interested in decentralized social networking and hobby discussions. Technically, the site uses modern web technologies including React and ES modules, delivering a moderate performance with good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements are needed in DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms and terms of service. Contact information is limited to an administrative email. Overall, the site is trustworthy and professionally maintained but could enhance compliance and security practices.

nanoshinono.me is a personal portfolio website of a young developer known as prefetcher, based in Poland. The site showcases various niche projects related to retro computing culture, multiplayer games, online radio, and music streaming. The business model is primarily personal branding and project promotion within a niche community. The website is modest in scale and targets enthusiasts of 1990s-2000s computing aesthetics and indie game development. Technically, the site is built with standard HTML, CSS, and JavaScript, hosted behind Cloudflare DNS services. It lacks advanced frameworks or CMS platforms and shows basic mobile optimization and accessibility. Performance is moderate with no detected tracking or advertising services, indicating a lightweight footprint. From a security perspective, the site uses HTTPS and domain-level protections but lacks important security headers and privacy compliance mechanisms such as privacy and cookie policies. No forms or data collection points are present, reducing attack surface but also limiting user interaction. The presence of links to an NSFW site without warnings impacts content safety ratings. Overall, the security posture is average with room for improvement in headers and compliance. The overall risk is moderate, with no critical vulnerabilities detected but lacking in privacy and security best practices. Strategic recommendations include implementing security headers, adding privacy and cookie policies, improving mobile and accessibility features, and clearly labeling NSFW content. These steps would enhance trust and compliance while maintaining the site's niche appeal.

P

Private by Design, LLC

buh.moe

0

The website buh.moe is a personal portfolio and blog site owned by Alex, a 21-year-old student from Poland with interests in programming, front-end development, UI design, and video games. The site serves as a personal hub showcasing the owner's projects, blog posts, and social media presence. It targets a general audience interested in technology and gaming. The domain is newly registered in December 2024 and uses privacy protection services, which is typical for personal websites. Technically, the site is built using the Astro framework (v5.1.0) and hosted on Vercel, leveraging modern web technologies including Font Awesome icons and Vercel's analytics and speed insights tools. The site is well-optimized for performance and mobile devices, with good SEO practices evident from meta tags and Open Graph data. However, accessibility features are basic, and no CMS is detected. From a security perspective, the site uses HTTPS with a good SSL configuration and domain status protections to prevent unauthorized transfers or deletions. However, DNSSEC is not enabled, and no security headers such as Content-Security-Policy or X-Frame-Options are present. There are no visible vulnerabilities or exposed sensitive data, but the absence of privacy and cookie policies and incident response information indicates room for improvement in compliance and security posture. Overall, the website is safe, professional, and trustworthy for a personal site, with no adult or explicit content detected. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, and providing incident response contacts to enhance trust and compliance.

The website 'zeroptr' is a personal portfolio and community hub maintained by a self-taught developer named Yui. It features sections such as blog, projects, gallery, and an interactive chat, targeting a general audience interested in technology and personal development projects. The site is small-scale and niche, focusing on showcasing creative works and fostering community engagement through chat and webrings. Technically, the site uses standard web technologies including JavaScript, SVG, CSS, and HTML5, hosted likely on Neocities, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enforced but lacking advanced security headers and formal privacy or cookie policies. No contact information or formal business details are provided, reflecting its personal nature. Overall, the site is safe, trustworthy for general audiences, but lacks formal compliance and security best practices.

B

Home | Blooym

blooym.dev

0

Blooym.dev is a personal website representing an individual programmer and open-source contributor known as Blooym. The site highlights their work on various open-source projects, personal blog posts, and social media presence. The business model is primarily personal branding and community engagement, supported by sponsorship and donations. The website is built using modern static site generation technology (Astro), optimized for performance and mobile devices, with a clean and consistent design. Security posture is adequate with HTTPS enforced and no exposed sensitive data, but lacks security headers and formal privacy or cookie policies. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the site is safe, trustworthy, and serves a niche audience of open-source enthusiasts and followers.

G

goldenstack's homepage

goldenstack.net

0

The website goldenstack.net is a personal homepage belonging to an individual known as golden, a computer science and art student at UC Irvine. The site serves primarily as a portfolio and personal blog showcasing programming projects, interests, and social contacts. It targets a niche audience interested in computer science, programming languages, and related personal projects. The business model is non-commercial and focused on personal expression and networking. Technically, the site is built with simple HTML and CSS, likely using the Astro framework, and is hosted via Cloudflare. It has a fast loading performance and basic mobile optimization but lacks advanced SEO and accessibility features. No JavaScript is used, which reduces security risks but also limits interactivity. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers. There are no forms or data collection mechanisms, reducing attack vectors. However, the absence of privacy and cookie policies indicates non-compliance with GDPR and other privacy regulations. No incident response or security contact information is provided. Overall, the site is low risk due to its personal nature and minimal data collection but would benefit from improved privacy compliance and security best practices. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and providing contact information for security incidents.

T

Thomas Ricci

thomasricci.dev

0

Thomas Ricci's website is a personal portfolio showcasing his skills as a software engineer and student at WPI. The site highlights his experience with various programming languages, frameworks, and cloud platforms, along with active projects such as Pyro and Nexus. The website is well-designed, mobile-optimized, and provides clear navigation to projects, resume, and professional social profiles. Technically, it leverages modern technologies including React, HTMX, and Cloudflare Pages hosting, ensuring fast performance and good accessibility. Security-wise, the site uses HTTPS and includes standard security headers, but lacks formal privacy, cookie, and security policies. Overall, the site is trustworthy and professional, though it could improve compliance by adding privacy and cookie policies.

H

Haylin Moore

hayl.in

0

Haylin Moore's website serves as a personal professional portfolio and blog, highlighting his expertise as a software and network engineer with experience at notable companies such as Qumulo and Arista Networks. The site features detailed descriptions of projects, writings, and professional affiliations, targeting technology professionals and the open source community. The business model is centered on personal branding and sharing technical knowledge rather than commercial services. Technically, the website is well-implemented using modern HTML5, CSS (Pure.css), and JavaScript, with a responsive design optimized for mobile devices. The site loads quickly and provides a good user experience with clear navigation and professional content presentation. However, no CMS or hosting provider details are explicitly identified. From a security perspective, the site uses HTTPS as indicated by canonical URLs, but lacks explicit security headers and formal privacy or cookie policies. There are no forms or data collection points, reducing attack surface, but also no incident response or vulnerability disclosure mechanisms are present. No suspicious or vulnerable scripts were detected, and no sensitive data is exposed. Overall, the website is safe, professional, and trustworthy, but could improve its privacy compliance and security posture by adding policies, security headers, and contact information for security incidents.

The website lily.pet is a personal portfolio and blog site for Lily, a UK-based student and programmer. The site showcases Lily's interests in programming, particularly in web development using React and Astro, as well as Kotlin for Minecraft plugins. The business model is personal branding and sharing projects, targeting a general audience interested in technology and programming. The site is hosted via Cloudflare DNS and uses modern web technologies but lacks advanced security and privacy features. Technically, the site employs modern JavaScript frameworks and is moderately optimized for performance and mobile devices. However, accessibility and SEO optimizations are basic. The site does not use a CMS and appears to be a custom-built static or semi-static site. No analytics or advertising scripts were detected, indicating minimal user tracking. From a security perspective, the site uses HTTPS and has domain status protections but lacks DNSSEC and security headers. No privacy or cookie policies are present, and no contact or incident response information is provided. The domain registration is consistent and legitimate, with privacy protection justified for a personal site. Overall, the security posture is moderate but could be improved with standard best practices. The overall risk is low given the personal nature and lack of sensitive data collection, but improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and compliance.

The website skip.house is a personal site belonging to an individual named Skip, a computer programmer from California. The site appears to serve as a personal portfolio or blog, focusing on interests such as electronic music, UI design, rhythm games, and languages. The domain is newly registered in March 2024 and hosted via Cloudflare, using a modern React and Next.js technology stack. However, the site currently displays an application error page, limiting content accessibility and analysis. From a technical perspective, the site uses contemporary web frameworks but lacks advanced SEO, accessibility, and performance optimizations. There are no detected privacy, cookie, or terms of service policies, nor any contact information or security policies published. Security posture is basic, with no DNSSEC enabled and no security headers detected, which could expose the site to certain risks. Overall, the security posture is weak, with no incident response or vulnerability disclosure mechanisms evident. The domain registration is consistent with the personal nature of the site, and no suspicious patterns were found. The site does not contain any adult or questionable content and targets a general audience. The lack of policies and contact information, combined with the application error, reduces trustworthiness and business credibility. Strategic recommendations include fixing the application error to restore site functionality, implementing privacy and cookie policies, enabling DNSSEC and security headers, and publishing security and incident response information to improve trust and compliance.

H

Honbra

honbra.com

0

Honbra.com is a personal website operated by a student from Czechia who is passionate about technology and its potential uses and abuses. The site primarily serves as a blog and personal portfolio, sharing technology-related insights and posts. The website is built using the Astro framework, indicating a modern and performant technical infrastructure. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC. Privacy compliance is minimal, with no privacy or cookie policies present. Contact options are limited to an email address and a Matrix instant messaging handle. Overall, the site is trustworthy for a personal blog but would benefit from improved privacy and security practices.

The website connormcf.com is a personal site belonging to a UK-based systems administrator. It serves primarily as a personal blog and portfolio, sharing technical content and providing a PGP key for encrypted communication. The site is small-scale, non-commercial, and targets a general audience interested in technology and systems administration. The domain was registered in 2015 and is hosted via Cloudflare, indicating a stable and reputable infrastructure. From a technical perspective, the site uses standard web technologies including HTML5, CSS, and JavaScript, with Cloudflare Insights for minimal analytics. The site is mobile-optimized and has basic SEO and accessibility features. However, it lacks advanced frameworks or CMS platforms, suggesting a simple, custom-built or static site. Security posture is moderate with HTTPS enforced and domain transfer protection enabled. However, the absence of DNSSEC, security headers, and published security policies reduces the overall security maturity. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is low due to missing privacy and cookie policies and lack of GDPR indicators. Overall, the site is low risk given its personal nature and limited data collection. Strategic improvements include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing contact information for security incidents to enhance trust and compliance.

B

Application error: a client-side exception has occurred

breq.dev

0

The website breq.dev serves as a personal portfolio and project showcase primarily focused on software development, hardware projects, and open source contributions. It targets developers and technology enthusiasts interested in programming, hardware tinkering, and web applications. The site hosts numerous projects with demos and repositories, reflecting a strong technical background and active development. However, the main page currently suffers from a client-side application error, which significantly impacts user experience and accessibility. Technically, the site is built using modern web technologies including Next.js, React, Python, Flask, and Node.js, and is hosted on Vercel. The technology stack is diverse and up-to-date, supporting a variety of programming languages and frameworks. Despite this, the site lacks important security headers and privacy compliance elements, and the frontend error suggests some technical debt or deployment issues. From a security perspective, the site does not present explicit vulnerabilities but lacks essential security best practices such as HTTPS verification, security headers, and privacy policies. No incident response or vulnerability disclosure information is provided, which limits trust and compliance with data protection regulations. Analytics usage is minimal and limited to Cloudflare Insights, with no aggressive tracking or advertising. Overall, the site is a technically competent personal portfolio with good content relevance but suffers from poor user experience due to errors and missing compliance/security features. Strategic improvements in frontend stability, privacy compliance, and security hardening are recommended to enhance trustworthiness and professionalism.

InvoxiPlayGames is a personal and hobbyist website operated by Emma, a software developer and security researcher specializing in reverse engineering, game modding, and open source projects. The site serves as a portfolio and project hub, targeting enthusiasts in gaming, security research, and technology. The business model is informal and community-driven, focusing on sharing knowledge and software rather than commercial activities. The domain is well-established since 2015, supporting the credibility of the operator's experience and project history. Technically, the website is built with standard web technologies including HTML5, CSS3, and JavaScript, with backend and project languages spanning C#, C, C++, NodeJS, and others. Hosting is via Cloudflare, providing HTTPS and performance benefits. The site is mobile-optimized with good navigation and content structure, though accessibility and SEO are basic. No CMS is detected, indicating a custom or static site approach. From a security perspective, the site uses HTTPS and does not expose sensitive data or forms, reducing attack surface. However, it lacks security headers and formal privacy or cookie policies, which are recommended for compliance and enhanced security posture. The presence of a HackerOne profile indicates responsible vulnerability disclosure practices. No critical vulnerabilities or suspicious content were detected. Overall, the site is a credible, well-maintained personal project hub with moderate technical sophistication and a good security baseline. Improvements in privacy compliance and security headers would enhance trust and protection. The risk level is low given the non-commercial nature and limited data collection.

S

Stringy Software

mae.wtf

0

The website mae.wtf is a personal portfolio and creative showcase for an individual named vimae, who identifies as a queer programmer, musician, and internet user with interests in technology and creative arts. The site highlights programming skills, music production, and various creative projects, positioning itself as a niche personal brand rather than a commercial business. The domain is registered with privacy protection and hosted using modern web technologies, including React, Next.js, and TailwindCSS, ensuring a fast and responsive user experience. Social media integration includes Discord, Bluesky, and YouTube, supporting community engagement. Security posture is adequate with HTTPS and domain transfer protection, but lacks advanced security headers and explicit policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite analytics usage. Overall, the site is trustworthy, well-designed, and serves its purpose as a personal creative hub.

Shrecknt's Silly Site is a personal technology-focused website serving as a blog and portfolio for the individual known as Shrecknt. The site features links to various social media profiles including Discord, GitHub, and Matrix, as well as a collection of partner and related sites. The content is primarily personal and technical in nature, targeting a general audience interested in technology and programming. The site does not appear to represent a commercial business entity but rather a personal project or hobbyist presence. Technically, the website is built with standard HTML5, CSS3, and JavaScript, utilizing Font Awesome icons for visual elements. There is no evidence of a CMS or complex frameworks, indicating a lightweight and straightforward implementation. The site appears to be mobile-optimized with good navigation clarity, though accessibility features are basic. No analytics or tracking scripts were detected, suggesting minimal user tracking and a privacy-conscious approach. From a security perspective, the site lacks visible security headers and does not provide privacy or cookie policies, which are important for compliance and user trust. No contact emails or phone numbers are provided, limiting direct communication channels. The domain uses privacy protection for WHOIS data, which is common for personal sites but reduces transparency. No vulnerabilities or malicious content were detected, and the site content is safe for general audiences. Overall, the site scores moderately on content quality and business credibility but scores lower on security posture and privacy compliance. Strategic improvements in security headers, privacy policies, and contact information would enhance trust and compliance. The site is suitable as a personal portfolio but lacks features expected from professional or commercial websites.

The website kibty.town is a personal portfolio site belonging to a developer and (un)professional pentester named Eva, who focuses on infosec, software pentesting, and devops. The site highlights several open source projects and community involvement, targeting infosec enthusiasts and developers. The business model is primarily personal and community-driven, with no commercial transactions evident. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, Google Fonts, and integrates third-party services such as Umami Analytics and Ko-fi chat widgets. The site is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS implied but no DNSSEC or security headers detected. Privacy compliance is minimal with no privacy or cookie policies present. WHOIS data is consistent and transparent, indicating a legitimate personal site. Overall, the site is safe, professional, and trustworthy but could improve in privacy and security practices.

M

matdoesdev

matdoes.dev

0

The website matdoes.dev is a personal portfolio site for a full-stack software developer named mat. It serves as a platform to showcase blog posts and projects, targeting a general audience interested in software development. The site uses modern web technologies, specifically the SvelteKit framework, ensuring a fast and responsive user experience. External links to GitHub, Matrix, and Ko-fi provide social and donation channels, enhancing community engagement. However, the site lacks formal privacy, cookie, and terms of service policies, which limits its compliance posture. From a technical perspective, the site demonstrates good implementation with module preloading and modern JavaScript frameworks, contributing to fast performance and good mobile optimization. Accessibility is basic but functional. Security measures such as HTTPS are assumed but not explicitly confirmed in the provided data, and no security headers were detected. There are no forms or data collection mechanisms present, reducing exposure to common web vulnerabilities. Security posture is moderate but could be improved by adding security headers, formal privacy and cookie policies, and explicit contact information for incident response. No vulnerabilities or suspicious patterns were detected. The domain uses privacy protection for WHOIS data, which is appropriate for a personal portfolio. Overall, the site is safe, professional, and suitable for general audiences. Strategic recommendations include implementing privacy and cookie policies, enhancing security headers, providing clear contact information, and improving accessibility features to strengthen compliance and trustworthiness.

A

Ariana "adryd"

adryd.com

0

The website adryd.com is a personal site owned by Ariana (aka adryd), primarily serving as a platform to share personal projects, blog posts, and references related to technology, trains, radios, and other hobbies. The site is small-scale, non-commercial, and targets a general audience interested in these niche topics. The domain has been registered since 2016, indicating a stable presence. The website uses modern technologies such as the Astro static site generator and Cloudflare DNS, delivering a fast and mobile-optimized experience with good design quality and navigation clarity. From a security perspective, the site benefits from HTTPS and domain status protections that prevent unauthorized transfers or deletions. However, it lacks DNSSEC, security headers, privacy and cookie policies, and explicit contact information, which are areas for improvement. No forms or data collection mechanisms are present, reducing privacy risks but also limiting user engagement options. No advertising or tracking technologies were detected, indicating minimal user tracking. Overall, the website presents a moderate security posture with good technical implementation but limited privacy compliance and business credibility signals. The content is safe for general audiences, with no adult or questionable material detected. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, and providing contact information to enhance trust and compliance.

The website enfys.wales is a personal portfolio and blog site for Enfys, a developer and musician based in North Wales. The site targets niche communities such as the demoscene and technology enthusiasts, offering links to social profiles and partner sites. The business model is personal branding and community engagement rather than commercial services. Technically, the site is a simple static HTML/CSS/JavaScript implementation with no detected CMS or advanced frameworks. Mobile optimization is poor, and no advanced SEO or accessibility features are evident. Security posture is minimal with no HTTPS or security headers detected, and no privacy or cookie policies are present, indicating low compliance with GDPR and other regulations. No contact or incident response information is provided, limiting trust and professional credibility. Overall, the site is safe for general audiences but lacks professional security and compliance features.

L

luna

l4.pm

0

The website l4.pm is a personal portfolio and hobbyist project site operated by an individual known as Luna (LUN-4). It primarily showcases backend development work for partners such as anlatan.ai and novelai.net, alongside open source projects related to virtual reality and personal interests like music and blogging. The site is small-scale, targeting technology enthusiasts and VR communities, with no commercial business model or formal market positioning. Technically, the site is built with basic HTML, CSS, and SVG graphics, hosted on Hetzner, and demonstrates moderate performance and basic mobile optimization. Security posture is minimal, with no visible security headers or published policies, and no evidence of HTTPS status was found in the provided data. The site lacks privacy, cookie, and terms of service policies, which impacts compliance and trust. Content includes mild adult-themed warnings but no explicit adult content. Overall, the domain registration is consistent and legitimate, supporting the personal nature of the site.

E

Essem

essem.space

0

Essem.space is a personal website belonging to an individual named Essem, who is a coder and content creator. The site serves as a portfolio and microblog platform linking to various personal projects and social media profiles. The business model is personal branding and content sharing, targeting a general audience interested in technology and coding. The site is small scale and founded in 2018, with no corporate affiliations or subsidiaries. Technically, the site is simple, built with basic HTML and CSS, hosted likely via Namecheap, and lacks advanced frameworks or CMS. Performance and mobile optimization are basic but functional. Security posture is minimal, with no visible security headers or policies, and no HTTPS status explicitly known from the data. Privacy compliance is lacking as no privacy or cookie policies are present. The WHOIS data shows privacy protection typical for personal sites, with domain age consistent with the site's history. Overall, the site is safe, trustworthy for general audiences, but lacks formal security and compliance features.

E

elixi.re

elixi.re

0

elixi.re is a small, open-source technology service providing free file hosting and link shortening functionalities. The platform supports multiple vanity domains and emphasizes privacy by avoiding non-free JavaScript and tracking code. The website is technically modern, using Bootstrap and Cloudflare DNS services, and is mobile optimized with a clean user interface. Security posture is moderate with HTTPS enforced but lacks some security headers and exposes debug information on error pages. Privacy compliance is good with a clear privacy policy and GDPR consent modal, though cookie policy and terms of service are missing. Overall, the site is trustworthy for its niche audience but could improve in security and compliance documentation.