Security Directory

The National Emergency Management Agency (NEMA) is an Australian government agency responsible for developing, leading, and coordinating the nation's approach to emergency management. The website serves as a central hub for disaster preparedness, response, recovery, and resilience-building initiatives across Australia. It targets government entities, emergency management professionals, and the general public, offering key programs such as the Disaster Ready Fund and the National Resilience Action Library. The agency positions itself as a national leader in emergency management coordination, leveraging partnerships across government and non-government sectors.

D

Department of Home Affairs

cisc.gov.au

0

The Critical Infrastructure Security Centre (CISC) website serves as an authoritative Australian government portal under the Department of Home Affairs, focusing on supporting critical infrastructure owners and operators to understand risks and comply with regulatory requirements. The site positions itself as a key resource for various sectors including energy, transport, telecommunications, and finance, providing risk assessments, regulatory guidance, and partnership opportunities. The content is well-structured and professionally presented, targeting industry stakeholders and government partners.

S

Starship

starship.rs

0

Starship.rs is the official website for Starship, a minimal, blazing-fast, and highly customizable shell prompt designed for a wide range of shell environments including Bash, Fish, ZSH, and PowerShell. The project is positioned as a developer-focused open source tool emphasizing speed, compatibility, and customization. The website provides comprehensive installation instructions and documentation to support its user base of developers and system administrators. Technically, the site is built using modern web technologies such as VitePress and serves content efficiently with good SEO and mobile optimization. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks explicit security headers and formal privacy or cookie policies. The domain registration is consistent and legitimate, with no privacy protection, aligning with the open source nature of the project. Overall, the website is professional, trustworthy, and well-maintained, though it could improve privacy compliance and security transparency.

S

SolidJS project

solidjs.com

0

SolidJS is an open-source JavaScript library focused on providing a performant and reactive approach to building user interfaces. It is well-positioned in the frontend development ecosystem with a strong community presence, evidenced by over 32,000 GitHub stars and multiple sponsors from leading technology companies. The website offers comprehensive documentation, tutorials, and ecosystem tools targeting JavaScript developers and frontend engineers seeking efficient UI solutions. Technically, the site is modern, leveraging ES modules, JSX, and TypeScript support, hosted on Cloudflare Pages with fast performance and excellent mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements could be made by adding explicit security headers and formal privacy policies. The WHOIS data is incomplete or missing, which is unusual but does not detract significantly from the site's legitimacy given its active community and open-source nature. Overall, SolidJS presents a trustworthy and professional digital presence with room for enhanced compliance and security transparency.

C

codecalm

tabler.io

0

Tabler is a well-established open source project and commercial provider of responsive HTML admin templates and UI kits based on Bootstrap 5. The company, codecalm, founded in 2018 and based in France, offers a rich set of UI components, layouts, icons, and illustrations targeting developers and designers building web applications and dashboards. The website demonstrates a high level of technical maturity, leveraging modern frameworks such as Next.js and Bootstrap 5, and integrates multiple analytics platforms for user insights. Security posture is solid with HTTPS enforced and domain registration protections in place, though some improvements in security headers and privacy compliance (notably cookie consent) are recommended. Overall, the site is professional, trustworthy, and well-positioned in the UI kit market.

Million.dev is a technology company specializing in providing a high-performance React renderer aimed at optimizing React websites for speed and efficiency. The website targets React developers and development teams looking to improve application performance. The company positions itself as a niche technology provider with a focus on developer tooling and performance optimization. Technically, the site is built using modern frameworks such as React and Next.js, hosted on Vercel, and employs Vercel Analytics for performance monitoring. The website demonstrates good design quality, mobile optimization, and user experience, although accessibility and SEO could be improved. Security posture is solid with HTTPS enabled and modern tech usage, but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

The website versary.town is a personal creative portfolio and blog site owned by Annie, who identifies as a gay girl interested in music and programming. The site features personal blogs, recipes, resources, and links to social media and code repositories. The business is small and niche, targeting a general audience interested in personal creative content. The domain is registered to Private by Design, LLC in the US, consistent with the website's content and timeline. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and Google Fonts. It is hosted with DNS services from Porkbun LLC, with moderate performance and good mobile optimization. However, there is no CMS detected, and no advanced frameworks are used. SEO and accessibility are basic but functional. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which reduces its security posture. There are no visible privacy, cookie, or security policies, and no incident response or vulnerability disclosure mechanisms. No analytics or tracking scripts are present, indicating minimal user tracking. The site content is safe for general audiences with no adult or explicit material. Overall, the site is a legitimate personal project with moderate technical and security maturity. Strategic improvements include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and considering vulnerability disclosure to enhance trust and compliance.

K

IRIXen Interactive Desktop - Welcome

kokoscript.com

0

The website kokoscript.com is a personal portfolio site belonging to an individual named Koko, who is a programmer, independent game developer, digital artist, and creative enthusiast based in Chicago. The site showcases various projects including DOS-based games and engines, digital artwork, and personal interests such as vintage computing and music composition. The business model is primarily personal and hobbyist, targeting a niche audience interested in indie development and digital art. Technically, the site is built with basic HTML and CSS, with no detected JavaScript or modern frameworks. It uses a retro Netscape Navigator style design and is hosted with DNS services from Google Cloud DNS and registered via Squarespace Domains. The site has basic mobile optimization and accessibility but lacks advanced SEO and performance optimizations. From a security perspective, the site lacks visible HTTPS confirmation and security headers, and no privacy or cookie policies are present. The domain registration is legitimate and consistent with the site’s purpose, with domain status flags preventing unauthorized transfer or deletion. No forms or data collection mechanisms are present on the main page, and contact is provided via a separate contact page. No analytics or tracking scripts were detected, indicating minimal user tracking. Overall, the site is safe, with no adult or explicit content, and suitable for general audiences. However, it lacks formal privacy and security policies, which could be improved to enhance trust and compliance. The site’s technical and security posture is basic, reflecting its personal and hobbyist nature.

B

Begeeked Labs, LLC.

discord.me

0

Discord.me is an established online platform founded in 2015 by Begeeked Labs, LLC., focused on providing a directory service for public Discord servers and bots. The website targets Discord users seeking communities across various interests such as gaming and music, facilitating discovery and connection. The platform operates a niche community listing business model, positioning itself as a specialized directory within the broader social and gaming technology sector. Technically, the website employs modern web technologies including Laravel backend framework, Bootstrap for UI, FontAwesome icons, and integrates Google Analytics and Tag Manager for tracking. Hosting and domain registration are managed via Cloudflare, ensuring reliable performance and security. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. From a security perspective, the site enforces HTTPS, uses CSRF tokens in forms, and benefits from domain transfer protections. However, it lacks DNSSEC and does not publish explicit privacy or cookie policies, which are important for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is transparent and consistent with the business, supporting legitimacy. Overall, Discord.me presents a solid technical and business foundation with moderate security posture. Key areas for improvement include publishing comprehensive privacy and cookie policies, enhancing accessibility, and establishing a vulnerability disclosure process to strengthen trust and compliance.

Children of Kefentse is a niche fan community website dedicated to the game 'Twilight Sparkle's Secret Shipfic Folder' (TSSSF). It provides various community resources including news, forums, card generators, and databases to support players and fans. The site is small in scale and primarily serves as a hub for engagement and content sharing among enthusiasts. Technically, the website is built using standard web technologies including HTML5, CSS3, JavaScript, and the Foundation framework, hosted on DigitalOcean. It incorporates Google Analytics and Tag Manager for user tracking but lacks advanced SEO and accessibility features. Security-wise, the site uses HTTPS but does not implement DNSSEC or security headers, and lacks formal privacy or cookie policies, indicating room for improvement in compliance and security posture. Overall, the site is functional and trustworthy for its intended audience but would benefit from enhanced privacy and security measures.

P

Private by Design, LLC

shuga.co

0

Shuga.co is a personal portfolio website representing an individual named Shuga, who is a developer, graphic designer, and video editor. The site showcases various projects, blog posts, and social media presence, targeting developers and tech enthusiasts. The business model is primarily personal branding and open source project sharing, with a small-scale operation based in the US. The website is well-structured with good content quality and consistent branding. Technically, it uses standard web technologies including HTML5, CSS3, FontAwesome, and Google Fonts, hosted with Cloudflare DNS and registered via Porkbun. Performance and mobile optimization are good, though accessibility and SEO are basic. Security posture is moderate with HTTPS implied but lacks DNSSEC and security headers. Privacy compliance is minimal with a basic privacy policy but no cookie consent mechanism. Overall, the domain registration is consistent and trustworthy, with no suspicious patterns detected. The site is safe for general audiences with no adult or questionable content.

Perforce Software is a globally recognized enterprise software company specializing in DevOps solutions that accelerate software development lifecycles. Their offerings include version control, agile planning, static code analysis, and AI-powered DevOps intelligence, targeting large organizations across industries such as automotive, aerospace, healthcare, fintech, and gaming. The company positions itself as a trusted partner for mission-critical application development with a strong emphasis on security, compliance, and innovation. Technically, the website is built on Drupal 10, leveraging modern web technologies including Wistia for video content, Google Tag Manager and Analytics for tracking, and Sentry for error monitoring. The site is well-optimized for mobile devices, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Embedded videos and rich content enhance user engagement and demonstrate advanced marketing capabilities. From a security perspective, the site enforces HTTPS, implements multiple security headers, and maintains a dedicated Trust Center highlighting certifications such as ISO 27001. Incident response and vulnerability disclosure policies are publicly available, indicating a proactive security posture. No critical vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website reflects a high level of professionalism, trustworthiness, and compliance with privacy regulations including GDPR. The absence of WHOIS data is a minor concern but does not detract significantly from the site's legitimacy given the strong branding and operational transparency. Strategic recommendations include maintaining up-to-date third-party components, enhancing public incident response visibility, and continuing to promote AI governance and data privacy initiatives.

L

lisanne.gay

lisanne.gay

0

Lisanne.gay is a personal website operated by an individual developer named Lisanne, who identifies as they/she. The site serves as a portfolio showcasing their software and game development projects, including Godot games and web browsers. The website is small-scale and targets an audience interested in indie software and gaming projects. The domain was registered in 2022, consistent with the website's stated establishment date. The site links to various external developer platforms such as GitLab and itch.io, reinforcing its role as a personal project hub. Technically, the website is built with standard HTML, CSS, and JavaScript, hosted by Dynadot Inc. It uses HTTPS but lacks advanced security headers and DNSSEC, indicating room for improvement in security hardening. The site is moderately optimized for mobile and has basic accessibility and SEO features. No CMS or major frameworks are detected, suggesting a custom or lightweight static site. From a security perspective, the site has a basic posture with HTTPS enabled but no evident security policies, incident response contacts, or vulnerability disclosure mechanisms. No privacy or cookie policies are present, which may expose the site to compliance risks under GDPR or similar regulations. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website is a functional personal portfolio with good content quality but lacks formal security and privacy controls. Strategic improvements in security headers, policy disclosures, and contact information would enhance trust and compliance. The site is safe for general audiences with no adult or questionable content detected.

2

2a03.party

2a03.party

0

2a03.party is a niche community website dedicated to the Ricoh 2A03 processor used in the NES console. It serves primarily as an informational and community hub linking to related projects, social platforms, and enthusiasts. The site targets retro computing and gaming enthusiasts and operates as a small-scale community resource without commercial services or e-commerce. Technically, the site is simple, built with basic HTML and CSS, lacking advanced frameworks or CMS. It shows moderate performance and basic mobile optimization but lacks modern SEO and accessibility features. Security posture is weak due to absence of HTTPS confirmation, security headers, and no visible security policies or incident response contacts. Privacy compliance is minimal with no privacy or cookie policies present. Overall, the site is safe and trustworthy for general audiences but would benefit from improved security and privacy practices.

F

Homepage - flewkey

flewkey.com

0

The website flewkey.com is a personal portfolio and blog site operated by Ryan Fox, a computer programmer from Canada. The site features blog posts related to software and personal interests, as well as music tracks created by the owner. The business model is that of a personal brand and content sharing platform, targeting a general audience interested in technology and programming. The website is small in scale and was established in 2019, consistent with the domain registration data. The site is hosted via GoDaddy and uses basic HTML and CSS technologies without advanced frameworks or CMS platforms. From a technical perspective, the website is simple and functional but lacks modern enhancements such as security headers, analytics, or advanced SEO features. Mobile optimization and accessibility are basic but present. The site does not employ any tracking or advertising technologies, indicating a minimal digital footprint. Security posture is limited; the domain is registered with standard protections against unauthorized changes but lacks DNSSEC and security headers. No privacy or cookie policies are present, which impacts compliance with GDPR and other privacy regulations. No contact or incident response information is provided, limiting transparency and trust. Overall, the website is safe and appropriate for general audiences, with no adult or questionable content detected. The risk level is low given the personal nature of the site, but improvements in security and privacy compliance are recommended to enhance trust and professionalism.

D

Dimension

dimension.dev

0

Dimension is a modern SaaS collaboration platform designed for engineering teams, offering integrated chat, code exploration, deployments, issue tracking, and AI-accelerated workflows. The website positions Dimension as a new standard for collaboration, targeting software developers and engineering teams seeking an all-in-one developer experience. The platform integrates with popular tools and emphasizes productivity and seamless teamwork. Technically, the website is built using the Qwik framework and hosted on Vercel, leveraging modern web technologies such as lazy loading, SVG graphics, and responsive design. Performance and mobile optimization are strong, with a professional and consistent branding approach. Analytics are implemented via Vercel Analytics, with minimal user tracking. From a security perspective, the site uses HTTPS and shows no exposed sensitive data or vulnerable libraries. However, it lacks explicit security headers, published security policies, and incident response contacts. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. No vulnerability disclosure or security.txt files are present. Overall, Dimension presents a professional and trustworthy online presence with excellent content and technical implementation but should improve privacy compliance and security transparency to enhance trust and regulatory adherence.

I

Incard Ltd

incard.co

0

Incard Ltd operates a specialized financial platform tailored for ecommerce businesses, offering multi-currency business accounts, corporate Visa Platinum cards with cashback and rewards, expense management, accounting automation, and financial analytics. Positioned as a fintech innovator, Incard targets ecommerce entrepreneurs seeking streamlined financial operations and enhanced visibility into their cash flow and advertising spend. The company leverages partnerships with Currency Cloud, Visa, and TrueLayer to provide regulated payment and account information services, reinforcing its credibility in the financial sector. Technically, the website is built on a modern React and Next.js stack, hosted on Vercel, and integrates multiple analytics and marketing tools such as Google Tag Manager, Facebook Pixel, Hotjar, and Intercom. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a professional user experience. Security posture is strong with HTTPS enforcement, comprehensive security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is supported by detailed privacy and cookie policies, though an explicit cookie consent mechanism is not detected. WHOIS data is privacy protected, which is justified for a fintech company, though it limits direct registrant verification. Overall, Incard presents a trustworthy and professional digital presence with a solid foundation for ecommerce financial services.

C

c/side

cside.dev

0

c/side is a specialized cybersecurity company focused on monitoring, securing, and optimizing third-party client-side scripts to prevent data breaches and ensure PCI DSS compliance. Their market position is that of a niche provider addressing the risks posed by third-party scripts, including Magecart and supply chain attacks. The website demonstrates a professional and consistent brand presence, targeting ecommerce and web platform owners concerned with client-side security. Technically, the site is built on modern frameworks such as Next.js and React, integrating multiple analytics and marketing tools including HubSpot, Google Tag Manager, and Stripe for payments. Performance and mobile optimization are good, though accessibility features are basic. Security posture is solid with HTTPS enforced and error monitoring via Sentry, but lacks explicit security headers and published security policies. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms. No direct contact or incident response information is provided, which could impact trust and compliance. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

D

Discord Previews

discordpreviews.com

0

DiscordPreviews.com is a small niche informational website launched in 2022 that provides early looks at new Discord experiments, features, and changes. It targets Discord users and enthusiasts interested in staying ahead of platform updates. The site uses the modern Astro framework and is hosted via Cloudflare, ensuring good performance and mobile optimization. The technical infrastructure is modern and well-implemented, with HTTPS enforced and a Content-Security-Policy header present, though DNSSEC is not enabled. Security posture is solid but could be improved with additional headers and policies. The site lacks privacy, cookie, and terms of service policies, and no contact information is provided, which impacts compliance and business credibility scores.

B

Blackbaud

blackbaud.com

0

Blackbaud is a leading cloud software company specializing in solutions for nonprofits, education, CSR, and grantmaking. Their extensive product portfolio and market presence position them as a dominant player in the social good technology sector. The website reflects a mature digital presence with comprehensive content targeting nonprofit organizations, educational institutions, and corporate social responsibility programs. Technically, the site leverages modern web technologies including WordPress CMS, JavaScript frameworks, and advanced analytics and marketing tools such as Marketo, Tealium, and New Relic, ensuring a robust and performant user experience. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness, though transparency could be improved by publishing WHOIS data and security policies.

P

Pusher

pusherapp.com

0

Pusher is a well-established technology company specializing in realtime APIs and push notification services, targeting developers and enterprises that require scalable and reliable realtime communication features. The company operates under the parent company MessageBird, leveraging a strong market position and trusted by major global brands. The website demonstrates a high level of digital maturity with modern web technologies such as Gatsby and React, and integrates multiple analytics and marketing tools to optimize user engagement and performance. Security posture is solid with HTTPS and domain protections, though there is room for improvement in DNS security and published security policies. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, the website is professional, trustworthy, and well-optimized for its target audience.

E

EmailMeForm

emailmeform.com

0

EmailMeForm is a technology company providing secure online form and survey solutions that enable businesses to collect payments, customer data, registrations, event RSVPs, and leads. The website presents a professional and consistent brand image targeting businesses and organizations seeking customizable online forms. The technical infrastructure leverages modern JavaScript libraries and third-party services such as Intercom, Google Tag Manager, and CookieHub, indicating a mature digital presence. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks visible security headers and explicit privacy policy documentation. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and technology usage suggest legitimate operations. Overall, the site is safe for general audiences and demonstrates good design and user experience.

The website artsandculture.google.com/opengalleryinfo is a subdomain of Google LLC, serving as an informational page for the Google Arts & Culture Open Gallery tools. It provides users with links to mobile apps on Android and iOS platforms and invites cultural organizations to partner with Google. The site is professionally designed, consistent with Google's branding, and offers high-quality cultural content aggregated from over 2000 museums and archives worldwide. The platform positions itself as a leading digital cultural resource with a broad general audience. Technically, the site leverages modern web technologies including JavaScript and Google Analytics for user interaction tracking. It is hosted on Google's infrastructure, ensuring fast performance and reliable uptime. The site is mobile-optimized and accessible, though some accessibility features could be enhanced. SEO is basic but sufficient for the informational nature of the page. From a security perspective, the site uses HTTPS with excellent SSL configuration. However, explicit security headers such as Content Security Policy and HSTS are not detected on this page, and no cookie consent mechanism is present, which could be improved for compliance and security hardening. No forms or sensitive data collection points are present, reducing attack surface. The WHOIS data for the subdomain is not available, which is expected for a Google subdomain, and the domain is legitimate and trustworthy. Overall, the website demonstrates a strong business credibility and security posture with minor areas for improvement in privacy compliance and security headers. It is safe for general audiences and aligns with Google's standards for digital cultural content delivery.

D

Department of Home Affairs

customs.gov.au

0

The Department of Home Affairs is the Australian Government agency responsible for federal law enforcement, national security, immigration, border protection, emergency management, multicultural affairs, and settlement services. It holds a critical position in maintaining Australia's safety and security, serving a broad audience including residents, immigrants, and businesses. The website reflects a mature government digital presence with comprehensive information and services. Technically, the site is built on Microsoft SharePoint, leveraging modern web technologies and third-party tools like Google Tag Manager and Qualtrics for analytics and feedback. Security is robust with HTTPS, multi-factor authentication for user accounts, and appropriate security headers. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting strong privacy practices. Overall, the site demonstrates high professionalism, trustworthiness, and operational maturity.

D

Department of Home Affairs

border.gov.au

0

The Department of Home Affairs website serves as the official portal for Australia's federal law enforcement, national security, immigration, and emergency management functions. It provides comprehensive information and services related to immigration, border protection, national security, multicultural affairs, and settlement services. The site is well-positioned as a key government entity with a broad mandate to keep Australia safe and support its citizens and residents. Technically, the website is built on Microsoft SharePoint, leveraging modern web technologies including JavaScript frameworks and Google Tag Manager for analytics. The site demonstrates good digital maturity with mobile optimization, accessibility features, and a consistent branding strategy. Performance is moderate, typical for government portals with rich content. From a security perspective, the site employs HTTPS with strong SSL configurations and security headers. Multi-factor authentication is implemented for user accounts, enhancing security. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a strong commitment to user data protection. Overall, the website is a trustworthy, professional government resource with a high level of content quality and security posture. Strategic recommendations include enhancing incident response visibility, publishing a dedicated security policy, and establishing a vulnerability disclosure program to further strengthen security culture and transparency.

D

Department of Home Affairs

homeaffairs.gov.au

0

The Department of Home Affairs website serves as the official digital presence for Australia's federal government agency responsible for immigration, national security, border protection, and related public services. The site provides comprehensive information and services to Australian residents, immigrants, travelers, and businesses, positioning itself as a critical government resource. The content is well-organized, professionally presented, and includes links to subsidiary agencies and partner sites, reinforcing its authoritative role. Technically, the website is built on Microsoft SharePoint, leveraging modern web technologies including JavaScript frameworks, Google Tag Manager, and Qualtrics for analytics and user feedback. The site demonstrates good performance, mobile optimization, and accessibility features, supporting a broad user base. Security is robust with HTTPS enforcement, multi-factor authentication for user accounts, and secure form handling, though there is room for improvement in public security policy disclosures and vulnerability reporting. The security posture is strong, with appropriate security headers and no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. The domain is a legitimate Australian government domain with WHOIS data managed by the .au domain administrator, consistent with government domain registration practices. Overall, the website is a trustworthy, professional, and secure government portal. Strategic recommendations include enhancing incident response visibility, publishing a vulnerability disclosure policy, and continuous monitoring of third-party scripts to maintain security integrity.

The website deltarune.com serves as the official portal for the indie game DELTARUNE, created by Toby Fox. It provides information about the game available on multiple platforms including Nintendo Switch, PC/Mac, and PlayStation. The site offers direct links to purchase or download the game, soundtrack, and merchandise, targeting gamers and fans of the UNDERTALE series. The business model revolves around digital sales and merchandising with a strong niche market presence and a dedicated fanbase. Technically, the site is a modern, fast-loading static website using Bridgetown framework and Cloudflare DNS services, optimized for mobile and desktop with good SEO and accessibility features. Security posture is solid with HTTPS and domain transfer protections, though some improvements like DNSSEC and security headers could be made. Privacy compliance is basic with a privacy policy linked externally but lacks cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-maintained, reflecting a small but reputable indie game business.

O

OpenVK

ovk.to

0

OpenVK is a small-scale social networking platform designed to facilitate colleague and friend searches based on the VKontakte social network structure. It offers users the ability to find and reconnect with people from their past and present social circles, promoting ongoing communication and content sharing. The platform targets a general audience interested in social connections and community building. Technically, the website employs a modern technology stack including PHP 8.2, MySQL 8.0, React, and various JavaScript libraries such as jQuery and Leaflet for mapping. Analytics are handled via Piwik PRO with a cookie consent mechanism in place, indicating some attention to privacy compliance. However, the site lacks advanced security headers and explicit security or incident response policies, which could expose it to certain risks. Overall, the site is functional and moderately professional but would benefit from enhanced security and compliance measures.

N

Njalla Okta LLC

poridge.club

0

Poridge Club is a small technology-focused project offering a suite of privacy-centric and ethical internet services, including federated social networking, private email, voice communication, and video conferencing. The platform emphasizes free speech and user data protection, positioning itself as an alternative to mainstream corporate services. The website is primarily in Russian and targets users seeking privacy and freedom online. Technically, the site is built with standard web technologies and hosted on privacy-focused infrastructure provided by Njalla. While the site is well-structured and content-rich, it lacks some compliance features such as cookie consent and visible contact information. Security posture is moderate, with domain protections in place but missing DNSSEC and security headers. Overall, the site is trustworthy and legitimate but could improve in security and compliance aspects.

K

Kolektyw „Rada Języka Neutralnego”

zaimki.pl

0

Zaimki.pl is a Polish-language, community-driven educational platform focused on non-binary, gender-neutral, and inclusive language. It is managed by the queer collective "Rada Języka Neutralnego" and offers comprehensive resources including a pronoun compendium, blogs, and personal pronoun cards. The website enjoys a strong position within its niche, serving the LGBTQ+ community and allies with educational content and social engagement. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with good performance and mobile optimization. Security posture is solid with HTTPS and security headers, though DNSSEC is not enabled and formal security policies are not published. Privacy compliance is generally good, but the absence of a cookie consent mechanism is a notable gap. Overall, the site is trustworthy, professional, and well-maintained, with transparent WHOIS data and active community involvement.

L

Le collectif du « Conseil du Langage Neutre »

pronoms.fr

0

Pronoms.fr is a French-based, volunteer-driven, open-source project focused on promoting inclusive and non-binary language through examples of personal pronouns and neutral language usage. It offers users the ability to create and share personalized pronoun cards, supports multiple languages, and fosters community engagement through social media and a dedicated queer calendar. The project is positioned as a niche educational and social inclusion resource within the LGBTQ+ community and language activism space. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with integration of Shopify for e-commerce functionalities. It leverages Cloudflare for DNS and possibly CDN services, uses Google Fonts and Font Awesome for UI, and employs Plausible Analytics for privacy-respecting visitor tracking. The site is well-optimized for mobile devices, accessible, and SEO-friendly, reflecting a mature digital infrastructure for a small community project. From a security perspective, Pronoms.fr enforces HTTPS, implements key security headers, and avoids exposing sensitive data. However, it lacks a visible cookie consent mechanism and formal security or incident response policies, which are recommended for compliance and transparency. No vulnerabilities or suspicious activities were detected, indicating a strong security posture for its scale. Overall, Pronoms.fr presents a trustworthy, professional, and community-oriented platform with excellent content quality and technical implementation. Strategic improvements in privacy compliance and formal security documentation would further enhance its credibility and user trust.

R

Ráðið fyri nevtralt mál

fornovn.fo

0

fornøvn.fo is a community-driven, open-source platform dedicated to providing resources and information about non-binary and gender-neutral pronouns and language, primarily targeting the Faroese-speaking community. The project is managed by the collective 'Ráðið fyri nevtralt mál' and offers multilingual support through related domains. It serves as an educational and advocacy tool promoting freedom, respect, and inclusion in language use. The website features personal pronoun cards, a gender-neutral dictionary, cultural text sources, and community engagement tools.

K

Konsilio pri Neŭtrala Lingvo

pronomejo.net

0

Pronomejo.net is a volunteer-driven, open-source project dedicated to promoting gender-neutral and non-binary language through multilingual pronoun resources and personal pronoun cards. The project is positioned as a niche leader in inclusive language tools, targeting individuals interested in gender inclusivity, linguists, and the LGBTQ+ community. The website offers community engagement, terminology resources, and a public API, supported by a small but active team. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted with reputable DNS and registrar services, and integrates Shopify for merchandise. The site demonstrates good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security headers are not visible. Privacy compliance is generally good with a privacy policy and terms of service present, but lacks a cookie consent mechanism despite using analytics. Contact information is provided via multiple company emails and social media channels. Overall, the site is trustworthy, professional, and serves its community well.

C

Cooperativa “Consejo de Lenguaje Neutro”

pronombr.es

0

Pronombr.es is a community-driven cooperative project dedicated to promoting inclusive language and the correct use of personal pronouns. It offers educational resources, personalized pronoun cards, and fosters a supportive environment for the queer community and allies. The project is open source and supported by a small but active team, with a strong emphasis on respect, freedom, and inclusivity in language use. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, leveraging CDN services for performance and Shopify for merchandise sales. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is strong with HTTPS and public key cryptography, though it lacks some formal policies like a security.txt and cookie consent mechanisms. Overall, the site is trustworthy, professional, and serves a niche but important community function.

D

Das „Rat für neutrale Sprache“ Kollektiv

pronomen.net

0

Pronomen.net is a community-driven, multilingual platform dedicated to providing information and resources about non-binary and gender-neutral language, focusing on pronouns and inclusive communication. The website serves a niche audience interested in gender inclusivity and offers tools such as pronoun cards, cultural examples, and a queer calendar. It operates as a non-profit public source project supported by volunteers and offers merchandising to support its activities. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted with Cloudflare DNS and uses Shopify's Buy SDK for merchandising. The site is well-optimized for mobile and accessibility, with good SEO practices and fast performance. Security-wise, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and some security headers. Privacy compliance is good with a clear privacy policy and GDPR adherence, though no cookie consent mechanism is present despite using Plausible Analytics. Contact information is available via multiple company emails, and the project maintains an active presence on Mastodon, Bluesky, Discord, and GitLab. Overall, the site is trustworthy, professional, and serves its community well, though it could improve security headers and cookie consent to enhance compliance and security posture.

D

dyne.org foundation

dyne.org

0

Dyne.org foundation is a well-established non-profit digital community and free software foundry based in the Netherlands, active since 2000. The organization focuses on empowering artists, creatives, and citizens through free and open-source software, digital rights advocacy, and environmental sustainability. Their website reflects a strong community orientation with multiple projects and partnerships in the free software ecosystem. Technically, the site is built using modern static site generation (Astro) and employs script offloading techniques (Partytown) to optimize performance. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, Dyne.org demonstrates a credible and trustworthy presence with room for improvement in formal privacy and security disclosures.

D

Dyne.org foundation

dev-1.org

0

Devuan.org is the official website for Devuan GNU+Linux, a free and open source operating system forked from Debian that emphasizes freedom from systemd and promotes Init Freedom. The project is supported by the Dyne.org foundation, which acts as its fiscal sponsor and trademark holder. The website provides comprehensive information about Devuan releases, installation instructions, community resources, and development efforts. It targets Linux users, system administrators, and free software advocates who seek an alternative Linux distribution without systemd dependencies. The business model is community-driven and donation-supported, positioning Devuan as a niche player in the Linux distribution ecosystem focused on systemd-free environments.

D

Dyne.org foundation

dev-one.org

0

Devuan.org represents the official website for Devuan GNU+Linux, a free and open source operating system forked from Debian that emphasizes systemd-free environments and Init Freedom. The project is supported by the Dyne.org foundation, a non-profit organization acting as fiscal sponsor. The website provides comprehensive information about releases, installation, community, and development resources, targeting Linux users, system administrators, and free software advocates. The business model is community-driven and donation-supported, focusing on niche Linux distribution needs. Technically, the website is a simple, static HTML/CSS site with no client-side scripting or tracking technologies, reflecting a strong commitment to user privacy and minimalism. The site is mobile optimized with good navigation and SEO practices but lacks advanced frameworks or CMS platforms. Performance is moderate, consistent with a lightweight static site. From a security perspective, the site uses HTTPS (implied by the URL), but no explicit security headers were detected in the provided data. The absence of cookies and JavaScript reduces attack surface and tracking risks. However, the lack of privacy and cookie policies and missing WHOIS registration details reduce overall trust and compliance posture. No vulnerability disclosure or incident response information is provided. Overall, the website is trustworthy and professional for its niche audience but would benefit from improved transparency in domain registration, privacy compliance, and security best practices to enhance credibility and user trust.

S

Anders · Work smart, not hard

spirit55555.dk

0

The website spirit55555.dk is a personal professional portfolio for Anders G. Jørgensen, a technology professional based in Copenhagen, Denmark, working at One.com. The site highlights his personal projects related to Minecraft server tools and provides contact information and social media links. The business model is personal branding and showcasing technical expertise. The site is small scale and targets a general audience interested in technology and gaming tools. Technically, the website uses modern frontend technologies including Bootstrap and FontAwesome delivered via CDN, hosted on One.com. The site is mobile optimized with a clean and consistent design, though accessibility and SEO optimizations are basic. No CMS or analytics tools are detected, indicating a lightweight and privacy-conscious setup. From a security perspective, the site lacks several best practices such as DNSSEC, security headers, and privacy or cookie policies. No incident response or vulnerability disclosure information is provided. The domain is well established since 2007, registered with a reputable registrar, and consistent with the website content, indicating legitimacy. No WAF or blocking mechanisms are detected. Overall, the site is safe and professional but could improve its security posture and privacy compliance. The risk level is low given the limited data collection and personal nature of the site. Strategic improvements in security headers, privacy policies, and DNS security would enhance trust and compliance.

O

@otomir23

otomir23.me

0

The website otomir23.me is a personal portfolio site for an individual named Damir, featuring links to various social media and gaming profiles. The site is currently under development and contains minimal content, primarily serving as a placeholder and personal branding platform. The domain is registered through Cloudflare with a creation date in early 2022, consistent with the site's developmental status. Technically, the site uses modern technologies such as Astro and JavaScript, hosted and protected by Cloudflare with HTTPS enabled, ensuring a secure connection. However, the absence of DNSSEC and security headers indicates room for improvement in security hardening. From a security perspective, the site shows basic good practices like HTTPS and domain transfer protection but lacks formal privacy, cookie, or security policies, and no contact or incident response information is provided. Analytics are limited to Cloudflare Insights with minimal tracking, and no advertising or affiliate marketing is present. Overall, the site is safe, with no adult or explicit content, targeting a general audience. The risk level is low but could be improved by adding compliance documentation and enhancing security headers.

Web1.0 Hosting inc operates a niche static web hosting service focused on supporting retro computing devices and the smallweb movement. The company offers free and paid hosting plans, community features such as forums, IRC, and chat, and tools like a website builder (HamsterCMS). Their market position is specialized, targeting enthusiasts and developers interested in minimalist and legacy web technologies. The business model relies on free hosting with community incentives and donations, emphasizing simplicity and independence. Technically, the website uses classic web technologies including HTML4.01 Transitional, CSS, JavaScript, and server-side includes. It supports IPv4 and IPv6 and integrates with decentralized networks like Yggdrasil. The infrastructure includes FTP/FTPS and VPN-based home hosting options. While the site is functional and accessible, it lacks modern security enhancements such as HTTPS enforcement and security headers, and the design is basic with limited mobile optimization. From a security perspective, the site demonstrates good privacy practices by not using cookies and hashing IP addresses. It has an abuse policy and daily backups, but lacks explicit security policies and vulnerability disclosure mechanisms. The absence of HTTPS enforcement and security headers, along with dynamic form action setting without validation, present moderate security risks. WHOIS data is missing, which raises concerns about domain legitimacy and trust. Overall, the website is moderately trustworthy and functional but would benefit from improved security measures, clearer domain registration information, and enhanced technical modernization. Strategic recommendations include implementing HTTPS with HSTS, adding security headers, validating form inputs, publishing security policies, and clarifying domain registration status to improve trust and compliance.

K

kiffaknife

kiffaknife.space

0

The website kiffaknife.space is a personal creative portfolio and blog belonging to an individual named Kifa, a student from a small Siberian town with interests in music, drawing, and sewing. The site serves as a hub for personal projects, blog posts, and social media links, targeting a general audience interested in creative content. The business model is non-commercial and focused on personal expression rather than monetization or professional services. Technically, the site is a simple static HTML page with basic CSS and JavaScript for dynamic time display. There is no evidence of a CMS or advanced frameworks. The site lacks modern SEO optimization, accessibility features, and mobile responsiveness is basic. No analytics or advertising technologies are detected, indicating minimal data collection and tracking. From a security perspective, the site does not appear to use HTTPS or security headers, which is a significant risk for user data protection and trust. There are no privacy or cookie policies, nor any incident response or vulnerability disclosure mechanisms. The domain is privacy protected, which is reasonable for a personal site, and no suspicious WHOIS patterns are detected. Overall, the security posture is weak and should be improved to protect visitors and enhance credibility. The overall risk is low given the non-commercial nature and limited data collection, but the lack of HTTPS and security best practices could expose visitors to risks. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, improving security headers, and enhancing technical SEO and accessibility to improve user experience and trust.

K

Kweak.org - Main

kweak.org

0

Kweak.org is a personal website operated by an individual known as Shakalitsa. The site hosts a variety of content including file storage, media such as music and videos, software downloads for Android and Windows, pictures, Minecraft skins, and community features like a guest book and blog. The website targets general internet users interested in personal and miscellaneous content sharing. The business model is non-commercial and primarily serves as a personal project or hobby site. The domain is relatively new, registered in late 2022, and uses privacy protection services, which is consistent with the nature of the site. Technically, the website uses standard HTML, CSS, and JavaScript with Cloudflare DNS services and NameCheap as the registrar. The site is moderately optimized with basic mobile responsiveness and accessibility. No advanced frameworks or CMS platforms are detected. Performance is moderate with no significant technical issues noted. However, the site lacks modern security headers and DNSSEC is not enabled, which could be improved. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. There are no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, security headers, and contact information reduces the overall security posture and compliance level. No incident response or vulnerability disclosure information is provided. The site does not use analytics or tracking technologies, which limits privacy concerns but also reduces business intelligence capabilities. Overall, the website is a small-scale personal project with basic technical and security implementations. It is safe for general audiences with no adult or explicit content. Strategic recommendations include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing contact and incident response information to improve trust and compliance.

M

motionarium.

motionarium.top

0

The website motionarium.top is a personal hobby portfolio site created by an individual named Брокля from Russia, focusing on UI/UX design and website layout as a hobby. The site showcases various versions of personal projects and links to social media and code repositories. It is a small-scale, non-commercial site with no evident business operations or commercial intent. Technically, the site is a simple static HTML/CSS/JavaScript implementation hosted with DNS services via Cloudflare and registered through Dynadot LLC with privacy protection. The site lacks advanced frameworks or CMS and shows basic mobile optimization and accessibility. No analytics or advertising technologies are detected, indicating minimal tracking and data collection. From a security perspective, the site does not present advanced security features such as security headers or DNSSEC, and no privacy or cookie policies are provided. The domain is privacy protected, which is appropriate for a personal hobby site. No vulnerabilities or malicious content are detected, but the security posture is basic. Overall, the site is safe and functional as a personal portfolio but lacks professional business and compliance features. Strategic recommendations include adding privacy and cookie policies, improving security headers and HTTPS enforcement, and providing contact information to enhance trust and compliance.