Security Directory

B

byeoon

byeoon.dev

0

The website byeoon.dev is a personal portfolio site for an individual programmer named byeoon. The site showcases the developer's skills in software, web, and backend/fullstack development, along with personal projects and social media links. The target audience is general users interested in the developer's work and projects. The business model is primarily personal branding and project sharing without commercial transactions. The site positions itself as a small-scale personal developer portfolio within the technology industry. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and popular libraries such as jQuery, particles.js, and moment-timezone. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Hosting and CMS details are not explicitly provided. Navigation is handled via JavaScript with hash-based menu changes. From a security perspective, the site lacks explicit security headers and privacy or cookie policies, which reduces its compliance posture. No forms or sensitive data collection mechanisms are present, reducing attack surface. The site uses HTTPS (assumed from URL) but SSL configuration details are unknown. No vulnerability disclosures or incident response contacts are provided. The domain uses privacy protection for WHOIS data, which is typical for personal sites. Overall, the site is safe, professional, and trustworthy as a personal developer portfolio. However, it would benefit from adding privacy and cookie policies, security headers, and improving accessibility and SEO. The risk level is low given the nature of the site and lack of sensitive data collection. Strategic recommendations include enhancing security posture and compliance documentation to improve trust and professionalism.

A

Alula

alula.me

0

The website alula.me is a personal site representing an individual known as Alula, who is interested in programming and reverse engineering. The site serves primarily as a personal landing page with links to social media profiles and a personal avatar image. It is built using modern web technologies such as React and Next.js and is hosted on Cloudflare, ensuring good performance and security at the infrastructure level. The site lacks formal business information, privacy policies, or contact details, indicating it is not a commercial or corporate entity but rather a hobbyist or personal brand presence. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced security headers and compliance documentation. Overall, the site is safe, minimalistic, and functional for its intended purpose but would benefit from improved privacy and security disclosures.

ALTGO is a small community-focused organization providing support groups, local resources, legal help, and trans boxes for transgender and gender diverse individuals in Alabama. The website serves as an informational hub with a clear focus on the local transgender community. The technical infrastructure is minimal, relying on static HTML and CSS hosted on NearlyFreeSpeech.net, with no detected CMS or advanced frameworks. The site is accessible and moderately optimized for mobile devices but lacks advanced SEO and accessibility features. Security posture is basic, with no security headers or DNSSEC enabled, and no privacy or cookie policies published. The domain registration is consistent with the organization's stated purpose and geographic focus, indicating legitimacy. Overall, the site is functional but would benefit from enhanced security and compliance measures.

The Alabama Transgender Rights Action Coalition (ALTRAC) is a small non-profit advocacy organization focused on protecting and advancing transgender rights within Alabama. Their website serves as an informational hub providing legislative updates, community mobilization opportunities, and ways to engage with local advocacy efforts. The organization targets transgender individuals and allies in Alabama, positioning itself as a regional advocacy group with a clear mission and community focus. Technically, the website is built using standard web technologies including HTML, CSS, and JavaScript, hosted likely via Porkbun LLC based on registrar and nameserver data. The site is moderately optimized for mobile devices and SEO, with a clean and consistent design. However, there is no evidence of a CMS or advanced frameworks, indicating a relatively simple technical infrastructure. From a security perspective, the site lacks several best practices such as DNSSEC, security headers, and explicit SSL/TLS configuration details. No privacy or cookie policies are present, which impacts compliance with GDPR and other privacy regulations. The domain registration uses privacy protection, which is justified given the organization's advocacy nature. No critical vulnerabilities or suspicious patterns were detected, but improvements are recommended to enhance security posture and privacy compliance. Overall, the website is functional, trustworthy, and relevant to its audience but would benefit from enhanced security measures and formalized privacy documentation to improve compliance and user trust.

LavaTech operates a public XMPP server under the domain a3.pm, providing a compliant and moderated messaging platform with features such as multi-user chat, OMEMO encryption, and audio/video call support. The service targets XMPP users seeking a reliable and privacy-conscious communication server. The business model is based on free public access with controlled registration to maintain moderation and service quality. The domain is stable and appropriately aged, supporting the legitimacy of the service. Technically, the website uses ejabberd 23.04 as the XMPP server software and Cloudflare for DNS services, indicating a modern and reliable infrastructure. The presence of converse.js allows browser-based chat access. However, the website's technical implementation is basic with limited SEO, accessibility, and mobile optimization features. No CMS or advanced frameworks are detected. From a security perspective, the site demonstrates good practices such as disabling in-band registration to reduce abuse and providing clear contact channels for complaints and support. However, it lacks formal security policies, vulnerability disclosure mechanisms, and explicit security headers, which are areas for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and serves a niche community effectively but would benefit from enhanced security and privacy documentation, improved technical features, and formalized policies to strengthen compliance and user trust.

H

HexBrain

hexbrain.com

0

HexBrain is a small, specialized web development agency based in Ukraine, founded in 2013. The company focuses on Magento e-commerce development and custom PHP programming, offering a comprehensive range of services including consulting, web design, project management, and system administration. Their market position is strengthened by multiple Magento and Zend certifications and active participation in industry conferences such as Meet Magento. The website content is professional and well-structured, targeting businesses seeking tailored e-commerce solutions. Technically, the website is built on GravCMS using the Foundation framework and jQuery, with Google Analytics integrated for user tracking. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Hosting appears to be managed via NameCheap, consistent with the domain registrar information. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and DNSSEC is not enabled, representing areas for improvement. No privacy or cookie policies are published, indicating compliance gaps with GDPR and related regulations. Incident response and vulnerability disclosure mechanisms are absent, which could impact trust and security readiness. Overall, HexBrain presents a credible and professional online presence with solid business credibility and technical implementation. To enhance security posture and regulatory compliance, the company should implement privacy and cookie policies, add security headers, enable DNSSEC, and consider publishing security and incident response information.

T

Tim O'Brien

t413.com

0

The website t413.com is a niche platform dedicated to providing free and community-driven 3D designs for FPV drones and accessories. It targets hobbyists and makers interested in 3D printing and FPV technology. The site has been operational since 2005, indicating a stable presence in its niche. The business model revolves around sharing designs and encouraging donations to support ongoing projects. Technically, the site uses standard web technologies with a custom or lightweight CMS and is hosted on a solar-powered infrastructure, reflecting a sustainable approach. Security posture is basic with HTTPS enabled but lacking advanced security headers and policies. Privacy and compliance documentation are absent, which is a gap for GDPR and general privacy best practices. Overall, the site is functional, safe, and trustworthy for its audience but would benefit from enhanced security and compliance measures.

SankeyMATIC is a niche online tool focused on enabling users to create Sankey diagrams easily and visually. It targets a broad audience including analysts, educators, and anyone interested in visualizing flow data such as budgets, elections, or financial results. The website is small-scale, independently produced by Steve Bogart, and offers free access without requiring user registration. The business model relies on voluntary contributions and advertising revenue via Google AdSense. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and the D3.js library for rendering diagrams. Hosting is provided by pair Networks, Inc. The site is moderately optimized for performance and mobile use, with good SEO practices and basic accessibility features. The source code is openly available on GitHub, enhancing transparency and trust. From a security perspective, the site uses HTTPS but lacks advanced security headers and DNSSEC is not enabled, which could be improved. No forms or user data collection mechanisms are present, reducing attack surface. Privacy compliance is basic with a privacy policy present but no cookie consent or GDPR-specific statements. No incident response or vulnerability disclosure policies are published. Overall, SankeyMATIC presents a trustworthy and professional web presence with a clear focus on its specialized service. Security and privacy practices could be enhanced to align with modern standards, and adding contact information and terms of service would improve business credibility and compliance.

P

Privacy service provided by Withheld for Privacy ehf

lgbt.io

0

LGBT.io operates as a niche Mastodon social media instance dedicated to serving the LGBT+ community and allies. It provides decentralized social networking services leveraging the open-source Mastodon platform, fostering a moderated and inclusive environment. The platform is community-supported financially via Patreon, LiberaPay, and PayPal, indicating a patronage business model. The website content is well-structured, with clear code of conduct and active moderation staff, reinforcing its community focus and trustworthiness. Technically, the site uses a modern tech stack based on Mastodon with React and JavaScript, hosted likely via Spaceship, Inc. and Bunny.net CDN. The site is mobile-optimized and performs moderately well, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. However, some security best practices such as DNSSEC and security headers are missing, and no cookie consent mechanism is present. From a security perspective, the site enforces HTTPS and has domain transfer protections. Content moderation policies are comprehensive, disallowing illegal and explicit content, which enhances safety. However, the absence of published security policies, incident response contacts, and cookie consent reduces compliance maturity. The WHOIS data shows privacy protection, which is justified given the community nature of the service, and the domain age supports legitimacy. Overall, LGBT.io presents a trustworthy, community-oriented social media platform with good technical foundations but could improve in privacy compliance and security transparency. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security and incident response policies, and implementing cookie consent to enhance compliance and user trust.

Mutant Standard is a small creative project focused on delivering an experimental emoji set with diverse and inclusive themes such as LGBT, queer, furry, and cyberpunk. The website serves as a distribution and demo platform for these emoji assets, targeting niche communities interested in alternative emoji representations. The business operates independently with no visible parent or subsidiary companies and maintains a consistent brand identity centered around creativity and inclusivity. Technically, the website is built with standard modern web technologies including HTML5, CSS3, SVG, and optimized image formats like WebP. It is mobile responsive and offers a good user experience with clear navigation. However, the site lacks advanced frameworks or CMS platforms and does not implement common security headers or analytics tools, indicating a lightweight and minimalistic technical infrastructure. From a security perspective, the site uses HTTPS (implied by domain registrar and modern web standards) but lacks explicit security headers and privacy policies, which reduces its compliance posture. No forms or data collection mechanisms are present, minimizing attack surface but also limiting user engagement features. The domain is privacy protected but legitimate, with a registration date consistent with the business age. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is a niche, well-designed creative project with moderate technical maturity and limited security controls. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and security posture.

S

Shilaan Alzahawi

shilaan.com

0

The website www.shilaan.com serves as the personal academic portfolio of Dr. Shilaan Alzahawi, an Assistant Professor of Management at Texas A&M University. It provides a professional platform showcasing academic posts, talks, and a downloadable CV, targeting academics and researchers in organizational behavior and data science. The site is well-structured, visually consistent, and optimized for mobile devices, reflecting a high level of digital maturity. Technically, it leverages modern web technologies including Hugo with the Wowchemy theme, Bootstrap, and various JavaScript libraries, hosted likely on Netlify, ensuring fast performance and good accessibility. Security posture is solid with HTTPS enforced and no exposed sensitive data, though it lacks some recommended security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, but the professional content and verified external links mitigate some risk. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced compliance and security documentation.

W

Weecology

weecology.org

0

Weecology is an interdisciplinary ecology and environmental data science research group affiliated with the University of Florida. The group combines fieldwork and computational methods to study ecological systems, publish open datasets, develop open source software, and train scientists. Their website reflects a professional academic presence targeting researchers and students in ecology and environmental science. Technically, the site is built using modern static site generation (Hugo) and hosted on Netlify, employing contemporary libraries such as Leaflet and Fuse.js for enhanced user experience. The site loads quickly, is mobile optimized, and includes privacy-respecting analytics via Plausible. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and formal privacy/cookie policies indicates room for improvement. WHOIS data is unavailable due to privacy protection, which is typical and justified for academic groups. Overall, the site is trustworthy, professional, and safe for general audiences.

L

Learning on Graphs Conference

logconference.org

0

The Learning on Graphs Conference is an academic event focused on machine learning on graphs and geometry, with a strong emphasis on review quality and community engagement. Founded in 2022, it has quickly established itself as a niche conference with reputable academic leadership and a clear annual schedule, transitioning to an in-person format in 2025 at Arizona State University. The website serves as the primary information hub, providing details on organizers, calls for papers and sponsors, past events, and contact avenues. Technically, the website is built using modern static site generation tools (Wowchemy on Hugo) and leverages CDN-hosted libraries for performance and responsiveness. It is hosted on GitHub Pages with additional Netlify identity integration. The site is well-optimized for mobile and accessibility, with good SEO practices and fast loading times. However, it lacks some security headers and DNSSEC is not enabled on the domain. Security posture is moderate with HTTPS usage and secure form handling via Formspree with recaptcha, but the absence of privacy and cookie policies is a compliance gap. No incident response or vulnerability disclosure information is provided. The domain registration is transparent and consistent with the conference's academic nature, enhancing trust. Overall, the website is professional, trustworthy, and serves its academic audience well, but could improve in privacy compliance and security best practices to enhance user trust and regulatory adherence.

C

CAI4CAI Research Group

cai4cai.ml

0

CAI4CAI is an academic research group embedded within King's College London, focusing on contextual artificial intelligence for computer-assisted interventions in healthcare. The group specializes in surgical assistance, machine learning, medical imaging, and translational research with strong industry collaborations and open research culture. Their website reflects a professional academic presence with detailed information on projects, team members, publications, and open positions.

H

Hugo Blox

hugoblox.com

0

Hugo Blox is an open source, no-code website builder platform launched in 2023, targeting technical creators, researchers, and marketers who want to build websites, landing pages, and online courses with ease and flexibility. Positioned as the best open source website builder for 2024, it boasts a strong community with over 250,000 users and 10,000+ GitHub stars. The platform emphasizes privacy, ownership of content, and ease of use without coding knowledge. Technically, the website leverages modern frameworks such as Hugo, Astro, and Tailwind CSS, hosted with Cloudflare DNS and CDN services, and integrates popular analytics and advertising tools like Google Analytics and Bing Ads. Security posture is good with HTTPS and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Overall, the site is professional, trustworthy, and technically sound but should improve privacy disclosures and security policies to enhance compliance and user trust.

D

Dyne.org foundation

devuan.org

0

Devuan.org represents the official website for Devuan GNU+Linux, a free and open source operating system forked from Debian without systemd. The project emphasizes user freedom, system control, and avoidance of systemd entanglement, targeting Linux users and free software advocates. The website is maintained under the Dyne.org foundation, which acts as the fiscal sponsor. The site provides information about releases, installation, community, and development, with a donation-based funding model. Technically, the website is simple, using clean HTML and CSS without JavaScript or cookies, enhancing privacy but lacking advanced security headers and policies. The WHOIS data is unavailable, which limits domain trust verification, but the website content and branding are consistent and professional. Security posture is moderate with room for improvement in headers and policy disclosures. Overall, the site is trustworthy, privacy-conscious, and focused on a niche Linux distribution community.

The website onenetbeyond.org is currently inaccessible or blocked, presenting only a minimal placeholder page with the message: 'You have reached this page because your request could not be properly identified.' This prevents any meaningful extraction of business or service information from the site itself. The domain is registered to Associazione AI ODV, a French organization, with a long registration history dating back to 2005, indicating an established entity. However, the lack of accessible content and absence of privacy, cookie, or contact information significantly limit the ability to assess the business model or market position. From a technical perspective, no information about the technology stack, CMS, or hosting beyond the nameservers is available. The site appears to be hosted on servers related to investici.org. No security headers or SSL configuration details were provided, and no analytics or tracking technologies were detected. The minimal content and lack of metadata suggest poor SEO and user experience. Security posture evaluation is constrained by the lack of accessible content and technical data. No privacy policies, incident response contacts, or security frameworks are evident. The domain registration data is consistent and legitimate, but the absence of website content and security best practices lowers the overall trust and security score. The site is likely behind a generic blocking mechanism or misconfigured server, resulting in a low AI score and high risk for users seeking information. Overall, the website requires significant improvements in accessibility, content provision, security policies, and compliance documentation to be considered trustworthy and professional.

P

Pronouns.page

pronouns.page

0

Pronouns.page is a specialized educational platform providing usage examples of personal pronouns and promoting gender neutral language. It serves a general audience interested in linguistics and inclusivity, offering multilingual support through various language-specific subdomains. The website is positioned as a niche resource with a focus on accessibility and educational content rather than commercial services. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, hosted on Cloudflare infrastructure with CDN support, ensuring good performance and mobile optimization. The use of privacy-conscious analytics tools like Plausible and error monitoring via Sentry indicates a mature approach to technical operations. Security posture is strong with HTTPS enforcement and standard security headers, though the absence of explicit privacy and cookie policies suggests room for improvement in compliance. Overall, the site is trustworthy and professional but would benefit from enhanced transparency and formal policies to strengthen user trust and regulatory adherence.

A

Anders G. Jørgensen

mcsrvstat.us

0

Minecraft Server Status is a niche technology service providing quick and reliable information about Minecraft servers, supporting both Java and Bedrock editions. The website is operated by Anders G. Jørgensen, based in Denmark, with a domain registered since 2015, indicating a stable and mature service. The business model is ad-free and supported by donations, targeting Minecraft players and server administrators seeking server status information and API access. Technically, the website uses modern frontend technologies including Bootstrap 5 and Cloudflare for DNS and CDN services, ensuring good performance, mobile optimization, and accessibility. The site is well-structured with clear navigation and a professional design, although it lacks some compliance documentation such as privacy and cookie policies. From a security perspective, the domain benefits from Cloudflare's infrastructure and has domain transfer protections enabled. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. There is no published incident response or vulnerability disclosure information, which could be improved to enhance trust and compliance. Overall, the website is functional, trustworthy, and well-positioned within its niche but would benefit from enhanced privacy compliance, security headers, and contact transparency to improve its security posture and user trust.

LavaTech is a small technology company specializing in innovative cloud services branded as "Friend Cloud," which blends public and private cloud features. Their offerings include open source image hosting, uptime tracking, Linux distribution mirrors, XMPP communication services, DNS solutions for gaming consoles, and a premium-featured password manager. The company targets technology enthusiasts, open source communities, and gamers, positioning itself as a niche provider with a community-driven approach. The website content is basic but functional, with some services currently down due to infrastructure issues. Technically, the website is a simple static HTML/CSS site using Google Fonts and hosted behind Cloudflare DNS and CDN services. The site lacks advanced frameworks or CMS platforms and shows moderate performance and basic mobile optimization. SEO and accessibility features are minimal. Security posture is moderate with domain transfer protections and Cloudflare usage but lacks DNSSEC, security headers, and published security policies. Privacy compliance is weak, with no privacy or cookie policies found on the site. Security-wise, the site shows no critical vulnerabilities but would benefit from enabling DNSSEC, adding security headers, and publishing incident response information. The absence of privacy and cookie policies and lack of GDPR compliance indicators are notable gaps. Contact information is limited to email and Discord, with no phone or physical address provided. Overall, LavaTech presents as a legitimate small tech service provider with a niche market focus but with room for improvement in security, privacy compliance, and website professionalism. Strategic recommendations include enhancing security controls, publishing privacy and security policies, and improving technical and content quality to build greater trust and compliance.

F

Home

fleepy.tv

0

The website fleepy.tv is a personal site belonging to an individual named Marisa/Chen, who identifies as she/they. The site focuses on their passions including music production, software development, and technology experimentation. It serves as a hub linking to various social media and content platforms such as Bandcamp, Ko-Fi, Twitch, GitHub, and others. The site is small-scale, hobbyist in nature, and targets a general audience interested in creative and technical content. The domain is registered with Cloudflare since 2019, indicating a stable and consistent online presence. From a technical perspective, the site uses standard web technologies including HTML, CSS, and JavaScript, with some custom scripts like Oneko.js for interactive elements and Plausible Analytics for privacy-focused user tracking. Hosting is via Cloudflare, providing good SSL/TLS security, though DNSSEC is not enabled. The site is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Security posture is adequate with HTTPS enforced and domain transfer protection enabled. However, the absence of DNSSEC, security headers, and formal privacy or cookie policies indicates room for improvement in security and compliance. No forms or sensitive data collection mechanisms are present, reducing risk exposure. The WHOIS data aligns well with the website content, showing no suspicious patterns and a legitimate registration. Overall, the site is a well-maintained personal project with moderate technical maturity and a safe content profile. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing incident response or vulnerability disclosure information to enhance trust and compliance.

The website mariomasta64.me is a personal or hobbyist platform primarily focused on hosting various downloadable resources and information related to gaming consoles, software hacks, and miscellaneous technology content. It targets a niche audience of technology enthusiasts and gamers interested in console hacking and software tools. The site is modest in scale and does not present itself as a commercial business. Technically, the site uses basic HTML and CSS with JSON-LD structured data for social media links and site structure. It is hosted with NameCheap as registrar and uses Cloudflare for DNS services, but lacks DNSSEC and no HTTPS status was confirmed from the data provided. Security posture is minimal with no evident security headers or privacy policies, and no forms or data collection mechanisms are present. The site is accessible without WAF or blocking mechanisms. Overall, the site is functional but basic, with limited privacy and security compliance. Strategic improvements in HTTPS implementation, security headers, and privacy policies would enhance trust and compliance.

P

Private by Design, LLC

250kb.club

0

The 250kb Club is a niche community-driven platform dedicated to promoting web pages that maintain a compressed size under 256KB, emphasizing performance, efficiency, accessibility, and sustainability. Founded in 2020 and operated by Private by Design, LLC, the website serves web developers and site owners who prioritize lightweight and performant web experiences. The platform offers a curated list of qualifying websites, technical analysis using Phantomas, and open source transparency through GitHub and Sourcehut repositories. Technically, the site is built with standard HTML, CSS, and JavaScript, with minimal external dependencies, and uses GoatCounter for privacy-conscious analytics. The hosting and domain registration are consistent and reputable, with Porkbun as the registrar and US-based ownership. Security posture is adequate with HTTPS enabled and domain status locks, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is limited due to the absence of privacy and cookie policies, representing a compliance gap. Overall, the site is trustworthy, well-maintained, and serves a clear community purpose with good technical and business credibility.

S

Serenity Laboratories

deadinsi.de

0

Serenity Laboratories operates the deadinsi.de Mastodon instance, providing a decentralized social networking platform emphasizing privacy, no ads, and ethical design. The platform targets general users interested in federated social media and positions itself as an independent Mastodon server within the fediverse. The website is technically modern, leveraging Mastodon version 4.4.2+slis, React, and JavaScript, hosted on DigitalOcean infrastructure. The site is accessible, mobile-optimized, and presents a professional user experience with clear navigation and branding consistency. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is partial, with a privacy policy present but no cookie consent or terms of service published. Overall, the site is trustworthy and safe for general audiences.

S

saursvepur

saursvepur.xyz

0

The website saursvepur.xyz is a personal portfolio and content platform for an individual named Slava, a 23-year-old streamer, musician, and IT enthusiast from Russia. The site showcases personal projects, music tracks, and social media links, targeting a general audience interested in streaming and music content. The domain is relatively new, registered in early 2023, and uses privacy protection common for personal sites. Technically, the site uses modern web technologies including custom WebGL shaders for visual effects, but lacks advanced frameworks or CMS. Performance and mobile optimization are moderate, with basic accessibility and SEO features. Security posture is weak due to absence of HTTPS enforcement details, security headers, and privacy policies. No forms or data collection mechanisms are present, reducing attack surface but also limiting user interaction. Overall, the site is functional and visually appealing but requires improvements in security and compliance to enhance trust and professionalism.

S

Silver4ok "Cheat Engine" Olo4eka

pastcard.su

0

Pastcard.su is a personal blog operated by Silver4ok "Cheat Engine" Olo4eka, focusing on gaming, personal stories, and music content primarily for a Russian-speaking audience. The site is built using the Hugo static site generator and hosted by BEGET-SU, with a domain registered recently in December 2024. The blog features regular posts with a moderate level of content quality and user engagement through social media links. Technically, the site is moderately optimized with basic mobile responsiveness and SEO, but lacks advanced security headers and privacy compliance mechanisms. No privacy or cookie policies are present, and no direct contact information is provided, which limits business credibility and privacy compliance. Security posture is basic, with no detected vulnerabilities but also no advanced protections. Overall, the site is safe for general audiences and does not contain adult or explicit content.

L

Lgrn Arts

lgrn-arts.ch

0

Lgrn Arts is an independent artist and character project founder presenting a portfolio of artworks and community links. The website serves as a personal creative hub with a niche audience interested in art and digital creativity. The business model is primarily portfolio and community engagement without commercial transactions or formal business operations. Technically, the site uses standard HTML, CSS, and JavaScript with Cloudflare for CDN and analytics, offering moderate performance and basic mobile optimization. Security posture is moderate with HTTPS implied but lacks explicit security headers and formal policies. Privacy compliance is minimal with no privacy or cookie policies and no contact information provided. Overall, the site is legitimate and safe but would benefit from improved compliance and security practices.

A

Australian Border Force

abf.gov.au

0

The Australian Border Force (ABF) website serves as the official government portal for Australia's border protection and customs enforcement agency under the Department of Home Affairs. The site provides comprehensive information and services related to border security, trade facilitation, immigration detention, and licensing. It targets a broad audience including travelers, importers, exporters, customs brokers, and the general public. The ABF maintains a strong market position as a national government authority with a clear mission to protect Australia's borders and enable legitimate travel and trade. Technically, the website is built on Microsoft SharePoint, leveraging modern JavaScript libraries and Google Tag Manager for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Security posture is robust with enforced HTTPS and standard security headers, though explicit Content-Security-Policy headers and vulnerability disclosure mechanisms are absent. Privacy policies are comprehensive but lack explicit cookie consent mechanisms. Overall, the ABF website is professional, trustworthy, and well-maintained, reflecting its role as a government entity. The absence of WHOIS data is consistent with Australian government domain privacy policies and does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving privacy consent mechanisms to further strengthen trust and compliance.

T

The Irrawaddy

irrawaddy.com

0

The Irrawaddy is a professional news media organization focused on delivering news and analysis about Myanmar and Southeast Asia. The website offers a variety of content including news articles, opinion columns, interviews, and video reports, positioning itself as a regional leader in its niche. The digital infrastructure is built on WordPress with popular plugins such as Elementor and Yoast SEO, indicating a modern and maintainable platform. The site integrates Google Adsense for monetization and Google Tag Manager for analytics, reflecting standard digital marketing practices. Security posture is adequate with HTTPS enabled and secure form handling, but lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, although the active and professional nature of the website mitigates this to some extent. Overall, the site is functional, content-rich, and moderately secure but would benefit from enhanced privacy compliance and security best practices.

C

Cincinnati Art Museum

cincinnatiartmuseum.org

0

The Cincinnati Art Museum is a well-established non-profit cultural institution founded in 1881, located in Cincinnati, Ohio. It offers a diverse and encyclopedic art collection with over 73,000 works spanning 6,000 years, complemented by exhibitions, educational programs, community outreach, and event hosting. The museum targets a broad audience including families, educators, art enthusiasts, and the general public. Its business model relies on free general admission, paid exhibition tickets, memberships, donations, and fundraising events. Technically, the website is built on the Umbraco CMS and leverages modern JavaScript libraries and marketing tools such as Google Tag Manager, Facebook Pixel, and Blackbaud for donations and engagement. The site is hosted behind Cloudflare, ensuring good performance and security. The design is professional, mobile-optimized, and accessible, with clear navigation and rich content. From a security perspective, the site enforces HTTPS and implements a Content Security Policy, but lacks some advanced security headers and a cookie consent mechanism. There is no visible vulnerability disclosure policy or security incident response information. Privacy compliance is basic, with a privacy policy present but lacking explicit GDPR compliance details. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with the museum's history. Overall, the website is trustworthy, professional, and secure with room for improvement in privacy compliance and security transparency. Strategic recommendations include enabling DNSSEC, implementing cookie consent, publishing detailed privacy and security policies, and adding a vulnerability disclosure mechanism.

The website 'Dollthing's Place' is a personal portfolio and blog primarily focused on showcasing projects, gaming content related to Final Fantasy XIV, and social media engagement. It targets a general audience interested in personal creative works and gaming communities. The site is hosted on Neocities and uses a simple technology stack including HTML5, CSS, JavaScript, and jQuery. The design is basic and the content is currently a work in progress with plans for future expansion. Social media links serve as the primary contact points, with no formal business contact information or policies present. From a technical perspective, the site employs standard web technologies and external libraries such as jQuery from Google's CDN. Hosting on Neocities suggests a small-scale personal site without enterprise infrastructure. Performance and mobile optimization are basic but functional. SEO and accessibility features are minimal. Security posture is limited, with no detected security headers and unknown SSL configuration. The site includes Cloudflare Insights for analytics but lacks privacy and cookie policies, which impacts compliance. Security evaluation indicates a low maturity level with no explicit security policies or incident response contacts. The absence of privacy and cookie policies and security headers are notable gaps. No vulnerabilities or exposed sensitive data were detected in the provided content. The domain WHOIS data is consistent with the personal nature of the site, showing no suspicious patterns or privacy protection, which aligns with the site's transparency. Overall, the site is a legitimate personal project with moderate trustworthiness but limited security and privacy compliance. Strategic recommendations include implementing security headers, enforcing HTTPS, adding privacy and cookie policies, and providing clear contact information for security incidents to improve trust and compliance.

H

har.fyi | har.fyi

har.fyi

0

har.fyi is a specialized technical documentation website dedicated to providing reference materials and guides for the HTTP Archive dataset, a resource used by developers and researchers to analyze web performance and state of the web. The site offers guides on querying the dataset, exploring table schemas, and contributing to the project via GitHub. It targets a technical audience including data analysts and web performance professionals. The website is relatively new, founded in 2023, and is hosted with modern web technologies ensuring good performance and accessibility.

W

wingio

wingio.xyz

0

The website wingio.xyz is a personal portfolio site of a 22-year-old Android developer named Wing. The site showcases the developer's skills, projects, and social media presence, primarily targeting fellow developers and tech enthusiasts. The business model is personal branding and open source project promotion, with a niche market position as an individual developer portfolio. The site is technically modern, built with Astro and Svelte frameworks, and hosted with Cloudflare DNS services. It demonstrates good performance and mobile optimization but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled and domain locks in place, but lacks DNSSEC and security headers. Privacy compliance is minimal, with no privacy or cookie policies present. Contact information is limited to an email address. Overall, the site is trustworthy for its purpose but could improve in privacy and security transparency.

F

fawn

fawn.moe

0

The website 'fawn.moe' is a personal portfolio site for an individual self-taught software developer named fawn. The site showcases personal interests such as movies and music, with links to social media and friends' profiles. It is a small-scale personal site without commercial business operations or formal company structure. Technically, the site is built using modern frameworks Astro and Svelte, indicating a contemporary approach to web development. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Security posture is minimal with no detected security headers or policies, and no HTTPS status was confirmed from the data. Privacy and cookie policies are absent, and no contact information is provided, limiting compliance and trust signals. Overall, the site is safe for general audiences and does not contain adult or explicit content. The domain WHOIS data was not provided, so domain legitimacy and registration details could not be fully assessed.

X

Xinto's web

xinto.dev

0

The website xinto.dev is a personal portfolio site for a software engineer named Xinto from Georgia, specializing in Kotlin and Android development. It serves primarily as a showcase of his bio and projects, targeting fellow developers and technology enthusiasts. The site is small scale and focused on personal branding rather than commercial business operations. Technically, the site uses modern web technologies including JavaScript modules, React framework (implied), and Google Fonts, delivering a moderate performance and good mobile optimization. However, accessibility and SEO optimizations are basic and could be improved. Security posture is moderate with no HTTPS or security headers information provided, and no privacy or cookie policies present, which limits compliance and trust. No forms or direct contact emails are provided, only social media links, which restricts direct communication channels. Overall, the site is safe, professional, and appropriate for general audiences but lacks advanced security and privacy features.

The website aagaming.me is a personal hobby developer portfolio primarily focused on reverse engineering projects. The site owner, known as 'aa', showcases various projects and references work on decky.xyz, indicating a niche presence within the developer and reverse engineering community. The business model is informal and hobbyist, with no commercial or enterprise scale operations evident. The site targets hobby developers and technology enthusiasts interested in reverse engineering and software development. Technically, the website is built using the Astro framework and utilizes Cloudflare for DNS services. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. There are no detected CMS platforms or third-party analytics or advertising tools, indicating a lightweight and privacy-conscious setup. From a security perspective, the site lacks critical security headers and does not enable DNSSEC, which could improve domain security. No privacy or cookie policies are present, and no contact or incident response information is provided, limiting compliance with GDPR and other privacy regulations. The domain is privacy protected via a service in Iceland, which is consistent with the personal nature of the site. Overall, the security posture is basic with room for improvement. The overall risk is low given the non-commercial nature and safe content, but the site would benefit from adding privacy policies, security headers, and contact information to enhance trust and compliance. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing privacy and cookie policies, and providing clear contact and incident response details.

M

Manti's website

mantikafasi.dev

0

The website mantikafasi.dev is a personal portfolio site belonging to a hobbyist programmer showcasing various programming projects primarily related to gaming and Discord bots. The site serves as a hub linking to multiple personal projects hosted on subdomains and GitHub repositories, targeting an audience of programmers, gamers, and Discord users. The business model is informal and non-commercial, focusing on sharing hobby projects rather than monetization or enterprise services. Technically, the site is built using the Astro static site generator with CSS Pico for styling and uses Cloudflare Insights for basic analytics. The site is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. Security posture is basic with no visible security headers or privacy policies, and no contact or incident response information is provided. The domain uses privacy protection in WHOIS, which is typical for personal sites, and no suspicious patterns are detected. Overall, the site is safe, professional enough for a personal portfolio, but lacks formal compliance and security best practices.

The website www3.rinici.de is a parked domain landing page primarily designed to advertise the domain rinici.de for sale. It lacks substantive business content, contact information, or any service offerings. The site relies heavily on advertising scripts and tracking technologies, with minimal user-facing content. Technically, the site uses standard HTML and JavaScript with external ad and tracking services, hosted via Amazon Cloudfront CDN. There is no evidence of HTTPS or security headers, and privacy compliance is minimal, with only a basic privacy policy accessible via a popup. The security posture is weak due to lack of HTTPS and absence of security best practices. Overall, the site presents a low trust profile and limited business credibility.

N

N/A

megu.dev

0

The website megu.dev is a personal portfolio for a software engineer named Rie T., showcasing expertise in multiple programming languages including TypeScript, JavaScript, Rust, and others. The portfolio highlights experience in backend, API, and internal tooling development, particularly in the Television & Broadcasting industry. The site targets potential employers and collaborators in the technology sector, serving as a professional branding and job-seeking platform. Technically, the site uses modern web frameworks such as React, Next.js, Remix, Svelte, Vue, and Angular, and is hosted behind Cloudflare with performance and mobile optimization rated as good. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security headers and formal privacy or cookie policies. Overall, the site is professional, trustworthy, and safe for general audiences, but could improve compliance and security transparency.

K

katlyn

katlyn.dev

0

The website katlyn.dev is a personal portfolio site primarily focused on coding and related projects. The content is minimal but well structured, presenting a clear personal brand with links to social and development platforms such as GitHub, Mastodon, and Matrix. The site targets a general audience interested in technology and coding, likely peers or potential collaborators. The business model appears to be personal branding rather than commercial operations, with no direct sales or service offerings evident. Technically, the site uses standard HTML5 and CSS3 with custom fonts hosted on a static subdomain, indicating a lightweight and fast-loading infrastructure. There is no evidence of a CMS or complex frameworks, suggesting a static or custom-built site. Mobile optimization and accessibility are basic but adequate for the site's scope. No analytics or advertising technologies are detected, reflecting a privacy-conscious or minimalistic approach. From a security perspective, the site lacks visible security headers and does not provide privacy, cookie, or terms of service policies, which limits compliance with GDPR and other regulations. No contact information or incident response channels are provided, reducing transparency and trust. However, no vulnerabilities or malicious content are detected in the provided HTML content. The absence of forms or data collection reduces attack surface but also limits user engagement features. Overall, the site presents a low-risk profile but would benefit from improved security practices, privacy compliance, and contact transparency to enhance trustworthiness and professionalism.

K

🌱 sammy's site

khcrysalis.dev

0

The website khcrysalis.dev is a personal site of a developer named Sammy, focused on Darwin-related software platforms such as iOS and macOS. The site primarily showcases open-source projects hosted on GitHub and highlights community contributions. The target audience is developers and programmers interested in Apple ecosystem software. The business model is individual open-source development without commercial offerings or services. Technically, the site is built using the Astro framework with modern web technologies, delivering good performance and mobile optimization. However, it lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS implied but no explicit security headers or incident response information. Privacy compliance is minimal with no privacy or cookie policies present. Overall, the site is professional and trustworthy for its scope but could improve in privacy and security transparency.

P

Private by Design, LLC

lewisakura.moe

0

The website lewisakura.moe is a personal site belonging to Lewis, a young software engineer and aspiring content creator specializing in backend development and game development on platforms such as Roblox. The site serves as a portfolio and contact point, showcasing various projects and placements, both paid and volunteer. The business model is primarily freelance and team-based development with future plans for content creation as a VTuber. The site targets technology enthusiasts and potential collaborators. Technically, the site is built using the Astro framework, leveraging modern web technologies and hosted with Cloudflare DNS services. It is well optimized for performance and mobile devices, with good SEO metadata and clear navigation. No CMS or analytics tools are detected, indicating a lightweight and privacy-conscious approach. From a security perspective, the site uses HTTPS and has domain transfer and deletion protections enabled. However, DNSSEC is not enabled, and no security headers are detected, which are areas for improvement. No privacy or cookie policies are published, which impacts compliance posture. Contact information is clearly provided via email and Discord, but no formal incident response or security policies are present. Overall, the site is safe, professional, and trustworthy for its intended personal and freelance use. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and considering incident response documentation to enhance security and compliance.

M

Materii

materii.dev

0

Materii is a small technology-focused organization hosted on GitHub, specializing in developing Material You (Material 3) themed client applications for popular platforms. The organization maintains a verified domain materii.dev and has a consistent brand presence on GitHub. Their business model revolves around open source software development and community engagement within the developer ecosystem. The website content is professional, well-structured, and optimized for performance and accessibility, leveraging GitHub's infrastructure and React-based frameworks. Security posture is strong with HTTPS enforcement and domain verification, though explicit privacy and security policies are absent. Overall, the site is trustworthy and safe for general audiences, targeting developers and users interested in Material You applications.

S

Sublime HQ Pty Ltd

sublimemerge.com

0

Sublime Merge is a cross-platform Git client developed by Sublime HQ Pty Ltd, the makers of Sublime Text. The website presents a professional and polished interface targeting developers and software professionals who require a powerful Git GUI client with features like line-by-line staging, commit editing, and syntax highlighting. The product is positioned as a high-performance tool with seamless Git integration across Mac, Windows, and Linux platforms. The website content is rich, well-structured, and consistent with the Sublime brand, indicating a focused business model based on software sales and licensing. Technically, the website employs modern web standards including HTML5, CSS3, JavaScript, and uses JSON-LD structured data to enhance SEO and semantic understanding. The site is responsive and optimized for multiple platforms, providing a fast and smooth user experience. However, there is no evidence of advanced frameworks or CMS usage, suggesting a custom-built or lightweight site architecture. From a security perspective, the site lacks visible security headers and does not provide privacy, cookie, or terms of service policies, which are important for compliance and user trust. The WHOIS data for the domain is missing or indicates the domain may be unregistered or expired, which raises concerns about domain legitimacy despite the professional appearance of the site content. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website demonstrates strong business credibility and technical maturity but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trustworthiness and regulatory adherence.

Sublime HQ Pty Ltd is a small Australian technology company specializing in developing remarkable software products, notably Sublime Text and Sublime Merge, which cater primarily to software developers and technical professionals. The website presents a minimal but professional front showcasing these products with consistent branding and clear navigation. However, the lack of detailed company information, contact details, and policy documents limits the depth of user engagement and trust signals. Technically, the website uses standard HTML5 and CSS3 with external stylesheets, but lacks advanced frameworks or CMS platforms. Performance and mobile optimization are basic but functional. No analytics, tracking, or advertising scripts were detected, indicating a privacy-conscious or minimalistic approach. Security features such as HTTPS status and security headers could not be confirmed from the provided data, but no WAF or blocking mechanisms were detected. From a security and compliance perspective, the absence of WHOIS registration data is a notable concern, as it raises questions about domain legitimacy and ownership transparency. The website lacks privacy, cookie, and terms of service policies, which are critical for GDPR and other regulatory compliance. No incident response or vulnerability disclosure information is available, limiting the security posture assessment. Overall, the site appears safe with no adult or questionable content but would benefit from enhanced security and compliance measures. The overall risk assessment suggests moderate trustworthiness with room for improvement in transparency, security best practices, and compliance documentation. Strategic recommendations include implementing HTTPS with strong SSL/TLS, publishing privacy and cookie policies, adding contact and incident response information, and improving WHOIS registration visibility to enhance legitimacy and user trust.

G

GameBanana

gamebanana.com

0

GameBanana is a well-established online community platform focused on game modding, offering a wide range of mods, tutorials, and community features since 2001. The platform supports modders and gamers by providing free access to mods without paywalls, sustained primarily through advertising revenue. The website demonstrates a mature digital infrastructure leveraging modern JavaScript frameworks and multiple analytics and advertising technologies to optimize user engagement and monetization. Security-wise, the site enforces HTTPS and uses Cloudflare for DNS and domain registration, but lacks some best practices such as DNSSEC and explicit security headers. Privacy compliance is weak due to the absence of visible privacy and cookie policies, which could expose the platform to regulatory risks. Overall, the site is functional, safe for general audiences, and maintains moderate trustworthiness, but should improve privacy and security disclosures to enhance compliance and user trust.

H

HRT.COFFEE

hrt.coffee

0

HRT.COFFEE is a specialized informational website focused on providing verified supplier listings for hormone replacement therapy products such as estradiol, progesterone, and anti-androgens. The platform serves a niche audience seeking reliable pharmaceutical sources, primarily targeting individuals involved in hormone therapy. The business operates as a referral and informational service without direct sales, emphasizing supplier verification and discount information. Technically, the website is built with standard web technologies including HTML5, CSS3, and JavaScript libraries like jQuery and DataTables, hosted via Cloudflare. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security posture is moderate with domain registration protections but missing DNSSEC and security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR indicators. Contact information is limited to a contact page form, with no direct emails or phone numbers visible. Overall, the website is functional, trustworthy within its niche, but could improve in security and privacy transparency.

The University of Massachusetts Amherst website serves as the digital presence of the largest public research university in New England. It offers comprehensive academic programs, research initiatives, and student services targeted at prospective and current students, faculty, staff, and families. The site reflects a strong institutional brand with consistent messaging and a focus on education and research excellence. Technically, the site is built on Drupal CMS and integrates multiple modern analytics and marketing tools, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enabled, though there is room for improvement in implementing security headers and privacy compliance. Overall, the site is professional, trustworthy, and accessible, with no indications of malicious activity or content safety concerns.

P

Private by Design, LLC

starry.cafe

0

Starry Cafe is a niche social platform instance running on the Sharkey platform, operated by an individual named Ezri based in New York City. The website serves as a community hub with custom branding and theming, targeting general users interested in decentralized social networking. The domain is newly registered in 2024 and uses modern web technologies including JavaScript frameworks and Vite for frontend delivery. The site is hosted under a reputable registrar and uses DNS servers from Hurricane Electric, but lacks DNSSEC and advanced security headers. From a security perspective, the website benefits from HTTPS and domain status protections but lacks published privacy policies, cookie consent mechanisms, and incident response information. No advertising or tracking technologies were detected, indicating a privacy-conscious approach but also limited monetization or analytics. The absence of security headers and DNSSEC are notable gaps that could be improved to enhance security posture. Overall, the website is functional and moderately professional but limited in content and compliance documentation. The business behind it is small and technology-focused, with a clear but narrow market position. Strategic improvements in privacy compliance, security hardening, and contact transparency would strengthen trust and reduce risk.

J

Joshua Barrett

ptnote.dev

0

PT_NOTE is a personal website and blog operated by Joshua Barrett, focusing on personal writing and project showcases. The site targets general internet users interested in personal content rather than commercial services. The website is built using the Zola static site generator, employing standard web technologies such as HTML, CSS, and JavaScript. The technical infrastructure is simple and lightweight, with moderate performance and basic mobile optimization. No advanced CMS or hosting provider details are evident. Security posture is basic; no security headers or incident response contacts are present, and privacy compliance is minimal due to the absence of privacy and cookie policies. The site uses HTTPS (assumed from domain), but no explicit security headers were detected in the HTML content. Overall, the site is safe, with no adult or questionable content detected, and minimal user tracking or advertising. The domain registration is privacy protected, which is appropriate for a personal blog. The website demonstrates moderate trustworthiness but lacks formal business or compliance documentation.