Security Directory

M

MerchantYard

merchantyard.com

0

MerchantYard is a small technology company specializing in developing native Shopify apps designed to help e-commerce businesses scale effectively. Their product suite includes apps for discount management, store credit, upselling, and referral marketing, targeting Shopify store owners seeking to enhance sales and customer engagement. The website is professionally designed using Squarespace, integrating Google Analytics and Tag Manager for performance monitoring. While the site is well-structured and mobile-optimized, it lacks explicit privacy and cookie policies, which may impact compliance and user trust. Security posture is moderate with HTTPS enabled but missing several recommended security headers. The absence of WHOIS data for the domain raises some concerns about registration transparency, although the website content and client testimonials suggest a legitimate business operation. Overall, MerchantYard presents a credible e-commerce technology provider with room for improvement in privacy compliance and security hardening.

M

Michael Lazar

mozz.us

0

Mozz.us is the personal domain of Michael Lazar, a professional software developer with a strong focus on alternative internet protocols such as Gemini, Gopher, Spartan, and CCSO. The website serves as a portfolio showcasing his open source projects, software development expertise, and personal interests including ASCII art. The site targets technology enthusiasts and developers interested in niche internet protocols and software tools. The business model is primarily personal and community-oriented, with no commercial transactions evident. Technically, the site uses standard HTML5 and CSS with FontAwesome icons, and the backend projects leverage Python frameworks like Flask and Django. Hosting and DNS are managed via Squarespace Domains and Google Cloud DNS respectively. The website is moderately optimized for performance and mobile devices, with basic accessibility and SEO features.

P

Private by Design, LLC

tilde.pink

0

The website tilde.pink is a niche, minimalist site focused on providing access via alternative internet protocols such as Gopher and Gemini. It is operated by Private by Design, LLC, a small US-based entity registered in 2019. The site content is minimal, primarily informational, and targets users interested in retro or alternative internet technologies. The business model appears to be hobbyist or community-focused with no evident commercial services or monetization. Technically, the site uses basic HTML and CSS with no advanced frameworks or CMS detected. Hosting is provided by Porkbun LLC, the domain registrar. The site performs well in terms of loading speed and basic mobile optimization but lacks SEO optimization and accessibility features. No analytics or tracking technologies are present, indicating a privacy-conscious approach. From a security perspective, the site lacks DNSSEC, security headers, and any formal privacy or cookie policies. The SSL configuration is basic but present. No forms or data collection mechanisms are implemented, reducing attack surface but also limiting user engagement. WHOIS data is consistent and legitimate with no privacy protection, which aligns with the site's transparent and minimal nature. Overall, the site is safe and suitable for general audiences but would benefit from improved security practices, privacy compliance, and richer content to enhance credibility and user experience.

rawtext.club is a niche community-driven technology service focused on providing shell access, local email, and hosting for alternative internet protocols such as gemini and gopher. The website emphasizes a slow and deliberate development approach, fostering a community governed by a social contract. The business operates under the domain registered to 1&1 Internet Inc, a reputable US-based hosting provider, with the domain created in 2018 and currently active. Technically, the website is minimalistic, built with basic HTML and CSS without modern frameworks or CMS. It lacks mobile optimization and SEO best practices, resulting in a slow and basic user experience. No analytics or advertising tools are present, indicating a privacy-conscious or low-budget operation. Security measures are limited; DNSSEC is not enabled, and no security headers are detected, which could expose the site to certain risks. From a security perspective, the site uses HTTPS (implied by domain registration and hosting provider but not explicitly confirmed), but lacks advanced security configurations. There are no privacy or cookie policies, which reduces compliance with GDPR and other privacy regulations. The WHOIS data is transparent and consistent with the business, enhancing trustworthiness. No adult or questionable content is present, making the site safe for general audiences. Overall, rawtext.club is a small, community-focused technology service with basic technical and security maturity. Strategic improvements in security headers, DNSSEC, privacy compliance, and mobile optimization would enhance its security posture and user experience.

P

Park City

park-city.club

0

Park City is a small, community-driven internet platform focused on fostering social connection and creativity among its members. The website offers user profiles, FTP and Gemini protocol access, and previously hosted forums and a radio service, which are currently offline or discontinued. The site emphasizes inclusivity and a relaxed approach to online engagement, targeting users seeking a niche social community rather than commercial services. Technically, the site is built with basic HTML, CSS, and JavaScript, hosted on DigitalOcean, and uses NameCheap as the registrar with privacy protection enabled. The site is mobile-optimized with a moderate performance profile but lacks advanced technical frameworks or CMS integration. Security posture is basic, with no DNSSEC, security headers, or published security policies, and no visible HTTPS enforcement details. Privacy compliance is minimal, with no privacy or cookie policies found, and no GDPR indicators. Overall, the site is functional and trustworthy for its niche but would benefit from improved security and compliance measures.

M

Mount Olive Software LLC

ctrl-c.club

0

Ctrl-C.club is a small, community-driven Linux server platform founded in 2014 and operated by Mount Olive Software LLC in the US. It offers free SSH and web hosting accounts to users interested in Linux, programming, and text-based internet protocols such as Gemini. The website serves a niche audience of enthusiasts and hobbyists, providing tools for web development, chat, gaming, and collaborative projects. The community is active with events like Webjam and various user-driven initiatives. Technically, the site uses older jQuery libraries and supports multiple platforms including SSH, IRC, and Gemini, but lacks modern CMS or frameworks. Security posture is moderate with no HTTPS enforcement or security headers detected, and privacy compliance is minimal due to absence of privacy and cookie policies. The domain registration is consistent and legitimate, supporting the site's credibility. Overall, the site is functional and trusted within its niche but would benefit from improved security and compliance measures.

P

prx

si3t.ch

0

The website si3t.ch is a personal digital space hosted by an individual known as 'prx'. It serves as a repository for documentation, code, tools, and miscellaneous content aimed at digital travelers and enthusiasts interested in self-hosting and privacy. The site also offers community interaction via an XMPP chat and is accessible through a TOR hidden service, emphasizing privacy and anonymity. The business model is non-commercial and hobbyist in nature, with a small-scale operation based in Switzerland. Technically, the site uses basic HTML, CSS, and JavaScript with Atom feeds and XMPP integration. It is self-hosted at home, with moderate performance and basic mobile optimization. No CMS or advanced frameworks are detected. The site lacks formal privacy, cookie, or terms of service policies and does not appear to use analytics or advertising, reflecting a privacy-conscious approach. From a security perspective, the site shows limited security measures in the HTML content, with no detected security headers or HTTPS/SSL information. The use of a TOR hidden service is a positive privacy feature. However, the absence of security policies, incident response contacts, and vulnerability disclosure mechanisms indicates room for improvement. No critical vulnerabilities or adult content were detected. Overall, the site is a safe, small personal project with moderate trustworthiness but limited formal security and privacy compliance. Strategic recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and establishing a vulnerability disclosure process to enhance security posture and user trust.

Nightfall City is a creative and thematic website that presents a fictional virtual city with various districts and services, designed to engage visitors in an artistic and immersive experience. The site does not represent a traditional business but rather a niche project focused on storytelling and virtual exploration. The technical infrastructure is basic, relying on standard HTML and CSS without advanced frameworks or CMS. The website is accessible without any blocking or WAF interference, but lacks modern security headers and privacy compliance features. The absence of contact information, privacy policies, and security best practices limits its trustworthiness and compliance posture. Overall, the site is safe for general audiences and does not contain any adult or explicit content.

J

Jae Lo Presti

jae.moe

0

Jae's Website is a personal site belonging to Jae Lo Presti, a technical artist and content creator based in Helsinki, Finland. The site serves as a portfolio and blog platform showcasing Jae's work in 3D art, VR game development, and mentorship activities on platforms like Resonite. The website targets a general audience interested in technical artistry and virtual worlds. The business model is primarily personal branding and content sharing without commercial transactions. Technically, the website is built with standard HTML, CSS, and JavaScript, including the highlight.js library for code highlighting. It is hosted on the 777.tf domain and appears to be self-managed or hosted by a small provider. The site is well-structured, mobile-optimized, and performs well with good SEO and accessibility features. However, it lacks advanced security headers and formal privacy or cookie policies. From a security perspective, the site uses HTTPS but does not implement common security headers or GDPR compliance mechanisms. No vulnerabilities or exposed sensitive data were detected. The WHOIS data shows the domain is registered to a private person, consistent with the personal nature of the site, and the domain age aligns with the site's content timeline. No WAF or blocking mechanisms are present, allowing full content access. Overall, the site is trustworthy and professional for a personal portfolio but would benefit from adding privacy and cookie policies, security headers, and vulnerability disclosure information to improve compliance and security posture.

S

sr.ht, LLC

srht.site

0

The website srht.site represents sourcehut pages, a service offering static website hosting primarily targeted at software project maintainers and collaborators. The business operates within the technology sector, providing open source tools such as git repositories, bug tracking, continuous integration, and mailing lists. The domain is registered under sr.ht, LLC, with consistent WHOIS data and a domain age appropriate for the business. The website content is professionally presented, with clear navigation and a focus on open source ethos. Technically, the site is built using the Hugo static site generator and hosted on sourcehut infrastructure, ensuring fast performance and good mobile optimization. Security posture is moderate, with TLS enabled and domain transfer protection, but lacking DNSSEC and some security headers. Privacy compliance is good with clear privacy and terms pages, though no cookie consent mechanism is present. Overall, the site is trustworthy and well-positioned within its niche.

K

koyu's personal website

koyu.space

0

The website 'koyu's personal website' is a personal portfolio and blog for Leonie, a programmer and system administrator based in Northern Germany. The site focuses on personal branding and sharing principles and services related to programming and sysadmin work. The market position is that of an individual professional offering internet services and promoting cyberspace liberation. The technical infrastructure is modern, built on Next.js and React, with Cloudflare DNS services. The site is mobile optimized and has good design and navigation, though accessibility and SEO are basic. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, and no contact emails or phone numbers are provided, limiting compliance and business credibility. Social media presence is strong across multiple platforms. Overall, the site is safe, professional, and suitable for general audiences, but would benefit from enhanced privacy compliance and security practices.

The website pollux.casa currently serves a minimalistic human verification page designed to confirm that visitors are human by requiring a checkbox interaction. The domain is registered through Scaleway SAS in France with privacy protection enabled, and the domain age is approximately 3 years, which is reasonable for a small or new entity. However, the website lacks any substantive business information, privacy or cookie policies, contact details, or security policies. The technical infrastructure appears basic with no detected security headers or advanced technologies, and no analytics or tracking scripts are present. The content is safe and general audience appropriate, with no adult or questionable material detected. Overall, the site appears to be a simple gatekeeper or verification page rather than a full business website.

Flounder.online is a small niche service providing a free web interface and log builder for the Gemini protocol network, a privacy-focused internet protocol. The website targets users of the Gemini network who require simple tools to manage Gemini capsules. The business model is based on offering free services with optional donations via Patreon. The site is modest in scale and content but updated frequently, indicating active maintenance within its community niche. Technically, the website uses basic HTML and CSS without advanced frameworks or CMS, hosted likely via Namecheap. The site is mobile responsive at a basic level and has moderate performance. Security posture is minimal with no advanced security headers or policies detected, and no HTTPS configuration details available from the provided data. Privacy and cookie policies are absent, and no contact or incident response information is provided, limiting compliance and trust signals. Overall, the site is functional and relevant for its audience but lacks formal security and privacy documentation.

gemlog.blue is a niche web service launched in 2020 that enables users to create and maintain gemlogs (journals) accessible via the Gemini protocol. It targets users interested in the Gemini space who prefer a simple, no-frills web interface without requiring technical knowledge or system administration tools. The service emphasizes privacy by avoiding JavaScript, cookies, advertising, and user tracking. The website design is minimalistic and functional, focusing on ease of use and accessibility even in low-bandwidth environments. Technically, the site uses basic HTML and CSS with PHP-based backend scripts for account and post management. The hosting is provided by NameCheap, Inc., with domain privacy protection enabled. The site lacks modern security headers and DNSSEC, which could be improved to enhance security posture. Performance is likely fast due to minimal content and no external dependencies. Mobile optimization and accessibility are basic but functional. From a security perspective, the site demonstrates good privacy practices by not using tracking or cookies and by limiting data collection. However, it lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of security headers and DNSSEC are notable gaps. The domain registration is privacy-protected but consistent with the service's nature and age, indicating legitimacy. No contact emails or phone numbers are provided, which limits direct communication. Overall, gemlog.blue is a small, privacy-focused technology service with a clear niche audience. It would benefit from enhanced security configurations, published policies, and contact information to improve trust and compliance. The current risk level is moderate with no critical vulnerabilities detected but room for security and privacy improvements.

The Midnight Pub is a niche virtual pub platform launched in 2019, offering users the ability to write posts and create pages within a community-oriented environment themed around retro internet culture and small web communities. The platform is hosted on Linode and uses a custom or unknown CMS with basic HTML and CSS technologies. The website content is accessible and primarily text-based, with a donation mechanism via buymeacoffee.com. However, the site lacks critical privacy and cookie policies, contact information, and visible security best practices, which impacts its overall trust and compliance posture. No advanced analytics or tracking scripts are detected, indicating minimal user tracking. The domain registration is consistent with a small community platform, registered through 1API GmbH with a French registrant location, but with limited public registrant details.

W

WinSCP.net

winscp.net

0

WinSCP.net operates a well-established, highly reputable freeware software project focused on providing a free SFTP, FTP, SCP, and S3 client for Windows users. The website demonstrates a strong market position with over 244 million downloads and excellent user ratings, supported by multiple awards and positive testimonials. The business model centers on free software distribution with community engagement and support. Technically, the website employs modern web technologies including Bootstrap, jQuery, and integrates multiple analytics and advertising services with a GDPR-compliant consent mechanism. Hosting and DNS are managed via Cloudflare, ensuring robust performance and security. Security posture is solid with HTTPS enforced and domain registration consistent with the business history, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for user experience and compliance.

F

FileZilla

filezilla-project.org

0

FileZilla is a well-established open source software project providing free FTP client and server solutions, with an additional paid Pro offering supporting cloud storage protocols. The website is professionally designed, with clear navigation and relevant content targeting IT professionals and end users needing reliable file transfer tools. The technical infrastructure is based on standard web technologies with active development and recent security updates, reflecting a mature digital presence. Security posture is solid with HTTPS usage and participation in a bug bounty program, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

oppen.digital is a newly registered domain (June 2024) owned by Virtua Drug Ltd, a Hungarian company. The website presents a minimalistic interface focused on digital technology themes such as Open Source Software, Digital Innovation Research, and Digital Technology Solutions. The primary content is an embedded Google-powered search iframe and advertising via Google Adsense, indicating a business model reliant on digital advertising revenue. The site lacks detailed business descriptions, contact information, or comprehensive privacy and security policies, which limits its professional presentation and trustworthiness. Technically, the website uses standard HTML, CSS, and JavaScript with integration of Google advertising scripts. The site is moderately optimized for mobile but lacks advanced SEO and accessibility features. No CMS or advanced frameworks are detected. Security posture is weak due to absence of security headers, lack of DNSSEC, and no visible HTTPS enforcement details. Privacy compliance is minimal with only a basic privacy policy page and no cookie consent mechanism despite active ad tracking scripts. From a security perspective, the site shows no signs of WAF or blocking mechanisms and no critical vulnerabilities are evident from the content. However, the lack of security best practices and privacy compliance measures poses risks for user data protection and regulatory adherence. The WHOIS data is transparent and consistent with the website's business sector and country, supporting legitimacy but reflecting a very new business. Overall, oppen.digital appears to be an early-stage digital advertising or information platform with basic technical implementation and limited business credibility signals. Strategic improvements in security, privacy compliance, and content richness are recommended to enhance trust and operational maturity.

The website random-projects.net is a personal portfolio and blog site owned by an individual named Felix, a demoscener and coder from Germany. The site focuses on sharing coding projects, personal interests in software optimization, and hobby cooking recipes. It targets a general audience interested in technology and cooking, without commercial or enterprise positioning. The domain is well-established since 2013, indicating a stable online presence. Technically, the site uses basic modern web technologies including HTML5, CSS3, SVG graphics, and external font hosting from rsms.me. The site is moderately optimized for mobile devices and has a clear navigation structure, but lacks advanced SEO and accessibility features. There is no detected CMS or complex backend platform, suggesting a static or simple site architecture. From a security perspective, the site lacks critical security headers and privacy-related policies such as GDPR compliance, cookie consent, or incident response contacts. The domain registration is consistent and legitimate, but DNSSEC is not enabled, and no SSL/TLS details were provided to confirm HTTPS usage. No forms or data collection mechanisms are present, reducing attack surface but also limiting user interaction. Overall, the site is safe for general audiences with no adult or questionable content. The security posture is basic and could be improved by implementing HTTPS, security headers, and privacy policies. The business credibility is moderate given the personal nature of the site and lack of formal contact information. Strategic recommendations include enhancing security measures, adding privacy and cookie policies, and providing clear contact channels to improve trust and compliance.

S

skyjake (@jk@skyjake.fi) - skyjake.fi

skyjake.fi

0

The website skyjake.fi hosts a personal Mastodon instance operated by an individual known as 'skyjake'. The site serves as a social platform within the fediverse, focusing on personal and technical content related to software projects such as Gemini protocol applications and the Doomsday Engine. The domain has been registered since 2010, indicating a long-term personal project. The site is small-scale, targeting a niche audience interested in open-source and federated social networking. Technically, the site runs Mastodon version 4.3.8, uses modern web technologies including JavaScript and SVG, and is hosted under a Finnish registrar. The site is mobile-optimized and provides a good user experience with clear navigation and consistent branding. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, though it lacks advanced security headers and published security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. Overall, the site is trustworthy and well-maintained for a personal project, with no signs of malicious activity or suspicious registrations.

Project Gemini is a small-scale technology initiative focused on developing and promoting a new internet protocol designed for lightweight, privacy-respecting interconnected text documents. The website serves as an informational hub providing news, documentation, history, and software related to the Gemini protocol. The project positions itself as an alternative to the modern internet's complexity and privacy challenges, targeting users who value simplicity and minimalism. Technically, the website is built with basic HTML and CSS, showing good mobile optimization and accessibility. The site is hosted under a domain registered recently in 2023, consistent with the project's timeline. There is no evidence of advanced frameworks, CMS, or analytics tools, indicating a minimalistic and privacy-conscious approach. From a security perspective, the domain uses clientTransferProhibited status to prevent unauthorized transfers, but DNSSEC is not enabled, and no security headers are present in the HTML content. The site lacks explicit privacy, cookie, or terms of service policies, and no contact or incident response information is provided. No tracking or advertising technologies are detected, aligning with the project's privacy-focused ethos. Overall, the website is trustworthy and safe, with no adult or questionable content. However, it could improve its security posture and compliance by adding relevant policies, security headers, and contact information. The domain registration is legitimate and consistent with the project's nature and age.

CVEDetails.com is a comprehensive vulnerability intelligence platform powered by SecurityScorecard, offering an extensive CVE database enriched with advisories, exploits, risk scores, and attack surface intelligence. The platform targets security professionals and enterprises seeking detailed vulnerability data and actionable insights. It provides advanced features such as email alerts, APIs, and SBOM analysis to enhance vulnerability management workflows. Technically, the website employs modern web technologies including jQuery, Bootstrap, and ECharts, delivering a responsive and user-friendly experience with good SEO and accessibility standards. Security-wise, the site enforces HTTPS and secure form handling but lacks explicit security headers and dedicated incident response pages, which are recommended for improvement. The absence of WHOIS registration data introduces some uncertainty about domain legitimacy, though the strong association with SecurityScorecard and professional content supports trust. Overall, CVEDetails.com is a high-quality, trustworthy resource for vulnerability intelligence with room for enhanced security transparency and domain registration clarity.

The website git-send-email.io is an educational resource focused on teaching developers how to use git's email collaboration tools effectively. It provides detailed step-by-step tutorials covering installation, configuration for various email providers, sending patches, handling feedback, and best practices. The site targets developers and contributors involved in open source projects who want to leverage email workflows for git contributions. The business behind the domain is small and technology-focused, with a clear niche in developer education. Technically, the site is well-structured with clean HTML and CSS, hosted likely on sourcehut infrastructure as indicated by name servers and footer references. The site is performant, mobile-optimized, and accessible, though it lacks advanced SEO features and does not use a CMS. No analytics or tracking scripts are present, enhancing user privacy. From a security perspective, the site uses HTTPS (implied by URL), but no explicit security headers were detected in the provided data. The domain lacks DNSSEC and privacy policies, indicating room for improvement in compliance and security best practices. No forms or sensitive data collection reduces risk exposure. WHOIS data shows a legitimate registration with a reputable registrar and appropriate domain age. Overall, the site is a trustworthy, high-quality educational platform with minor gaps in privacy and security policy disclosures. Strategic improvements in security headers, privacy compliance, and vulnerability disclosure mechanisms would enhance its security posture and user trust.

A

AfterLogic Corp.

afterlogic.com

0

AfterLogic Corp. is a well-established technology company specializing in email and telecommunications software components and platforms since 2002. Their product portfolio includes .NET and ActiveX email components, webmail clients for PHP and ASP.NET, groupware solutions, and mail server software. The company serves a broad audience including developers, businesses, and telecom providers, with a strong market position evidenced by a client list featuring major corporations and government entities. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on Joomla CMS with modern JavaScript libraries such as jQuery and FlexSlider, supporting both Windows and Linux platforms. The site uses HTTPS and implements cookie consent mechanisms, though some security best practices like DNSSEC and security headers are missing. Performance and mobile optimization are moderate to good, with room for improvement in accessibility and SEO. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and explicit security headers. There is no visible security policy or incident response information, and no vulnerability disclosure mechanism is present. Tracking is done via Google Analytics and Tag Manager with moderate user tracking levels. Overall, the security posture is adequate but could be enhanced with additional measures. The overall risk assessment is moderate with no critical issues detected. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security and incident response policies, and implementing a vulnerability disclosure program to strengthen trust and compliance.

T

The SquirrelMail Project Team

squirrelmail.org

0

SquirrelMail.org is the official website for the SquirrelMail open source webmail project, providing a PHP-based webmail client and related plugins. The project has a long history dating back to 1999 and maintains a modest but consistent presence with announcements, plugin updates, and security advisories. The website targets system administrators and users seeking a lightweight, open source webmail solution. Technically, the site is basic, using standard HTML, CSS, and PHP, with no modern frameworks or CMS detected. Hosting is supported by Cloudflare DNS but lacks advanced security headers and DNSSEC. Security posture is moderate, with some security fixes and clickjacking protections noted, but no formal security.txt or vulnerability disclosure policy is published. Privacy and cookie policies are absent, and no direct contact information or social media presence is provided, limiting user engagement and compliance transparency. Overall, the site is functional and trustworthy but could benefit from modernization and improved compliance documentation.

Notmuchmail.org is the official website for Notmuch, an open source, fast, tag-based email indexing and search system primarily designed for use within text editors and terminals. The project targets developers and advanced users who require efficient email search capabilities without relying on third-party services. The website serves as a wiki and documentation hub, providing guides, source code access, and community contact channels such as mailing lists and IRC. Technically, the website is built using ikiwiki, a wiki engine, and delivers static HTML and CSS content with minimal dynamic elements. The site demonstrates good performance and basic mobile optimization but lacks advanced SEO and accessibility features. The technology stack includes Xapian for search backend integration and Git for source control, with continuous integration via Travis CI. From a security perspective, the site uses HTTPS (implied by domain and modern standards though SSL details are not provided), but lacks security headers and published security policies. No privacy or cookie policies are present, indicating limited compliance with privacy regulations. The domain WHOIS data is consistent and shows a long-established registration, enhancing trustworthiness. No forms or tracking technologies are present, minimizing data collection risks. Overall, the website is a trustworthy, niche technical resource with good business credibility but could improve in privacy compliance and security best practices to enhance user trust and regulatory adherence.

The website sourceforge.net is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct content access. As a result, no direct business content, policies, or contact information could be extracted or analyzed. The domain is long-established, created in 1999, and registered via GoDaddy.com, LLC, with domain status flags indicating strong protection against unauthorized changes. The presence of Cloudflare security mechanisms suggests a focus on protecting the site from automated abuse or attacks. However, this also limits the ability to assess the website's content quality, privacy compliance, or security posture in detail. The overall risk assessment is low for malicious activity but incomplete for detailed security or compliance evaluation due to access restrictions.

NeoMutt.org is the official website for the NeoMutt project, an open-source command line mail user agent derived from Mutt with enhanced features. The project targets developers and users who prefer a powerful, customizable email client in a terminal environment. The website provides comprehensive documentation, community engagement channels including mailing lists, IRC, and GitHub repositories, and encourages contributions and sponsorships. The business model is community-driven open-source software with voluntary sponsorship support. Technically, the website employs a modern but lightweight tech stack including jQuery, Bootstrap, AnchorJS, and Algolia for search functionality. Hosting is inferred to be on Linode servers. The site is mobile responsive with good navigation and content structure, though accessibility features are basic. SEO is functional but could be improved with additional metadata and structured data. From a security perspective, the domain is registered via a privacy proxy service, which is common for open-source projects to protect personal information. The domain is mature and consistent with the project's timeline. However, the website lacks visible security headers, DNSSEC is not enabled, and no published security or incident response policies are found. HTTPS usage is assumed but not verifiable from the data provided. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, NeoMutt.org is a trustworthy and professional open-source project website with good content quality and community engagement but could improve in privacy compliance and security best practices to enhance user trust and regulatory adherence.

djcbsoftware.oy is a small software consultancy based in Helsinki, Finland, specializing in Linux-based server and embedded software development. The company has a long-standing presence since 2000 and focuses on network/security, cryptographic services, and embedded devices such as music players, cameras, and microphones. The website reflects a niche technology consultancy with open-source software contributions, targeting developers and technology companies requiring embedded and server software expertise. Technically, the website uses older but stable technologies such as Bootstrap 3.3.5 and jQuery 1.11.3, with Google Analytics integrated for visitor tracking. The site is moderately optimized for mobile and accessibility but lacks modern SEO and performance enhancements. Security posture is basic; DNSSEC is enabled at the domain level, but no security headers or HTTPS enforcement details are visible in the HTML content. Privacy and cookie policies are absent, and no direct contact emails or phone numbers are provided, limiting transparency. Overall, the site is functional and professional but would benefit from improved security and privacy compliance measures.

M

MARMARO

marmaro.de

0

The website marmaro.de is a personal site focused on sharing writings, programming projects, sports interests, and miscellaneous personal content. It does not represent a commercial business entity and lacks formal business information or contact details. The site is simple, static, and primarily serves as a personal portfolio or blog. Technically, the site uses basic HTML and CSS without modern frameworks or CMS. There is no evidence of HTTPS or security headers, which limits the security posture. No privacy or cookie policies are present, indicating low compliance with data protection standards. Overall, the site is safe for general audiences but lacks professional features and security best practices.

The website meli-email.org represents an open source terminal-based email client project named 'meli'. The project is developed and maintained by 1337 Services LLC, a small technology entity registered in Saint Kitts and Nevis. The website provides comprehensive information about the software, including installation instructions, source code repository links, screenshots, and announcements. The target audience is primarily terminal users and developers seeking a modern, extensible mail client. The business model is community-driven open source software distribution with downloadable binaries and source code. Technically, the website is built with modern web standards including HTML5, CSS3, SVG, and leverages Rust and WebAssembly for the software itself. It supports multiple platforms such as Debian, macOS, NetBSD, OpenBSD, and Nix. Hosting is via Njalla, a privacy-focused provider. The site performs well with good content quality and basic mobile optimization. However, accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS with a good SSL configuration and domain registration protections like clientTransferProhibited status. However, DNSSEC is not enabled, and no security headers are detected. There is no published privacy policy, cookie policy, or incident response information, which limits privacy compliance and security transparency. No contact emails or phone numbers are provided, reducing direct communication channels. Overall, the website is trustworthy and professional within its niche but lacks formal privacy and security policy disclosures. Strategic improvements in security headers, privacy compliance, and contact information publication would enhance trust and compliance. The domain registration is consistent with the project age and business type, supporting legitimacy.

Freron Software operates the website freron.com to promote and distribute MailMate, an advanced IMAP email client designed exclusively for macOS users. The product targets a niche market of users requiring powerful email management features including encryption, advanced search, and integration capabilities. The company has maintained a consistent online presence since 2010, indicating stable business operations. The website content is well-structured and professional, focusing on product features and updates, with clear navigation and official social media links to Bluesky and X (Twitter). Technically, the website is simple and fast-loading, built with standard HTML and CSS without complex frameworks or CMS, reflecting a lean digital infrastructure. Hosting and domain registration are managed through a reputable registrar, joker.com, with domain age supporting legitimacy. Security posture is basic; while HTTPS is implied, no advanced security headers or DNSSEC are enabled, and no cookie consent mechanism is present. Privacy policy and EULA are published, but no explicit GDPR compliance statements or security policies are found. No contact emails or phone numbers are listed on the main site, limiting direct communication channels. Overall, the website is safe, professional, and trustworthy but could benefit from enhanced security and privacy compliance measures.

G

Gnus Network User Services

gnus.org

0

Gnus Network User Services operates a niche website dedicated to the Gnus Emacs newsreader, providing resources, manuals, and historical information for users of this open source software. The website serves a specialized audience of Emacs users and enthusiasts, positioning itself as a long-standing community resource since its founding in 1997. The business model focuses on information dissemination rather than commercial transactions, with a small organizational footprint based in Norway. Technically, the website is simple and lightweight, built with basic HTML and CSS without modern frameworks or CMS. It is hosted behind Cloudflare DNS but does not employ advanced security headers or DNSSEC, indicating room for technical modernization. The site performs moderately with basic mobile optimization and accessibility features, but lacks analytics or tracking technologies, reflecting a privacy-conscious approach. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks security headers and formal privacy or cookie policies, which lowers its compliance posture. No forms or data collection mechanisms are present, reducing attack surface but also limiting user engagement. The WHOIS data confirms a consistent and legitimate registration history, enhancing trustworthiness. Overall, the website is a safe, low-risk informational resource with moderate technical and security maturity. Strategic improvements in privacy compliance, security headers, and DNS security would enhance its posture and user trust.

C

Cypht

cypht.org

0

Cypht is an open source webmail client designed to aggregate multiple email accounts and RSS feeds into a single, modular interface. It targets users such as ISPs, schools, businesses, and individuals seeking a lightweight and flexible email solution. The website presents clear information about the product's features, modular architecture, and open source licensing, supported by an active GitHub repository and community chat on Gitter. Technically, the site is built using PHP and JavaScript with Bootstrap and jQuery for frontend components, and uses the Cecil static site generator for content management. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Security-wise, the site encourages responsible vulnerability disclosure but lacks formal policies and contact details, and does not implement common security headers. WHOIS data is unavailable, likely due to privacy protection, but the domain appears legitimate based on content and community presence. Overall, the site scores well on content quality and business credibility but has room for improvement in privacy compliance and security posture.

C

Claws Mail - The user-friendly, lightweight, and fast e-mail client

claws-mail.org

0

Claws Mail is an established open source email client project founded in 2006, offering a lightweight, fast, and user-friendly email and news reading experience based on GTK+. The website provides detailed descriptions of the software's features, plugins, and user documentation, targeting both new and experienced users seeking a robust email client alternative. Technically, the site is simple with basic JavaScript and CSS, hosted by Gandi SAS, and shows moderate performance and basic mobile optimization. Security posture is moderate with domain transfer protection but lacks DNSSEC and security headers. No privacy or cookie policies are published, and no contact or incident response information is provided, which limits compliance and transparency. Overall, the site is trustworthy and legitimate but could improve in security and privacy compliance.

The website or.cz is currently inaccessible, returning a 403 Forbidden error page which blocks access to any meaningful content or business information. The domain is registered since 2000 with REG-WEBGLOBE, indicating a long-standing registration, but no registrant details or business data are available to assess legitimacy or market position. Due to the lack of accessible content, no privacy, cookie, or security policies are present, and no contact information or forms are available. The technical infrastructure is minimal, running on Apache 2.4.62 on Debian, but no CMS or advanced technologies are detected. Security posture is weak with no visible security headers or HTTPS enforcement details. Overall, the site appears inactive or restricted, limiting any comprehensive analysis.

The website aerc-mail.org presents an open source terminal-based email client named 'aerc' designed for technically proficient users such as hackers and developers. The site provides detailed descriptions of the software's features, including support for multiple email protocols, embedded terminal editing, and PGP encryption. The website is built using the Hugo static site generator and hosts content efficiently with minimal tracking or advertising. The technical infrastructure is modern and performant, with fast loading times and basic mobile optimization. However, the site lacks privacy and cookie policies, contact information, and security headers, which limits its compliance and security posture. The domain registration is consistent and transparent, indicating a legitimate and stable project. Overall, the site is professional and trustworthy within its niche but could improve in privacy and security transparency.

R

Registrant of sourcehut.org

sourcehut.org

0

SourceHut is an open source software development platform offering a comprehensive suite of tools including git and Mercurial hosting, continuous integration, mailing lists, code review, ticket tracking, real-time chat, and wikis. It targets software project maintainers and collaborators, emphasizing privacy, minimalism, and no tracking or advertising. The platform is positioned as a niche alternative to larger commercial services, focusing on open source principles and community trust. Technically, the website is built using the Hugo static site generator, with a modern and performant infrastructure supporting Linux and BSD platforms. The site is well optimized for mobile and accessibility, with clear navigation and professional design. Security posture is strong in terms of privacy and user control, offering PGP encrypted emails, two-factor authentication, and detailed audit logs, though some standard security headers and DNSSEC are not enabled. Overall, the domain registration data is consistent and legitimate, supporting the trustworthiness of the platform. There are no signs of tracking, advertising, or analytics, aligning with the privacy-first philosophy. The website content is safe for general audiences with no adult or questionable content detected.

H

Hikosoft

hiko.link

0

HIKO Software is a small Taiwan-based company specializing in a Shopify social login app designed to simplify user authentication for e-commerce merchants. The website serves as a marketing platform built on WordPress, showcasing the app's features and linking to the Shopify app store and a demo site. The technical infrastructure is modern and stable, leveraging AWS hosting and HTTPS encryption, with a clean and responsive design optimized for mobile users. However, the site lacks some privacy compliance features such as a cookie policy and consent mechanism, and does not provide explicit contact information or security policies. The WHOIS data is consistent with the business profile, indicating legitimacy and domain age appropriate for the company's founding date in 2020. Overall, the website demonstrates a moderate security posture with room for improvement in security headers and privacy compliance.

L

Linux Handbook

linuxhandbook.com

0

Linux Handbook is an independent, reader-supported online publication specializing in Linux command line, server management, self-hosting, DevOps, and cloud learning. Established in 2017, it serves a niche audience of Linux users, IT professionals, and DevOps engineers by providing educational content and tutorials. The website leverages modern web technologies including the Ghost CMS platform and integrates multiple advertising and analytics services to support its business model. The site demonstrates good technical maturity with HTTPS enforcement, structured data markup, and mobile optimization. However, it lacks explicit privacy and terms of service pages, which are important for compliance and user trust. Security posture is generally good with standard protections, though DNSSEC is not enabled, representing a minor security gap. Overall, the site is professional, trustworthy, and well-positioned within its niche, but could improve privacy compliance and security transparency.

P

Privacy service provided by Withheld for Privacy ehf

itsfoss.community

0

It's FOSS Community is a specialized online forum dedicated to desktop Linux users and readers of the It's FOSS website. Established in 2017, it serves as a niche community platform for Linux enthusiasts to share knowledge, seek help, and discuss open source technologies. The platform is powered by Discourse, a modern forum software, and hosted via NameCheap with domain privacy protection enabled. The community is active with a variety of topics ranging from Linux distributions to hardware and software troubleshooting. The business model centers around community engagement and content sharing rather than direct commercial sales.

R

Rumble

rumble.com

0

Rumble is a well-established video hosting and streaming platform founded in 1998, serving content creators and viewers seeking an alternative to mainstream video services. The platform offers video hosting, streaming, and monetization services, positioning itself as a media company with a focus on free speech and creator empowerment. Technically, the website is hosted on Amazon AWS infrastructure and uses modern web technologies including JavaScript and web fonts. Facebook Pixel is used for analytics and tracking, indicating moderate user tracking practices. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, and does not publish security or privacy policies on the main page. The absence of privacy and cookie policies and contact information reduces privacy compliance and business transparency scores. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security disclosures.

R

Ruptly

ruptly.agency

0

Ruptly is a media agency specializing in video content distribution, targeting registered users who require access to their services. The website functions primarily as a login portal restricting access to authorized users, with contact provided via email for further inquiries. The business operates in the media sector and appears to be a medium-sized entity based in Russia, although the domain WHOIS data shows privacy protection and an anomalous future creation date, which raises some concerns about registration transparency. Technically, the website employs modern frontend technologies including React, service workers, and Cloudflare DNS hosting. It uses Yandex Metrika for analytics and tracking, indicating moderate user tracking practices. The site is mobile optimized and includes accessibility features, but SEO optimization and content richness are basic. The cookie consent mechanism is present and functional, though no privacy policy or terms of service are visible, which impacts compliance. From a security perspective, HTTPS is enforced and the domain status includes clientTransferProhibited, which are positive indicators. However, no DNSSEC is enabled, no security headers are detected, and there is no published security policy or incident response information. The domain's privacy protection and unusual creation date reduce trustworthiness somewhat. Overall, the security posture is moderate but could be improved with better transparency and security controls. The overall risk assessment suggests a functional but basic media content platform with moderate security and privacy compliance. Strategic recommendations include enabling DNSSEC, publishing privacy and security policies, adding security headers, and clarifying domain registration details to enhance trust and compliance.

A

ANO “TV-Novosti”

gw2ru.com

0

Gateway to Russia is a media and educational platform focused on Russian language learning, culture, history, travel, and lifestyle. It is presented as a project by ANO “TV-Novosti” with financial support from the Russian Ministry of Digital Development, Communications, and Mass Media. The website offers free content including articles, videos, and language courses targeting a global audience interested in Russia. The site is professionally designed with consistent branding and a clear navigation structure, supporting multiple languages and social media presence.

P

Privacy protection service - whoisproxy.ru

arteldoc.tv

0

RT.DOC is a Russian-based online streaming platform specializing in documentary films and series from around the world. The platform offers free access to high-quality documentary content covering history, culture, science, sports, and politics, targeting a general audience interested in educational and cultural media. It supports multiple languages including Russian, English, and Chinese, enhancing accessibility for a broader user base. The business model centers on free streaming with optional user registration to enable personalized features such as watchlists and ratings. The platform is relatively new, with domain registration in May 2024, indicating a recent market entry.

M

mCloud doo

rt.rs

0

RT Balkan is a Serbian language news media website operated by mCloud doo, established in 2012. It provides daily updated news content focused on Serbia, the Balkan region, and global events, including live TV streaming and program schedules. The website leverages modern web technologies such as React and lazy loading for performance optimization. It maintains an active presence on major social media platforms including Instagram, Telegram, Facebook, Twitter, and TikTok, enhancing its reach and engagement. The domain registration details align well with the website's regional focus, indicating legitimacy and consistency.

北

北京衮雪科技有限公司

x-mol.com

0

X-MOL is a Chinese academic platform focused on chemistry and related scientific disciplines, providing a comprehensive suite of services including paper search, industry news, global mentor listings, and research group tools. The platform targets researchers, academics, and students, positioning itself as a leading resource in the Chinese scientific community. The business operates under Beijing Gunxue Technology Co., Ltd., established in 2014, and maintains a medium-sized presence with consistent branding and professional content. Technically, the website employs modern front-end technologies such as Bootstrap, RequireJS, and Font Awesome, ensuring a responsive and user-friendly experience. SEO practices are well implemented, and the site is mobile-optimized. However, accessibility features are basic and could be improved. The site uses HTTPS with good SSL configuration but lacks important security headers, which could be enhanced to improve security posture. From a security perspective, the site shows no signs of vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies indicates compliance gaps, especially regarding GDPR and data protection regulations. WHOIS data for the domain is unavailable, which raises some concerns about domain registration transparency, although the website content and business information appear legitimate. Overall, the site is professional, content-rich, and trustworthy for its target audience but would benefit from improved privacy compliance, enhanced security headers, and clearer domain registration transparency to strengthen its security and trustworthiness.

S

Space

space.com

0

Space.com is a well-established online media platform specializing in space exploration, astronomy, and related scientific news. It serves a broad audience of space enthusiasts and the general public interested in space science. The website offers news articles, videos, product reviews, and educational content, positioning itself as a leading source in its niche. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager, and a CDN infrastructure provided by Future plc, ensuring fast performance and excellent mobile optimization. Security-wise, the site enforces HTTPS and likely uses standard security headers, but lacks publicly available detailed security policies or incident response contacts. The absence of WHOIS data is a notable anomaly but does not detract significantly from the site's legitimacy given its strong brand presence and professional operation. Overall, Space.com demonstrates a mature digital presence with good security posture and privacy compliance, though improvements in transparency around security and contact information are recommended.

I

Interesting Engineering

interestingengineering.com

0

Interesting Engineering is a well-established online media platform founded in 2011, specializing in engineering, technology, and science news. The website offers a rich variety of content including articles, videos, podcasts, and an engineers directory, targeting a broad audience interested in innovation and technology trends. The business model is primarily advertising-supported with additional revenue streams from subscriptions and an e-commerce shop. Technically, the site leverages modern frameworks such as Next.js and React, with Cloudflare DNS and multiple analytics and advertising integrations, indicating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though DNSSEC is not enabled and no explicit security policy or incident response page was found. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is professional, trustworthy, and well-optimized for performance and SEO.

M

MyPrivacy.net

mangadex.org

0

MangaDex is a well-established online manga reading platform founded in 2018, operated under the organization MyPrivacy.net based in Canada. It offers free access to manga content with high-quality images and no advertisements, supporting scanlation groups and fostering a community through forums and user groups. The platform targets manga readers and fans of anime and manga, providing a rich catalog of titles with community engagement features. Technically, the site leverages modern web technologies including Vue.js and Nuxt.js frameworks, and integrates Google Analytics and Tag Manager for user behavior tracking. The website is mobile-optimized and provides a good user experience with clear navigation and professional design.