Security Directory

S

Anders · Work smart, not hard

spirit55555.dk

0

The website spirit55555.dk is a personal professional portfolio for Anders G. Jørgensen, a technology professional based in Copenhagen, Denmark, working at One.com. The site highlights his personal projects related to Minecraft server tools and provides contact information and social media links. The business model is personal branding and showcasing technical expertise. The site is small scale and targets a general audience interested in technology and gaming tools. Technically, the website uses modern frontend technologies including Bootstrap and FontAwesome delivered via CDN, hosted on One.com. The site is mobile optimized with a clean and consistent design, though accessibility and SEO optimizations are basic. No CMS or analytics tools are detected, indicating a lightweight and privacy-conscious setup. From a security perspective, the site lacks several best practices such as DNSSEC, security headers, and privacy or cookie policies. No incident response or vulnerability disclosure information is provided. The domain is well established since 2007, registered with a reputable registrar, and consistent with the website content, indicating legitimacy. No WAF or blocking mechanisms are detected. Overall, the site is safe and professional but could improve its security posture and privacy compliance. The risk level is low given the limited data collection and personal nature of the site. Strategic improvements in security headers, privacy policies, and DNS security would enhance trust and compliance.

B

British Acoustic Neuroma Association CIO

bana-uk.com

0

The British Acoustic Neuroma Association (BANA UK) is a UK-based non-profit organization dedicated to supporting individuals affected by Acoustic Neuroma, a type of brain tumor. The website serves as an information hub and community platform offering resources, support groups, events, and membership benefits. It targets patients, their families, and support networks, positioning itself as a specialized charity in the healthcare sector. The organization is registered as a charity in the UK, enhancing its credibility. Technically, the website is built on WordPress with modern plugins such as Modern Events Calendar and Contact Form 7, and uses Bootstrap for responsive design. It integrates Google Analytics and Google reCAPTCHA v3 for analytics and security. Hosting appears to be via Bitnami WordPress stack. The site demonstrates good mobile optimization and SEO practices, though accessibility is basic. Performance is moderate, with room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks visible security headers and explicit incident response or security policy pages. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy and cookie policies are present and appear comprehensive, but cookie consent is not implemented. WHOIS data for the domain is missing, which is unusual and reduces trust slightly, though the website content and charity registration support legitimacy. Overall, the site is a well-maintained, professional charity website with good content quality and business credibility. Security posture is solid but could be enhanced with additional headers and policies. The absence of WHOIS data is a concern but does not outweigh the positive trust indicators. Strategic improvements in privacy compliance and security transparency are recommended to strengthen trust and compliance.

T

TRABIT

trabit.eu

0

TRABIT is a European interdisciplinary training network focused on computational brain imaging in clinical applications. The website serves as an information portal for the consortium, providing details about training events, researchers, and project results. The project is funded by the European Union's Horizon 2020 program under a Marie Sklodowska-Curie grant, positioning it as a credible academic initiative in healthcare and technology sectors. The target audience includes researchers, clinicians, and industry professionals involved in neuroimaging and brain health. Technically, the site is built on Joomla CMS with common web technologies like jQuery, Bootstrap, and UIkit, offering moderate performance and good mobile optimization. Security posture is basic with HTTPS implied but lacking explicit security headers and privacy compliance documentation. No blocking or WAF mechanisms were detected, and content is fully accessible and safe for general audiences.

The Surgery CDT website represents the EPSRC Centre for Doctoral Training in Advanced Engineering for Personalised Surgery & Intervention, affiliated with King's College London and funded by EPSRC. It serves as an academic and research platform targeting doctoral students and researchers in personalised surgery and intervention. The website provides information about projects, teams, cohorts, partners, and application procedures, reflecting a specialized educational and research focus. Technically, the site is built on WordPress using the Divi theme, leveraging common web technologies such as jQuery and Google Fonts. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices evident in meta tags and structured data. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though security headers are absent and could be improved. Privacy and cookie policies are missing, which is a compliance gap. The WHOIS data is notably absent, which raises concerns about domain registration legitimacy despite the professional and trustworthy content. Overall, the site is functional, professional, and safe for general audiences but would benefit from enhanced privacy compliance and security best practices.

The website represents the Medical Research Council Doctoral Training Partnership in Biomedical Sciences at King's College London, providing doctoral training and research opportunities in biomedical sciences. The site is professionally designed using WordPress with the Divi theme and includes detailed program information and multimedia content. The technical infrastructure is modern and well-maintained, hosted under King's College London DNS servers, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements can be made by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the domain registration and WHOIS data are consistent and trustworthy, reflecting a legitimate academic institution.

C

Contact Privacy Inc. Customer 0169240283

pony.directory

0

Pony.directory is a niche community directory website dedicated to the My Little Pony fandom. It aggregates and categorizes a wide variety of fan-related websites including blogs, art boards, fanfiction, games, conventions, and community forums. The site targets MLP fans seeking a centralized resource for fandom content and community engagement. Technically, the site is built using modern web technologies such as SvelteKit and modular JavaScript, hosted with DNS services from NS1 and Squarespace DNS. The site is mobile optimized and offers clear navigation and well-structured content. Security posture is moderate; the site uses HTTPS but lacks DNSSEC and security headers, and does not publish privacy or cookie policies. The domain is recently registered with privacy protection, which is typical for small community sites. Overall, the site is functional, safe, and serves its community well but would benefit from improved privacy and security disclosures.

The website 'Twilight Sparkle's Secret Shipfic Folder Online' is a niche community platform dedicated to hosting and playing the TSSSF game online. It provides resources such as rulebooks, FAQs, card references, and community links to Discord and Reddit, fostering player engagement. The site is small-scale and community-driven, with a focus on fan interaction rather than commercial enterprise. The domain is relatively new, registered in 2020, consistent with the site's beta status and niche audience. Technically, the site uses basic HTML, CSS, and JavaScript without advanced frameworks or CMS. Hosting details are not explicit but the domain registrar is Squarespace Domains II LLC, and DNS is managed via Google Cloud DNS. The site is mobile-optimized with good navigation and design quality but lacks advanced SEO and accessibility features. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site lacks visible HTTPS enforcement details and security headers, and DNSSEC is not enabled. The domain status includes protections against unauthorized transfer or deletion, which is positive. However, the absence of privacy, cookie, and terms of service policies indicates compliance gaps. No contact or incident response information is provided, limiting transparency and trust. Overall, the website is functional and serves its community well but should improve security posture and compliance documentation to enhance trust and protect users. Strategic recommendations include enabling DNSSEC, implementing HTTPS with security headers, publishing privacy and cookie policies, and providing clear contact information for support and security incidents.

Ponymusic Wiki is a niche, community-maintained online database focused on pony music tracks, artists, albums, and related metadata. It serves a specialized audience of pony music fans and contributors, offering features such as data export, import tools, and API documentation. The website is relatively new, founded in 2022, and hosted via Squarespace Domains with a privacy-protected WHOIS registration. The site uses modern web technologies including the Svelte framework, providing a good user experience with clear navigation and mobile optimization. However, it lacks formal privacy and cookie policies, and no contact or business information is provided, which limits its compliance and trustworthiness from a regulatory perspective. Security-wise, HTTPS is enabled but advanced security headers and DNSSEC are missing, indicating room for improvement in hardening the site against common web threats.

H

HexBrain

hexbrain.com

0

HexBrain is a small, specialized web development agency based in Ukraine, founded in 2013. The company focuses on Magento e-commerce development and custom PHP programming, offering a comprehensive range of services including consulting, web design, project management, and system administration. Their market position is strengthened by multiple Magento and Zend certifications and active participation in industry conferences such as Meet Magento. The website content is professional and well-structured, targeting businesses seeking tailored e-commerce solutions. Technically, the website is built on GravCMS using the Foundation framework and jQuery, with Google Analytics integrated for user tracking. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Hosting appears to be managed via NameCheap, consistent with the domain registrar information. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks important security headers and DNSSEC is not enabled, representing areas for improvement. No privacy or cookie policies are published, indicating compliance gaps with GDPR and related regulations. Incident response and vulnerability disclosure mechanisms are absent, which could impact trust and security readiness. Overall, HexBrain presents a credible and professional online presence with solid business credibility and technical implementation. To enhance security posture and regulatory compliance, the company should implement privacy and cookie policies, add security headers, enable DNSSEC, and consider publishing security and incident response information.

SankeyMATIC is a niche online tool focused on enabling users to create Sankey diagrams easily and visually. It targets a broad audience including analysts, educators, and anyone interested in visualizing flow data such as budgets, elections, or financial results. The website is small-scale, independently produced by Steve Bogart, and offers free access without requiring user registration. The business model relies on voluntary contributions and advertising revenue via Google AdSense. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and the D3.js library for rendering diagrams. Hosting is provided by pair Networks, Inc. The site is moderately optimized for performance and mobile use, with good SEO practices and basic accessibility features. The source code is openly available on GitHub, enhancing transparency and trust. From a security perspective, the site uses HTTPS but lacks advanced security headers and DNSSEC is not enabled, which could be improved. No forms or user data collection mechanisms are present, reducing attack surface. Privacy compliance is basic with a privacy policy present but no cookie consent or GDPR-specific statements. No incident response or vulnerability disclosure policies are published. Overall, SankeyMATIC presents a trustworthy and professional web presence with a clear focus on its specialized service. Security and privacy practices could be enhanced to align with modern standards, and adding contact information and terms of service would improve business credibility and compliance.

Mutant Standard is a small creative project focused on delivering an experimental emoji set with diverse and inclusive themes such as LGBT, queer, furry, and cyberpunk. The website serves as a distribution and demo platform for these emoji assets, targeting niche communities interested in alternative emoji representations. The business operates independently with no visible parent or subsidiary companies and maintains a consistent brand identity centered around creativity and inclusivity. Technically, the website is built with standard modern web technologies including HTML5, CSS3, SVG, and optimized image formats like WebP. It is mobile responsive and offers a good user experience with clear navigation. However, the site lacks advanced frameworks or CMS platforms and does not implement common security headers or analytics tools, indicating a lightweight and minimalistic technical infrastructure. From a security perspective, the site uses HTTPS (implied by domain registrar and modern web standards) but lacks explicit security headers and privacy policies, which reduces its compliance posture. No forms or data collection mechanisms are present, minimizing attack surface but also limiting user engagement features. The domain is privacy protected but legitimate, with a registration date consistent with the business age. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is a niche, well-designed creative project with moderate technical maturity and limited security controls. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and security posture.

The website onenetbeyond.org is currently inaccessible or blocked, presenting only a minimal placeholder page with the message: 'You have reached this page because your request could not be properly identified.' This prevents any meaningful extraction of business or service information from the site itself. The domain is registered to Associazione AI ODV, a French organization, with a long registration history dating back to 2005, indicating an established entity. However, the lack of accessible content and absence of privacy, cookie, or contact information significantly limit the ability to assess the business model or market position. From a technical perspective, no information about the technology stack, CMS, or hosting beyond the nameservers is available. The site appears to be hosted on servers related to investici.org. No security headers or SSL configuration details were provided, and no analytics or tracking technologies were detected. The minimal content and lack of metadata suggest poor SEO and user experience. Security posture evaluation is constrained by the lack of accessible content and technical data. No privacy policies, incident response contacts, or security frameworks are evident. The domain registration data is consistent and legitimate, but the absence of website content and security best practices lowers the overall trust and security score. The site is likely behind a generic blocking mechanism or misconfigured server, resulting in a low AI score and high risk for users seeking information. Overall, the website requires significant improvements in accessibility, content provision, security policies, and compliance documentation to be considered trustworthy and professional.

S

saursvepur

saursvepur.xyz

0

The website saursvepur.xyz is a personal portfolio and content platform for an individual named Slava, a 23-year-old streamer, musician, and IT enthusiast from Russia. The site showcases personal projects, music tracks, and social media links, targeting a general audience interested in streaming and music content. The domain is relatively new, registered in early 2023, and uses privacy protection common for personal sites. Technically, the site uses modern web technologies including custom WebGL shaders for visual effects, but lacks advanced frameworks or CMS. Performance and mobile optimization are moderate, with basic accessibility and SEO features. Security posture is weak due to absence of HTTPS enforcement details, security headers, and privacy policies. No forms or data collection mechanisms are present, reducing attack surface but also limiting user interaction. Overall, the site is functional and visually appealing but requires improvements in security and compliance to enhance trust and professionalism.

S

Silver4ok "Cheat Engine" Olo4eka

pastcard.su

0

Pastcard.su is a personal blog operated by Silver4ok "Cheat Engine" Olo4eka, focusing on gaming, personal stories, and music content primarily for a Russian-speaking audience. The site is built using the Hugo static site generator and hosted by BEGET-SU, with a domain registered recently in December 2024. The blog features regular posts with a moderate level of content quality and user engagement through social media links. Technically, the site is moderately optimized with basic mobile responsiveness and SEO, but lacks advanced security headers and privacy compliance mechanisms. No privacy or cookie policies are present, and no direct contact information is provided, which limits business credibility and privacy compliance. Security posture is basic, with no detected vulnerabilities but also no advanced protections. Overall, the site is safe for general audiences and does not contain adult or explicit content.

The website www3.rinici.de is a parked domain landing page primarily designed to advertise the domain rinici.de for sale. It lacks substantive business content, contact information, or any service offerings. The site relies heavily on advertising scripts and tracking technologies, with minimal user-facing content. Technically, the site uses standard HTML and JavaScript with external ad and tracking services, hosted via Amazon Cloudfront CDN. There is no evidence of HTTPS or security headers, and privacy compliance is minimal, with only a basic privacy policy accessible via a popup. The security posture is weak due to lack of HTTPS and absence of security best practices. Overall, the site presents a low trust profile and limited business credibility.

K

katlyn

katlyn.dev

0

The website katlyn.dev is a personal portfolio site primarily focused on coding and related projects. The content is minimal but well structured, presenting a clear personal brand with links to social and development platforms such as GitHub, Mastodon, and Matrix. The site targets a general audience interested in technology and coding, likely peers or potential collaborators. The business model appears to be personal branding rather than commercial operations, with no direct sales or service offerings evident. Technically, the site uses standard HTML5 and CSS3 with custom fonts hosted on a static subdomain, indicating a lightweight and fast-loading infrastructure. There is no evidence of a CMS or complex frameworks, suggesting a static or custom-built site. Mobile optimization and accessibility are basic but adequate for the site's scope. No analytics or advertising technologies are detected, reflecting a privacy-conscious or minimalistic approach. From a security perspective, the site lacks visible security headers and does not provide privacy, cookie, or terms of service policies, which limits compliance with GDPR and other regulations. No contact information or incident response channels are provided, reducing transparency and trust. However, no vulnerabilities or malicious content are detected in the provided HTML content. The absence of forms or data collection reduces attack surface but also limits user engagement features. Overall, the site presents a low-risk profile but would benefit from improved security practices, privacy compliance, and contact transparency to enhance trustworthiness and professionalism.

S

Sublime HQ Pty Ltd

sublimemerge.com

0

Sublime Merge is a cross-platform Git client developed by Sublime HQ Pty Ltd, the makers of Sublime Text. The website presents a professional and polished interface targeting developers and software professionals who require a powerful Git GUI client with features like line-by-line staging, commit editing, and syntax highlighting. The product is positioned as a high-performance tool with seamless Git integration across Mac, Windows, and Linux platforms. The website content is rich, well-structured, and consistent with the Sublime brand, indicating a focused business model based on software sales and licensing. Technically, the website employs modern web standards including HTML5, CSS3, JavaScript, and uses JSON-LD structured data to enhance SEO and semantic understanding. The site is responsive and optimized for multiple platforms, providing a fast and smooth user experience. However, there is no evidence of advanced frameworks or CMS usage, suggesting a custom-built or lightweight site architecture. From a security perspective, the site lacks visible security headers and does not provide privacy, cookie, or terms of service policies, which are important for compliance and user trust. The WHOIS data for the domain is missing or indicates the domain may be unregistered or expired, which raises concerns about domain legitimacy despite the professional appearance of the site content. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website demonstrates strong business credibility and technical maturity but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trustworthiness and regulatory adherence.

Sublime HQ Pty Ltd is a small Australian technology company specializing in developing remarkable software products, notably Sublime Text and Sublime Merge, which cater primarily to software developers and technical professionals. The website presents a minimal but professional front showcasing these products with consistent branding and clear navigation. However, the lack of detailed company information, contact details, and policy documents limits the depth of user engagement and trust signals. Technically, the website uses standard HTML5 and CSS3 with external stylesheets, but lacks advanced frameworks or CMS platforms. Performance and mobile optimization are basic but functional. No analytics, tracking, or advertising scripts were detected, indicating a privacy-conscious or minimalistic approach. Security features such as HTTPS status and security headers could not be confirmed from the provided data, but no WAF or blocking mechanisms were detected. From a security and compliance perspective, the absence of WHOIS registration data is a notable concern, as it raises questions about domain legitimacy and ownership transparency. The website lacks privacy, cookie, and terms of service policies, which are critical for GDPR and other regulatory compliance. No incident response or vulnerability disclosure information is available, limiting the security posture assessment. Overall, the site appears safe with no adult or questionable content but would benefit from enhanced security and compliance measures. The overall risk assessment suggests moderate trustworthiness with room for improvement in transparency, security best practices, and compliance documentation. Strategic recommendations include implementing HTTPS with strong SSL/TLS, publishing privacy and cookie policies, adding contact and incident response information, and improving WHOIS registration visibility to enhance legitimacy and user trust.

J

Joshua Barrett

ptnote.dev

0

PT_NOTE is a personal website and blog operated by Joshua Barrett, focusing on personal writing and project showcases. The site targets general internet users interested in personal content rather than commercial services. The website is built using the Zola static site generator, employing standard web technologies such as HTML, CSS, and JavaScript. The technical infrastructure is simple and lightweight, with moderate performance and basic mobile optimization. No advanced CMS or hosting provider details are evident. Security posture is basic; no security headers or incident response contacts are present, and privacy compliance is minimal due to the absence of privacy and cookie policies. The site uses HTTPS (assumed from domain), but no explicit security headers were detected in the HTML content. Overall, the site is safe, with no adult or questionable content detected, and minimal user tracking or advertising. The domain registration is privacy protected, which is appropriate for a personal blog. The website demonstrates moderate trustworthiness but lacks formal business or compliance documentation.

Pixilic.com is a personal technical blog operated by Hunter Fuller, focusing on topics such as networking, Linux, VoIP, and home automation. The site serves a niche audience of technology enthusiasts and IT professionals, providing detailed blog posts, tutorials, and talks. The business model is content publishing without apparent commercial transactions or services. The domain has been registered since 2009, indicating a stable and long-term presence. Technically, the website is built on WordPress 6.4.5 using the JupiterX Lite theme, with jQuery and standard web technologies. The site is hosted likely via NameCheap, with HTTPS enabled and moderate performance. Mobile optimization and accessibility are basic to good, with room for improvement in SEO and security headers. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and important security headers. No privacy or cookie policies are present, which is a compliance gap. No contact or incident response information is provided, limiting trust and transparency. Overall, the site is trustworthy and safe, with good content quality but limited privacy and security compliance. Strategic improvements in privacy policies, security headers, and contact transparency would enhance the site's credibility and compliance.

P

pineconet

pineco.net

0

The website pineco.net is a personal portfolio site representing an undergraduate student named pinecone, who is pursuing an interdisciplinary degree at the University of Washington. The site serves primarily as a showcase of personal interests, projects, and social links rather than a commercial business. The content is basic and focused on personal expression with no commercial or transactional elements. The domain was registered in 2020, consistent with the stated personal timeline. Technically, the site is a simple static HTML and CSS implementation using Google Fonts. There is no evidence of advanced frameworks, CMS, or analytics tools. The site appears to be hosted via NameCheap, the registrar, with no DNSSEC enabled and no visible security headers or HTTPS status provided. Performance and mobile optimization are basic but functional. From a security perspective, the site lacks critical elements such as privacy and cookie policies, security headers, and incident response contacts. The domain registration is consistent and legitimate for a personal site, but the absence of HTTPS and security best practices lowers the security posture. No vulnerabilities or malicious content were detected. Overall, the site is low risk but also low in professionalism and security maturity. Strategic recommendations include enabling HTTPS, adding privacy and cookie policies, implementing security headers, and providing incident response information to improve trust and compliance.

D

Diamondburned

libdb.so

0

The website libdb.so is a personal portfolio site for Diamond, a software engineer at Google with over five years of experience. The site highlights her passion for open source, showcases her projects, professional experience, and provides multiple social media and contact links. The site is well-structured, visually appealing, and optimized for performance and mobile devices, reflecting a high level of technical maturity. Security-wise, the site uses HTTPS and Cloudflare DNS but lacks explicit security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the site presents a trustworthy and professional image but would benefit from enhanced privacy compliance and security best practices to align with industry standards.

M

Mike Klubnika

mikeklubnika.com

0

Mike Klubnika is an indie game developer specializing in experimental and atmospheric games with dystopian themes. The website serves as a hub for showcasing game projects, updates, logs, and community engagement primarily through Discord and Steam. The business operates on a small scale, targeting niche gamers interested in unique indie experiences. Technically, the website is built with standard web technologies (HTML, CSS, JavaScript) and hosted via NameCheap, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS enabled but lacking security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional for its scale but would benefit from enhanced security and compliance measures.

The website jkap.io is a personal blog and online presence of an individual named Jae Kaplan, who is a former CEO of Posting at cohost and currently working on a chat app. The site serves as a platform for sharing blog posts, personal updates, and links to social media profiles. It targets a general audience interested in technology and personal content. The business model is primarily personal branding and content sharing with no commercial transactions evident. The domain is well aged since 2014 and uses privacy protection typical for personal sites. Technically, the site is built on Bear Blog platform with modern web technologies including htmx and lite-youtube-embed for enhanced user experience. It is hosted behind Cloudflare DNS with HTTPS enabled, ensuring good performance and mobile optimization. SEO and accessibility are basic but adequate for a personal blog. However, no advanced security headers or privacy policies are implemented. From a security perspective, the site uses HTTPS and domain status protections but lacks DNSSEC and security headers, which are recommended for improved security posture. No forms or sensitive data collection are present, reducing attack surface. Privacy compliance is low due to absence of privacy and cookie policies. No incident response or vulnerability disclosure information is provided. Overall, the site is low risk with good content quality and moderate trustworthiness. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, and improving contact mechanisms to enhance trust and compliance.

The website brambleshadow4.net is a personal hobby site maintained by a software developer who shares various personal projects including music, blog posts, fonts, and coding projects. The site is explicitly described as non-professional and serves as a personal portfolio and creative outlet rather than a commercial business. The domain is registered since 2017 and is consistent with the website's stated history. The site is hosted with standard DNS services and uses basic web technologies such as HTML, CSS, and JavaScript without any major frameworks or CMS detected. From a technical perspective, the website is functional with moderate performance and basic mobile optimization. However, it lacks advanced SEO, accessibility features, and modern security headers. The domain registration includes standard protections but does not enable DNSSEC, which could be improved. No privacy, cookie, or terms of service policies are present, and no contact information or incident response details are provided, indicating low privacy compliance and limited business credibility. Security posture is basic with no detected vulnerabilities or exposed sensitive data, but the absence of security headers and policies reduces the overall security maturity. The site is accessible without WAF or security challenges and contains safe, family-friendly content. Overall, the website scores moderately due to its personal nature and limited professional or security features. Strategic recommendations include enabling DNSSEC, adding privacy and cookie policies, implementing security headers, and providing contact and incident response information to improve trust and compliance.

P

Private by Design, LLC

wolfgirl.systems

0

wolfgirl.systems is a small, volunteer-run community project hosting multiple Linux systems running NixOS across global points of presence. It aims to provide a comfortable and private environment for invited friends, emphasizing a non-profit and abuse-resistant model. The website content is clear and focused on technical and community aspects without commercial intent. Technically, the site uses modern web technologies including JavaScript libraries for search and syntax highlighting, and is designed with responsive and accessible features, though some accessibility and SEO optimizations remain basic. Security posture is moderate; while the domain uses protective domain status flags and HTTPS is implied, there is no DNSSEC or security headers implemented, and no formal privacy or cookie policies are published. Incident response is partially addressed with an abuse contact email provided. Overall, the site is trustworthy for its niche audience but would benefit from enhanced security and compliance documentation.

H

Haylin Moore

haylinmoore.com

0

Haylin Moore's website serves as a personal professional portfolio and technical blog highlighting his expertise as a software and network engineer. The site features detailed descriptions of his current and past roles at reputable technology companies, alongside open source projects and technical writings. The target audience includes technology professionals and open source enthusiasts. The business model is centered on personal branding and knowledge sharing rather than commercial transactions. Technically, the website is built using modern web standards with HTML5, CSS3 (Pure.css framework), and JavaScript. It is mobile-optimized and performs well with fast loading times. The site uses HTTPS, ensuring secure connections, but lacks explicit security headers and privacy policies. No analytics or tracking scripts are present, indicating a privacy-conscious approach. From a security perspective, the site demonstrates good baseline practices such as HTTPS usage and absence of user input forms, reducing attack surface. However, it lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is privacy protected, which is appropriate for a personal site, and no suspicious patterns were detected. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements include adding privacy and cookie policies, security headers, and contact information to enhance compliance and trust.

The website lyra.horse is a personal portfolio and blog site belonging to Lyra Rebane, focusing on creative audiovisual web experiences, infosec topics, and various digital tools. The site targets a general audience interested in technology, creative coding, and information security. The business model is primarily personal branding and content sharing, with a small-scale presence in the technology sector. The domain is registered under a privacy protection service, which is typical for personal websites and does not detract from legitimacy. Technically, the site is built with clean HTML5 and CSS3, with no detected CMS or complex frameworks. It performs well with good mobile optimization and basic accessibility features. SEO is basic but sufficient for a personal site. Hosting details are limited but the domain registrar is Porkbun, a reputable provider. No advanced analytics or tracking technologies are detected, indicating a privacy-conscious approach. From a security perspective, the site lacks several best practices such as security headers and DNSSEC, and no privacy or cookie policies are present, which impacts compliance and trust. The domain status flags clientDeleteProhibited and clientTransferProhibited add a layer of domain security. No forms or data collection mechanisms reduce attack surface but also limit user interaction. Overall, the security posture is moderate but could be improved with standard headers and policies. The overall risk is low given the personal nature and limited data collection, but improvements in privacy compliance and security hardening are recommended to enhance trust and protect visitors. The site is accessible without WAF or blocking mechanisms, allowing full content analysis.

MrBruh.com is a personal blog operated by Paul, a young programmer and aspiring cybersecurity professional from New Zealand. The site focuses on sharing technical blog articles related to cybersecurity vulnerabilities, malware analysis, and programming insights. The blog targets gamers and cybersecurity enthusiasts, providing niche content in the technology sector. The website is built using the Hugo static site generator and hosted by Privex, with DNS managed via Cloudflare. The domain is registered with Tucows Domains Inc. and is relatively new, consistent with the stated founding year of 2023. Technically, the website is well-structured with good mobile optimization and accessibility. However, it lacks advanced SEO optimization and security headers. The site uses HTTPS but does not enable DNSSEC, and no privacy or cookie policies are present. There are no analytics or tracking scripts detected, indicating minimal user tracking. Contact information is provided via email and Signal, but no forms or other data collection mechanisms are present. From a security perspective, the site benefits from domain transfer protections but lacks important security headers and DNSSEC, which could improve its security posture. No vulnerabilities or exposed sensitive data were detected in the content. The absence of privacy and cookie policies indicates non-compliance with GDPR and other privacy regulations. Overall, the site is safe for general audiences and does not contain adult or explicit content. The overall risk is low given the personal blog nature, but improvements in security headers, privacy compliance, and DNS security are recommended to enhance trust and protection against potential threats.

S

Smokepowered

smokepowered.com

0

Smokepowered.com is a newly established website (created May 2023) focused on smoking culture, specifically blunt discussion and wrapping. The site features minimal content including a video montage and references to Valve Corporation trademarks, possibly as thematic or stylistic elements. The target audience appears to be mature users interested in cannabis and smoking culture. Technically, the site is basic with HTML and CSS, hosted with DNS servers from Hurricane Electric, but lacks modern security features such as HTTPS and security headers. No privacy or cookie policies are present, and no contact or business information is provided, limiting trust and compliance. Security posture is weak due to missing HTTPS and security best practices. Overall, the site is functional but minimal and lacks professional security and compliance measures.

K

Kamila Szewczyk

iczelia.net

0

The website iczelia.net is a personal technical blog authored by Kamila Szewczyk, focusing on topics such as mathematics, cryptography, programming languages, and technology. It serves a niche audience interested in these academic and technical subjects. The site offers blog posts, a personal journal, a short CV, and access to a personal Git repository. The business model is primarily content publishing and knowledge sharing without commercial services or e-commerce. Technically, the website is built using the Hugo static site generator and uses KaTeX for rendering mathematical notation. Hosting appears to be managed via Name.com, the domain registrar. The site is moderately optimized for mobile devices and has a clean, consistent design with good navigation. However, SEO and accessibility features are basic, and no advanced frameworks or platforms are detected. From a security perspective, the site lacks critical security headers and DNSSEC is not enabled. The WHOIS data shows an anomalous domain creation date set in the future, which raises concerns about registration legitimacy. No privacy, cookie, or terms of service policies are present, and no contact information or incident response details are provided. There is no evidence of analytics or advertising scripts, indicating minimal user tracking. Overall, the website is safe and suitable for a general audience with no adult or questionable content. The main risks relate to domain registration inconsistencies and lack of security best practices. Strategic improvements in security headers, DNSSEC, privacy compliance, and contact transparency would enhance trust and compliance.

S

spooky ghost zone

spookyghost.zone

0

The website spookyghost.zone is a personal site operated by an individual named Valerie, focusing on sharing personal interests such as music and a curated list of physical albums. It is a small-scale, hobbyist site without commercial intent or business operations. The site is hosted on Hetzner servers with privacy-protected WHOIS registration, consistent with a personal project started in early 2023. Technically, the site uses basic HTML, CSS, and JavaScript with minimal external dependencies and no CMS detected. The site is accessible over HTTPS but lacks advanced security headers and formal privacy or cookie policies. No contact information or business credentials are provided, limiting trust and credibility from a business perspective. Security posture is basic but acceptable for a personal site, with recommendations to improve DNS security and add security headers. Overall, the site is safe for general audiences and contains no adult or explicit content.

The website vin.pet appears to be a small personal or hobby site with a focus on gaming and digital content, as indicated by references to Steam game launch URLs and various gaming-related images. There is no clear business model or commercial activity evident from the content. The site is modest in design and content, lacking professional business information, contact details, or compliance policies. Technically, the site uses basic HTML and CSS with no detected modern frameworks or CMS. Mobile optimization and accessibility are poor, and SEO practices are minimal. Security posture is weak due to lack of HTTPS and security headers, and no privacy or cookie policies are present. The domain is registered with privacy protection through a reputable registrar, consistent with a small personal site. Overall, the site is safe with no adult or explicit content detected but lacks professionalism and security best practices.

Wito.bar is a small personal or community website centered around gaming and creative content, with a focus on social media engagement and content sharing. The site features links to multiple social platforms such as Twitter, YouTube, Twitch, Steam, and others, indicating an active online presence. The domain is relatively new, registered in early 2023, and uses privacy protection services consistent with a personal or small community site. The website design is basic with a retro aesthetic and limited mobile optimization. From a technical perspective, the site uses standard HTML and CSS with web fonts and is hosted behind Cloudflare DNS services. However, no advanced frameworks or CMS platforms are detected. Performance and accessibility are moderate to basic, with no detected analytics or advertising scripts, suggesting minimal tracking or marketing tools in use. Security posture is basic; HTTPS is implied but no security headers or DNSSEC are enabled. No privacy, cookie, or terms of service policies are present, and no contact or incident response information is provided, limiting compliance and transparency. No forms or data collection mechanisms are found, reducing attack surface but also limiting user interaction. Overall, the site is safe for general audiences with no adult or explicit content detected. The domain registration and website content are consistent, with no suspicious indicators. Strategic improvements include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing contact and incident response information to enhance trust and compliance.

The website nya.rest is a personal homepage for an individual known as SweetFade, who identifies as a local internet catgirl. The site primarily serves as a social hub linking to various social media platforms including Twitter, Mastodon, Telegram, GitHub, and GitLab. The content is minimal and personal in nature, with no commercial or business services offered. The domain was registered in 2022 and uses privacy protection services, which is consistent with personal use. The website employs WebGL shaders for visual effects, indicating some technical proficiency, but lacks advanced security features and compliance documentation such as privacy or cookie policies. The site is hosted behind Cloudflare DNS but does not have DNSSEC enabled.

G

Gender Census

gendercensus.com

0

Gender Census is a niche annual survey project focused on collecting data about language used by people outside the traditional gender binary. The website serves as a platform for survey participation, results publication, and community engagement. The project is small-scale, non-profit oriented, and supported by donations and sponsorships. Technically, the site is built on WordPress with common web technologies and demonstrates moderate performance and good mobile optimization. Security posture is generally good with HTTPS enforced, but lacks advanced security headers and cookie consent mechanisms. The absence of WHOIS data is a notable anomaly that reduces trustworthiness. Overall, the site is professional and trustworthy but could improve in privacy compliance and security transparency.

Q

Quitter

quitter.se

0

Quitter.se is a Swedish blog focused on social media transparency and critique, advocating for more open and honest social media platforms. The website operates on a WordPress CMS with Yoast SEO plugin, indicating a moderate level of digital maturity and SEO awareness. The content is well-structured, relevant, and targeted at a general audience interested in social media issues. Technically, the site uses HTTPS with a valid SSL certificate but lacks advanced security headers and DNSSEC, which are recommended for improved security. No privacy or cookie policies are present, which is a compliance gap. Contact information and security policies are also absent, limiting trust signals. Overall, the domain registration is consistent and legitimate, supporting the website's credibility.

The website gerzilla.de currently serves as a placeholder page indicating that a new website is under construction. There is no substantive business information, services, or content available to assess the company's market position or offerings. The technical infrastructure appears minimal, with no detected CMS, scripts, or analytics tools. Hosting is likely provided by netcup based on the nameservers. Security posture is weak due to the absence of HTTPS, security headers, and privacy policies. No contact or compliance information is present, limiting trust and credibility. Overall, the site is not yet operational and provides no meaningful data for business or security evaluation.

P

Private by Design, LLC

maggiepi.fyi

0

The website maggiepi.fyi is a personal site belonging to an individual named Maggie, a computer science student and technology enthusiast. The site serves primarily as a personal hub linking to Maggie's blog, social media, and technical interests. It provides detailed information about Maggie's interests, current desktop setup, and favorite media, targeting a general audience interested in technology and personal content. The site is small-scale and non-commercial, with no direct business services or e-commerce functionality. Technically, the site is built with basic HTML and CSS, uses Google Fonts, and is hosted with Cloudflare DNS services. The site is mobile responsive and has a moderate performance profile. However, it lacks advanced technical frameworks, CMS, or analytics tools. SEO and accessibility are basic but adequate for a personal site. From a security perspective, the site lacks critical security headers and does not have privacy or cookie policies, which impacts compliance and trust. The WHOIS data shows a suspicious future domain creation date, which reduces trustworthiness. No forms or data collection mechanisms are present, minimizing attack surface but also limiting user engagement. Overall, the security posture is basic with room for improvement in policy transparency and technical safeguards. The overall risk is low given the non-commercial nature and safe content, but the domain registration anomaly and lack of privacy policies suggest caution. Strategic improvements in security headers, privacy compliance, and domain registration transparency are recommended to enhance trust and security posture.

M

Mopigames

mopigames.gay

0

This website represents a personal portfolio and blog for an individual developer known as Mopigames, a lesbian MtF transgender girl living in France. The site serves as a personal branding platform with links to social media and community sites, targeting a general audience interested in technology and personal content. The domain is newly registered in 2024 with privacy protection, consistent with the personal nature of the site. Technically, the site uses standard HTML, CSS, and JavaScript with Cloudflare DNS services. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but no additional security headers or policies present. No privacy, cookie, or terms of service policies are found, indicating low privacy compliance. Contact information is clearly provided via email and social media links. No forms or data collection mechanisms are present, reducing risk exposure. The content is safe for general audiences with no adult or explicit material detected. Overall, the site is a small personal project with moderate professionalism and trustworthiness. Security and privacy improvements are recommended to enhance compliance and user trust.

B

miaowing

birb.cc

0

The website birb.cc is a personal portfolio site titled 'miaowing' representing a senior systems technician. It primarily serves as a personal presence showcasing sections such as about, projects, socials, hardware, and friends. The site targets technology enthusiasts or personal contacts rather than commercial customers. The business model is personal branding without commercial transactions or services. The site is small scale and niche with basic content quality and moderate branding consistency. Technically, the site uses standard HTML5, CSS, and JavaScript with no detected frameworks or CMS. The site is moderately performant with basic mobile optimization and accessibility features. There is no evidence of advanced SEO or analytics tools. Hosting and SSL details are not provided, limiting the assessment of infrastructure maturity. From a security perspective, the site lacks HTTPS confirmation, security headers, privacy policies, and incident response contacts. No forms or data collection mechanisms are present, reducing attack surface but also limiting user engagement. The security posture is minimal with recommendations to implement HTTPS, security headers, and privacy compliance measures. No vulnerabilities or malware indicators were detected. Overall, the site is low risk but also low maturity in security and privacy compliance. Strategic improvements include adding HTTPS, privacy and cookie policies, security headers, and incident response contacts to enhance trust and compliance. The site is safe for general audiences with no adult or questionable content detected.

The website for the domain tekeye.uk is currently inaccessible, presenting only an HTTP 503 Service Unavailable error page. Due to this, no meaningful content, metadata, or contact information is available for analysis. The domain is registered since 2015 with a reputable registrar, Netcetera Ltd, indicating a legitimate registration history. However, the lack of accessible website content severely limits the ability to assess the company's business model, services, or security posture. The technical infrastructure cannot be evaluated, and no security or privacy policies are detectable. Overall, the site appears to be offline or blocked, resulting in a low confidence security and compliance profile.

The website f0rest.net represents a small, niche technology service offering a modern Matrix server operated by an individual or small group identified as 'j0'. The service emphasizes ease of deployment via Docker, user experience improvements by using the Cinny client instead of Element, and features like custom emotes and sliding sync for mobile clients. The site is minimalistic and primarily informational, directing users to contact the operator via an external site for account creation. From a technical perspective, the site uses simple static HTML with an external JavaScript analytics script. The domain is very new, registered in August 2024, consistent with a recently launched project. No CMS or major frameworks are detected. The site lacks advanced SEO, accessibility, and mobile optimization features but provides basic functional content. Security posture is limited; no security headers or policies are published, and DNSSEC is not enabled on the domain. The site uses HTTPS (assumed but not explicitly confirmed), but no privacy or cookie policies are present, indicating low privacy compliance. No contact emails or phone numbers are provided, reducing business credibility somewhat. Overall, the site is a small-scale, technically focused project with moderate trustworthiness but limited security and compliance maturity. Strategic improvements in security policies, privacy compliance, and contact transparency would enhance trust and professionalism.

E

Emancipator

emancipatormusic.com

0

Emancipator is an independent electronic music artist based in Portland, Oregon, with a well-established online presence since 2009. The website serves as a hub for fans to access news, tour dates, discography, media, and merchandise links. The business model revolves around music production, live performances, and merchandise sales, targeting electronic music enthusiasts and concertgoers. The site is professionally designed with consistent branding and good content quality, reflecting a small but dedicated operation in the media industry. Technically, the website is built on WordPress using the Uncode theme and several plugins for event management, responsive tables, and tracking. Hosting is provided by iPower.com, and the site uses HTTPS with a valid SSL certificate. Performance and mobile optimization are good, though accessibility features are basic. SEO is adequately addressed with proper meta tags and structured data. From a security perspective, the site benefits from HTTPS and domain transfer protections but lacks DNSSEC and important security headers like CSP and HSTS. There are no visible privacy or cookie policies, which is a compliance gap, especially under GDPR. Tracking technologies include Google Analytics and Facebook Pixel, indicating moderate user tracking. No incident response or vulnerability disclosure information is provided. Overall, the website is trustworthy and professionally maintained but would benefit from enhanced security practices and privacy compliance measures. The domain registration is consistent with the business history and shows no suspicious patterns. Strategic improvements in privacy policy publication, security headers, and DNSSEC would strengthen the site's security posture and compliance standing.

K

Kobaryo

kobaryo.com

0

Kobaryo.com is the official website of Kobaryo, a Japanese electronic music artist and designer active since 2010. The site showcases the artist's extensive discography, collaborations with major game companies, and social media presence. The business model revolves around music production, label management, and commissioned works for rhythm games and multimedia projects, positioning Kobaryo as a niche but well-established figure in the electronic music and gaming industries. Technically, the website uses a straightforward HTML5, CSS, and JavaScript stack with libraries such as jQuery and particles.js to enhance user experience. The site is moderately optimized for performance and mobile devices but lacks advanced SEO and accessibility features. Hosting and domain registration are stable and managed by reputable providers. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are recommended to enhance protection. No forms or sensitive data collection points reduce risk exposure. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and similar regulations. No analytics or tracking scripts were detected, suggesting a privacy-conscious approach. Overall, the website is professional, content-rich, and trustworthy but would benefit from improved security configurations and privacy compliance measures to align with best practices and regulatory requirements.

B

bye2

bye2.co.uk

0

The website bye2.co.uk represents a small independent music and multimedia project primarily focused on promoting music content and merchandise. The site links to various music streaming platforms such as SoundCloud and Bandcamp, as well as social media and a merchandise shop. The business appears to be UK-based and founded in 2020, consistent with the domain registration data. The site uses basic web technologies including HTML, CSS, JavaScript, and Bootstrap 4.3.1, with moderate performance and basic mobile optimization. Security posture is weak, with no HTTPS enforcement or security headers detected, and no privacy or cookie policies present, indicating compliance gaps. No contact information or forms are provided, limiting user engagement and trust signals. Overall, the site is functional but lacks modern security and privacy best practices, impacting its trustworthiness and compliance.

D

DomRobot UG (haftungsbeschraenkt)

ntauthority.me

0

The website ntauthority.me is a personal homepage representing an individual known as Norma or 'nta'. The site focuses on personal expression, social interaction, and sharing interests related to technology, gaming, and community engagement. It does not represent a formal business entity but is linked to a domain registered under DomRobot UG in Germany, indicating a stable and legitimate domain ownership. The site targets general internet users interested in technology and online communities. Technically, the site is built with basic HTML and CSS, hosted with DNS managed by Cloudflare, and shows moderate performance and mobile optimization. Security posture is minimal with no advanced headers or policies published, and privacy compliance is low due to the absence of privacy or cookie policies. Overall, the site is safe, trustworthy, and suitable for general audiences but lacks formal business and security maturity.

The analyzed content corresponds to a Chrome internal error page with an embedded offline dinosaur game, accessible via the chrome-error://chromewebdata/ URL. This page is not a public-facing website but a local resource used by the Chrome browser to display an offline game when network connectivity is lost or an error occurs. There is no business-related content, no commercial services, or company information presented. The page title is 'siesta.cat', but this appears unrelated to any external business entity. The technical infrastructure is based on HTML5, JavaScript, and Canvas API, optimized for fast local rendering and mobile responsiveness. Security posture is inherently strong due to the local nature of the resource, with no external network calls or data collection. Privacy compliance and business credibility indicators are absent as this is not a commercial website. Overall, this page serves a utility function within the Chrome browser rather than representing a business or service online.

The website k.vu presents as a minimalistic domain with very limited content, primarily displaying the domain name itself and providing a contact email. The domain is registered through Telecom Vanuatu Limited with a creation date in 2013, indicating a stable but low-profile presence. The site appears to be associated with DNS services, referencing FreeDNS for DNS management and providing an abuse contact email related to that service. There is no substantive business description, product offering, or service details available on the site, suggesting it may function as a URL shortener or placeholder domain rather than a full-fledged business website. From a technical perspective, the site uses basic HTML, CSS, and JavaScript without any detected CMS or advanced frameworks. The DNS is managed externally by FreeDNS, and DNSSEC is not enabled, which is a potential security improvement area. No analytics, tracking, or advertising technologies are present, indicating minimal digital marketing or user tracking activity. The site lacks privacy, cookie, or terms of service policies, which limits its compliance posture. Security-wise, the site does not present any immediate vulnerabilities but also lacks security best practices such as security headers and DNSSEC. The absence of HTTPS information prevents a full SSL assessment, but the domain status is 'ok' and not flagged for abuse. Incident response contact is limited to the DNS abuse email, with no dedicated security or incident response policy visible. Overall, the security posture is basic and could benefit from enhancements to improve trust and compliance. The overall risk assessment is low due to the minimal content and lack of sensitive data handling, but the site’s lack of transparency, policies, and security features suggest it is not suitable for business-critical or customer-facing applications without significant improvements. Strategic recommendations include implementing security headers, enabling DNSSEC, publishing privacy and cookie policies, and improving contact and business information transparency.

S

See PrivacyGuardian.org

fediverse.party

0

Fediverse.Party is a specialized informational website dedicated to guiding users through the world of federated, decentralized social networks. It promotes free and autonomous social media platforms that operate without ads or algorithms, targeting users interested in privacy and open-source social networking. The site offers curated information about various federated apps and servers, serving as a community resource rather than a commercial enterprise. Technically, the site is built using the Hexo static site generator, delivering a clean, mobile-optimized experience with moderate performance. HTTPS is enforced, but some security best practices such as DNSSEC and security headers are missing. The site does not provide privacy or cookie policies, nor does it disclose contact or incident response information, which limits its privacy compliance and security transparency. Overall, the website is safe, professional, and trustworthy within its niche but could improve in compliance and security posture.