Skip to main content

Is nibiru.fi a Scam? Security Check Results - Nibiru Reviews

N

Is nibiru.fi Safe? Security Analysis for Nibiru

https://nibiru.fi

Check if nibiru.fi is a scam or legitimate. Free security scan and reviews.

TechnologyN/asmall
JavaScriptAstro frameworkGoogle Tag ManagerTwitter widgetsKlaviyo marketing scripts
Analyzed 9/5/2025Completed 4:47:40 PM
61
Security Score
MEDIUM RISK

AI Summary

Nibiru.fi is the official website for the Nibiru blockchain ecosystem, a high-performance, EVM-equivalent smart contract platform designed to support scalable and versatile Web3 applications. The platform hosts a variety of decentralized finance (DeFi) applications including decentralized exchanges, lending and borrowing platforms, NFT marketplaces, prediction markets, and cross-chain bridges. The ecosystem is actively expanding with multiple partner integrations and community-driven projects. Technically, the website is built using modern web technologies including the Astro framework, and it leverages Google Tag Manager and Klaviyo for marketing and analytics. The site is well-optimized for performance, mobile responsiveness, and SEO, providing a professional user experience.

Detected Technologies

JavaScriptAstro frameworkGoogle Tag ManagerTwitter widgetsKlaviyo marketing scripts

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Nibiru operates in the blockchain technology sector, targeting developers and users interested in decentralized finance and Web3 applications. Its business model revolves around providing blockchain infrastructure and an ecosystem of interoperable DeFi apps. The project is relatively new, founded in 2022, and positions itself as a growing decentralized ecosystem with multiple strategic partnerships. Revenue streams likely include transaction fees, staking, and ecosystem tokenomics. The presence of multiple ecosystem apps and integrations with established projects like Circle (USDC) and LayerZero indicates a robust partnership ecosystem. The company maintains active social media presence and community engagement but lacks publicly visible formal contact or compliance documentation on the website.

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a good security posture with HTTPS enforced, use of multiple security headers, and no visible exposure of sensitive data. However, it lacks published privacy policies, cookie consent mechanisms, and incident response information, which are important for compliance and user trust. The absence of DNSSEC is a minor gap in DNS security. Third-party scripts are used extensively for marketing and analytics, which may introduce privacy risks if not properly managed. Overall, the security maturity is moderate with room for improvement in compliance and transparency.

Strategic Recommendations

Priority Actions for Security Improvement

1

Publish comprehensive privacy and cookie policies to enhance GDPR and privacy compliance.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Nibiru

Description:

Nibiru is a smart contract ecosystem with a high-performance, EVM-equivalent execution layer. Nibiru is engineered to meet the growing demand for versatile, scalable, and easy-to-use Web3 applications.

Key Services:
EVM-equivalent smart contract executionDecentralized finance applicationsCross-chain bridgesLiquid stakingNFT marketplacePrediction marketsLending and borrowing platformsOrderbook DEXMemecoin launchpad
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
JavaScriptAstro frameworkGoogle Tag ManagerTwitter widgetsKlaviyo marketing scripts
Frameworks:
Astro
Platforms:
Web
Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
85/100
Best Practices:
  • HTTPS enforced
  • Use of security headers
  • No exposed sensitive data in HTML
  • No vulnerable libraries detected in scripts

Analytics & Tracking

Services:
Google Analytics (via GTM)Klaviyo Analytics
Tracking Level:moderate
Privacy Compliance:poor

Advertising & Marketing

Ad Networks:
Twitter Ads
Tracking Pixels:
KlaviyoTwitter Widgets
Marketing Tools:
Klaviyo
Transparency Level:basic

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content about the Nibiru blockchain ecosystem.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

30/100
Score

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

33/100
Score

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

EU business without adequate privacy measures

CRITICAL

EU businesses are subject to strict GDPR requirements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

85/100
Score

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

70/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

Strict DMARC Alignment

LOW

Strict alignment may cause legitimate emails to fail

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:_spf.google.com include:calendar-server.bounces.google.com ~all
DNS Lookups:2/10
Policy:~all
DMARC Details
Policy:reject
Subdomain Policy:reject
Aggregate Reports:abuse@nibiru.org
Forensic Reports:abuse@nibiru.org

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100
Score

Unable to retrieve SSL certificate

CRITICAL

Could not establish secure connection to retrieve certificate information

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

90/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

DNS Records

A Records:199.36.158.100
Name Servers:
ns-cloud-c1.googledomains.comDNS only
ns-cloud-c2.googledomains.comDNS only
ns-cloud-c3.googledomains.comDNS only
ns-cloud-c4.googledomains.comDNS only
MX Records:
5: alt2.aspmx.l.google.com
10: alt3.aspmx.l.google.com
10: alt4.aspmx.l.google.com
5: alt1.aspmx.l.google.com
1: aspmx.l.google.com
SOA:Serial: 1, TTL: 300s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:56ms

SPF Analysis

SPF Record:
v=spf1 include:_spf.google.com include:calendar-server.bounces.google.com ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on a modern tech stack with Astro framework, leveraging Contentful CMS for content management. It uses Google Tag Manager and Klaviyo for analytics and marketing automation. The site is hosted with DNS managed by Google Domains, ensuring reliable DNS resolution. Performance is optimized with asynchronous script loading and responsive design. The site is SEO-friendly with proper meta tags and Open Graph data. Accessibility is good, though no explicit ARIA roles or accessibility statements were detected. The technical infrastructure supports a professional and scalable web presence for the Nibiru ecosystem.
Analyze Another Website