Security Directory

K

Kolektyw „Rada Języka Neutralnego”

transcember.net

61

The website 'Transcember' is a newly launched non-profit initiative by the Kolektyw „Rada Języka Neutralnego” focused on raising awareness about transgender health issues in Poland. It aims to address gaps in healthcare access, discrimination, and promote safe and reimbursed transition-related medical treatments. The site provides educational content, references reputable LGBTQ+ organizations, and encourages community engagement through sharing experiences and spreading awareness. Technically, the site is built on modern frameworks like Nuxt.js and Bootstrap, hosted with Cloudflare DNS, and optimized for mobile devices with good performance and accessibility. Security posture is decent with HTTPS and domain transfer protection, but lacks DNSSEC and some security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but should improve compliance and security practices to enhance user trust and legal adherence.

C

codecalm

tabler.io

66

Tabler is a well-established open source project and commercial provider of responsive HTML admin templates and UI kits based on Bootstrap 5. The company, codecalm, founded in 2018 and based in France, offers a rich set of UI components, layouts, icons, and illustrations targeting developers and designers building web applications and dashboards. The website demonstrates a high level of technical maturity, leveraging modern frameworks such as Next.js and Bootstrap 5, and integrates multiple analytics platforms for user insights. Security posture is solid with HTTPS enforced and domain registration protections in place, though some improvements in security headers and privacy compliance (notably cookie consent) are recommended. Overall, the site is professional, trustworthy, and well-positioned in the UI kit market.

P

Private by Design, LLC

shuga.co

63

Shuga.co is a personal portfolio website representing an individual named Shuga, who is a developer, graphic designer, and video editor. The site showcases various projects, blog posts, and social media presence, targeting developers and tech enthusiasts. The business model is primarily personal branding and open source project sharing, with a small-scale operation based in the US. The website is well-structured with good content quality and consistent branding. Technically, it uses standard web technologies including HTML5, CSS3, FontAwesome, and Google Fonts, hosted with Cloudflare DNS and registered via Porkbun. Performance and mobile optimization are good, though accessibility and SEO are basic. Security posture is moderate with HTTPS implied but lacks DNSSEC and security headers. Privacy compliance is minimal with a basic privacy policy but no cookie consent mechanism. Overall, the domain registration is consistent and trustworthy, with no suspicious patterns detected. The site is safe for general audiences with no adult or questionable content.

D

Discord Previews

discordpreviews.com

59

DiscordPreviews.com is a small niche informational website launched in 2022 that provides early looks at new Discord experiments, features, and changes. It targets Discord users and enthusiasts interested in staying ahead of platform updates. The site uses the modern Astro framework and is hosted via Cloudflare, ensuring good performance and mobile optimization. The technical infrastructure is modern and well-implemented, with HTTPS enforced and a Content-Security-Policy header present, though DNSSEC is not enabled. Security posture is solid but could be improved with additional headers and policies. The site lacks privacy, cookie, and terms of service policies, and no contact information is provided, which impacts compliance and business credibility scores.

The website deltarune.com serves as the official portal for the indie game DELTARUNE, created by Toby Fox. It provides information about the game available on multiple platforms including Nintendo Switch, PC/Mac, and PlayStation. The site offers direct links to purchase or download the game, soundtrack, and merchandise, targeting gamers and fans of the UNDERTALE series. The business model revolves around digital sales and merchandising with a strong niche market presence and a dedicated fanbase. Technically, the site is a modern, fast-loading static website using Bridgetown framework and Cloudflare DNS services, optimized for mobile and desktop with good SEO and accessibility features. Security posture is solid with HTTPS and domain transfer protections, though some improvements like DNSSEC and security headers could be made. Privacy compliance is basic with a privacy policy linked externally but lacks cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-maintained, reflecting a small but reputable indie game business.

L

Le collectif du « Conseil du Langage Neutre »

pronoms.fr

30

Pronoms.fr is a French-based, volunteer-driven, open-source project focused on promoting inclusive and non-binary language through examples of personal pronouns and neutral language usage. It offers users the ability to create and share personalized pronoun cards, supports multiple languages, and fosters community engagement through social media and a dedicated queer calendar. The project is positioned as a niche educational and social inclusion resource within the LGBTQ+ community and language activism space. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with integration of Shopify for e-commerce functionalities. It leverages Cloudflare for DNS and possibly CDN services, uses Google Fonts and Font Awesome for UI, and employs Plausible Analytics for privacy-respecting visitor tracking. The site is well-optimized for mobile devices, accessible, and SEO-friendly, reflecting a mature digital infrastructure for a small community project. From a security perspective, Pronoms.fr enforces HTTPS, implements key security headers, and avoids exposing sensitive data. However, it lacks a visible cookie consent mechanism and formal security or incident response policies, which are recommended for compliance and transparency. No vulnerabilities or suspicious activities were detected, indicating a strong security posture for its scale. Overall, Pronoms.fr presents a trustworthy, professional, and community-oriented platform with excellent content quality and technical implementation. Strategic improvements in privacy compliance and formal security documentation would further enhance its credibility and user trust.

R

Ráðið fyri nevtralt mál

fornovn.fo

58

fornøvn.fo is a community-driven, open-source platform dedicated to providing resources and information about non-binary and gender-neutral pronouns and language, primarily targeting the Faroese-speaking community. The project is managed by the collective 'Ráðið fyri nevtralt mál' and offers multilingual support through related domains. It serves as an educational and advocacy tool promoting freedom, respect, and inclusion in language use. The website features personal pronoun cards, a gender-neutral dictionary, cultural text sources, and community engagement tools.

K

Konsilio pri Neŭtrala Lingvo

pronomejo.net

10

Pronomejo.net is a volunteer-driven, open-source project dedicated to promoting gender-neutral and non-binary language through multilingual pronoun resources and personal pronoun cards. The project is positioned as a niche leader in inclusive language tools, targeting individuals interested in gender inclusivity, linguists, and the LGBTQ+ community. The website offers community engagement, terminology resources, and a public API, supported by a small but active team. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted with reputable DNS and registrar services, and integrates Shopify for merchandise. The site demonstrates good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security headers are not visible. Privacy compliance is generally good with a privacy policy and terms of service present, but lacks a cookie consent mechanism despite using analytics. Contact information is provided via multiple company emails and social media channels. Overall, the site is trustworthy, professional, and serves its community well.

D

Das „Rat für neutrale Sprache“ Kollektiv

pronomen.net

10

Pronomen.net is a community-driven, multilingual platform dedicated to providing information and resources about non-binary and gender-neutral language, focusing on pronouns and inclusive communication. The website serves a niche audience interested in gender inclusivity and offers tools such as pronoun cards, cultural examples, and a queer calendar. It operates as a non-profit public source project supported by volunteers and offers merchandising to support its activities. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted with Cloudflare DNS and uses Shopify's Buy SDK for merchandising. The site is well-optimized for mobile and accessibility, with good SEO practices and fast performance. Security-wise, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and some security headers. Privacy compliance is good with a clear privacy policy and GDPR adherence, though no cookie consent mechanism is present despite using Plausible Analytics. Contact information is available via multiple company emails, and the project maintains an active presence on Mastodon, Bluesky, Discord, and GitLab. Overall, the site is trustworthy, professional, and serves its community well, though it could improve security headers and cookie consent to enhance compliance and security posture.

K

Kweak.org - Main

kweak.org

63

Kweak.org is a personal website operated by an individual known as Shakalitsa. The site hosts a variety of content including file storage, media such as music and videos, software downloads for Android and Windows, pictures, Minecraft skins, and community features like a guest book and blog. The website targets general internet users interested in personal and miscellaneous content sharing. The business model is non-commercial and primarily serves as a personal project or hobby site. The domain is relatively new, registered in late 2022, and uses privacy protection services, which is consistent with the nature of the site. Technically, the website uses standard HTML, CSS, and JavaScript with Cloudflare DNS services and NameCheap as the registrar. The site is moderately optimized with basic mobile responsiveness and accessibility. No advanced frameworks or CMS platforms are detected. Performance is moderate with no significant technical issues noted. However, the site lacks modern security headers and DNSSEC is not enabled, which could be improved. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. There are no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, security headers, and contact information reduces the overall security posture and compliance level. No incident response or vulnerability disclosure information is provided. The site does not use analytics or tracking technologies, which limits privacy concerns but also reduces business intelligence capabilities. Overall, the website is a small-scale personal project with basic technical and security implementations. It is safe for general audiences with no adult or explicit content. Strategic recommendations include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing contact and incident response information to improve trust and compliance.

M

motionarium.

motionarium.top

55

The website motionarium.top is a personal hobby portfolio site created by an individual named Брокля from Russia, focusing on UI/UX design and website layout as a hobby. The site showcases various versions of personal projects and links to social media and code repositories. It is a small-scale, non-commercial site with no evident business operations or commercial intent. Technically, the site is a simple static HTML/CSS/JavaScript implementation hosted with DNS services via Cloudflare and registered through Dynadot LLC with privacy protection. The site lacks advanced frameworks or CMS and shows basic mobile optimization and accessibility. No analytics or advertising technologies are detected, indicating minimal tracking and data collection. From a security perspective, the site does not present advanced security features such as security headers or DNSSEC, and no privacy or cookie policies are provided. The domain is privacy protected, which is appropriate for a personal hobby site. No vulnerabilities or malicious content are detected, but the security posture is basic. Overall, the site is safe and functional as a personal portfolio but lacks professional business and compliance features. Strategic recommendations include adding privacy and cookie policies, improving security headers and HTTPS enforcement, and providing contact information to enhance trust and compliance.

The website myslivets.com serves as a personal portfolio and content hub for Daniel Myslivets, a young content creator focused on technology, photography, and digital media. The site highlights his YouTube channel, photography hobby, short video content, and contributions to open-source social network design. The business model is personal branding with a niche audience primarily interested in technology and creative content. The website is small-scale and consistent with a personal brand rather than a corporate entity. Technically, the site is built with standard HTML, CSS, and JavaScript, leveraging Cloudflare for DNS and analytics. The site performs well with good mobile optimization and basic SEO. However, it lacks advanced security headers and privacy compliance mechanisms such as privacy and cookie policies. Analytics usage is moderate with custom and Cloudflare tracking scripts but without clear user consent. From a security perspective, the site uses HTTPS and has domain status protections but does not enable DNSSEC or implement security headers. There are no visible vulnerabilities or exposed sensitive data. The absence of privacy policies and cookie consent represents a compliance gap. The WHOIS data is consistent with the website content, showing a recently registered domain appropriate for the personal brand timeline. Overall, the site is safe, professional, and trustworthy for general audiences but would benefit from improved privacy compliance and enhanced security headers. Strategic recommendations include enabling DNSSEC, adding privacy and cookie policies, implementing security headers, and publishing a security.txt file to improve transparency and security posture.

L

Lisikpng.com

lisikpng.com

59

Lisikpng.com appears to be a small personal or hobbyist website created in 2022, with minimal content welcoming visitors and linking to nostalgic computing resources. The site lacks formal business information, contact details, and privacy or security policies, indicating it is not a commercial or enterprise-level operation. The technical infrastructure is basic, utilizing standard HTML and CSS with Google Fonts and Cloudflare DNS services, but lacks advanced frameworks or CMS platforms. Security posture is minimal with no DNSSEC enabled and no visible security headers or policies. There are no forms or data collection mechanisms, reducing privacy risks but also limiting user engagement. Overall, the site is safe for general audiences but lacks professional and compliance features expected in business websites.

The website bam.moe is a minimalistic site with no substantive content or business information. The domain is registered through a privacy protection service, Private by Design, LLC, based in the US, with a creation date in 2020. The site appears to be static and decorative, featuring multiple CSS stylesheets and SVG graphics but lacking textual content, contact details, or any business description. There are no forms, external links, or social media profiles present. The technical infrastructure includes Cloudflare DNS but no DNSSEC or security headers are detected from the provided data. No HTTPS status was confirmed, and no analytics or tracking scripts are present. From a security perspective, the site lacks fundamental security best practices such as visible HTTPS enforcement, security headers, and privacy or cookie policies. The absence of contact information and incident response channels further reduces transparency and trustworthiness. The domain registration privacy protection is common for small or personal projects but without business context, it lowers legitimacy. Overall, the site scores low on content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategically, the site requires significant improvements in content provision, transparency, and security to be considered trustworthy or business-ready. Adding clear business information, contact details, privacy and cookie policies, and implementing HTTPS with security headers would greatly enhance its posture. Without these, the site remains minimal and of limited business value.

The website nyam.my is a personal site representing an individual who identifies as a catgirl and transit advocate based in Seattle, WA. The site focuses on personal interests including cybersecurity, education, and information technology, with no commercial or business services offered. The site has a modest market position as a niche personal blog and social presence with links to social media and friend sites. Technically, the site is simple, built with basic HTML and CSS, hosted behind Cloudflare DNS but lacks advanced security features such as DNSSEC and security headers. The site is mobile optimized and performs moderately well but has limited SEO and accessibility features. Security posture is basic with domain registration protections but no published security policies or incident response information. Privacy compliance is minimal with no privacy or cookie policies present. Overall, the site is safe for general audiences with no adult or explicit content detected. The domain registration is recent and consistent with the personal nature of the site, with no suspicious indicators. Strategic recommendations include improving security headers, enabling DNSSEC, and publishing privacy and security policies to enhance trust and compliance.

J

jiktim

jikt.im

54

jiktim is a small, international group of developers focused on creating software, utilities, and apps with a hacker culture identity. Their website is built using Jekyll and hosted with Cloudflare DNS services, reflecting a lightweight static site approach. The site content is minimal but consistent with their niche audience of developers and technology enthusiasts. Social media presence is leveraged for community engagement, with multiple Twitter and GitHub profiles linked. Security posture is basic, with no evident security headers or policies, and privacy compliance is lacking due to absence of privacy and cookie policies. The domain registration aligns with the claimed founding year and shows no suspicious patterns, supporting legitimacy. Overall, the site is functional but lacks professional polish and comprehensive compliance or security measures.

LavaTech operates a public XMPP server under the domain a3.pm, providing a compliant and moderated messaging platform with features such as multi-user chat, OMEMO encryption, and audio/video call support. The service targets XMPP users seeking a reliable and privacy-conscious communication server. The business model is based on free public access with controlled registration to maintain moderation and service quality. The domain is stable and appropriately aged, supporting the legitimacy of the service. Technically, the website uses ejabberd 23.04 as the XMPP server software and Cloudflare for DNS services, indicating a modern and reliable infrastructure. The presence of converse.js allows browser-based chat access. However, the website's technical implementation is basic with limited SEO, accessibility, and mobile optimization features. No CMS or advanced frameworks are detected. From a security perspective, the site demonstrates good practices such as disabling in-band registration to reduce abuse and providing clear contact channels for complaints and support. However, it lacks formal security policies, vulnerability disclosure mechanisms, and explicit security headers, which are areas for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and serves a niche community effectively but would benefit from enhanced security and privacy documentation, improved technical features, and formalized policies to strengthen compliance and user trust.

H

Hugo Blox

hugoblox.com

57

Hugo Blox is an open source, no-code website builder platform launched in 2023, targeting technical creators, researchers, and marketers who want to build websites, landing pages, and online courses with ease and flexibility. Positioned as the best open source website builder for 2024, it boasts a strong community with over 250,000 users and 10,000+ GitHub stars. The platform emphasizes privacy, ownership of content, and ease of use without coding knowledge. Technically, the website leverages modern frameworks such as Hugo, Astro, and Tailwind CSS, hosted with Cloudflare DNS and CDN services, and integrates popular analytics and advertising tools like Google Analytics and Bing Ads. Security posture is good with HTTPS and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Overall, the site is professional, trustworthy, and technically sound but should improve privacy disclosures and security policies to enhance compliance and user trust.

A

Anders G. Jørgensen

mcsrvstat.us

68

Minecraft Server Status is a niche technology service providing quick and reliable information about Minecraft servers, supporting both Java and Bedrock editions. The website is operated by Anders G. Jørgensen, based in Denmark, with a domain registered since 2015, indicating a stable and mature service. The business model is ad-free and supported by donations, targeting Minecraft players and server administrators seeking server status information and API access. Technically, the website uses modern frontend technologies including Bootstrap 5 and Cloudflare for DNS and CDN services, ensuring good performance, mobile optimization, and accessibility. The site is well-structured with clear navigation and a professional design, although it lacks some compliance documentation such as privacy and cookie policies. From a security perspective, the domain benefits from Cloudflare's infrastructure and has domain transfer protections enabled. However, DNSSEC is not enabled, and no explicit security headers were detected in the provided data. There is no published incident response or vulnerability disclosure information, which could be improved to enhance trust and compliance. Overall, the website is functional, trustworthy, and well-positioned within its niche but would benefit from enhanced privacy compliance, security headers, and contact transparency to improve its security posture and user trust.

M

MarioMasta64

mariomasta64.me

51

The website mariomasta64.me is a personal or hobbyist platform primarily focused on hosting various downloadable resources and information related to gaming consoles, software hacks, and miscellaneous technology content. It targets a niche audience of technology enthusiasts and gamers interested in console hacking and software tools. The site is modest in scale and does not present itself as a commercial business. Technically, the site uses basic HTML and CSS with JSON-LD structured data for social media links and site structure. It is hosted with NameCheap as registrar and uses Cloudflare for DNS services, but lacks DNSSEC and no HTTPS status was confirmed from the data provided. Security posture is minimal with no evident security headers or privacy policies, and no forms or data collection mechanisms are present. The site is accessible without WAF or blocking mechanisms. Overall, the site is functional but basic, with limited privacy and security compliance. Strategic improvements in HTTPS implementation, security headers, and privacy policies would enhance trust and compliance.

W

wingio

wingio.xyz

58

The website wingio.xyz is a personal portfolio site of a 22-year-old Android developer named Wing. The site showcases the developer's skills, projects, and social media presence, primarily targeting fellow developers and tech enthusiasts. The business model is personal branding and open source project promotion, with a niche market position as an individual developer portfolio. The site is technically modern, built with Astro and Svelte frameworks, and hosted with Cloudflare DNS services. It demonstrates good performance and mobile optimization but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS enabled and domain locks in place, but lacks DNSSEC and security headers. Privacy compliance is minimal, with no privacy or cookie policies present. Contact information is limited to an email address. Overall, the site is trustworthy for its purpose but could improve in privacy and security transparency.

The website aagaming.me is a personal hobby developer portfolio primarily focused on reverse engineering projects. The site owner, known as 'aa', showcases various projects and references work on decky.xyz, indicating a niche presence within the developer and reverse engineering community. The business model is informal and hobbyist, with no commercial or enterprise scale operations evident. The site targets hobby developers and technology enthusiasts interested in reverse engineering and software development. Technically, the website is built using the Astro framework and utilizes Cloudflare for DNS services. The site demonstrates moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. There are no detected CMS platforms or third-party analytics or advertising tools, indicating a lightweight and privacy-conscious setup. From a security perspective, the site lacks critical security headers and does not enable DNSSEC, which could improve domain security. No privacy or cookie policies are present, and no contact or incident response information is provided, limiting compliance with GDPR and other privacy regulations. The domain is privacy protected via a service in Iceland, which is consistent with the personal nature of the site. Overall, the security posture is basic with room for improvement. The overall risk is low given the non-commercial nature and safe content, but the site would benefit from adding privacy policies, security headers, and contact information to enhance trust and compliance. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing privacy and cookie policies, and providing clear contact and incident response details.

P

Private by Design, LLC

lewisakura.moe

71

The website lewisakura.moe is a personal site belonging to Lewis, a young software engineer and aspiring content creator specializing in backend development and game development on platforms such as Roblox. The site serves as a portfolio and contact point, showcasing various projects and placements, both paid and volunteer. The business model is primarily freelance and team-based development with future plans for content creation as a VTuber. The site targets technology enthusiasts and potential collaborators. Technically, the site is built using the Astro framework, leveraging modern web technologies and hosted with Cloudflare DNS services. It is well optimized for performance and mobile devices, with good SEO metadata and clear navigation. No CMS or analytics tools are detected, indicating a lightweight and privacy-conscious approach. From a security perspective, the site uses HTTPS and has domain transfer and deletion protections enabled. However, DNSSEC is not enabled, and no security headers are detected, which are areas for improvement. No privacy or cookie policies are published, which impacts compliance posture. Contact information is clearly provided via email and Discord, but no formal incident response or security policies are present. Overall, the site is safe, professional, and trustworthy for its intended personal and freelance use. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and considering incident response documentation to enhance security and compliance.

D

Diamondburned

libdb.so

44

The website libdb.so is a personal portfolio site for Diamond, a software engineer at Google with over five years of experience. The site highlights her passion for open source, showcases her projects, professional experience, and provides multiple social media and contact links. The site is well-structured, visually appealing, and optimized for performance and mobile devices, reflecting a high level of technical maturity. Security-wise, the site uses HTTPS and Cloudflare DNS but lacks explicit security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the site presents a trustworthy and professional image but would benefit from enhanced privacy compliance and security best practices to align with industry standards.

env.fail is a small, US-based information security blog operated by Private by Design, LLC. The site features multiple contributors who publish content focused on web security and infosec topics. The business model centers on content publishing aimed at security professionals and enthusiasts. The website is relatively new, with domain registration in March 2024, consistent with the recent blog post dates. Technically, the website uses standard web technologies including HTML5, CSS, and JavaScript, with Cloudflare providing DNS services. The site appears to be custom-built or uses an unknown CMS. Performance and mobile optimization are moderate to good, though accessibility and SEO optimizations are basic. No advanced frameworks or analytics services are detected. From a security perspective, the site benefits from HTTPS and domain status protections but lacks DNSSEC and security headers. There are no visible vulnerabilities or exposed sensitive data. However, the absence of privacy, cookie, and terms of service policies, as well as contact information and vulnerability disclosure mechanisms, indicates room for improvement in compliance and incident response readiness. Overall, the website is professional and relevant to its niche audience but would benefit from enhanced security practices and compliance documentation to improve trust and legal standing.

O

oatmealine

oat.zone

57

The website oat.zone is a personal portfolio site belonging to an individual known as jade or jill, online as oatmealine. The site showcases a range of technical and creative skills including software development in Crystal, Lua, and Haskell, shader programming, modfile creation, game development, UI design, web development, and occasional artistic and musical composition. The site targets technology enthusiasts and personal followers rather than commercial customers, positioning itself as a niche personal brand. The domain is registered in Ireland since 2020, consistent with the personal nature and age of the site. Technically, the site uses modern JavaScript modules and Matomo analytics for tracking, with DNS hosted on Cloudflare. The site is mobile-optimized and uses multiple favicon sizes for device compatibility. However, it lacks some security headers and DNSSEC is not enabled, representing areas for improvement. The site is currently under renovation, which may affect content availability. From a security perspective, the site enforces HTTPS and has domain status protections to prevent unauthorized transfers or deletions. No critical vulnerabilities or exposed sensitive data were found. However, the absence of privacy and cookie policies indicates compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure information is provided. Overall, the site is a well-maintained personal portfolio with moderate technical maturity and a good security baseline but lacks formal privacy compliance documentation. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, and providing incident response contacts to enhance trust and compliance.

MrBruh.com is a personal blog operated by Paul, a young programmer and aspiring cybersecurity professional from New Zealand. The site focuses on sharing technical blog articles related to cybersecurity vulnerabilities, malware analysis, and programming insights. The blog targets gamers and cybersecurity enthusiasts, providing niche content in the technology sector. The website is built using the Hugo static site generator and hosted by Privex, with DNS managed via Cloudflare. The domain is registered with Tucows Domains Inc. and is relatively new, consistent with the stated founding year of 2023. Technically, the website is well-structured with good mobile optimization and accessibility. However, it lacks advanced SEO optimization and security headers. The site uses HTTPS but does not enable DNSSEC, and no privacy or cookie policies are present. There are no analytics or tracking scripts detected, indicating minimal user tracking. Contact information is provided via email and Signal, but no forms or other data collection mechanisms are present. From a security perspective, the site benefits from domain transfer protections but lacks important security headers and DNSSEC, which could improve its security posture. No vulnerabilities or exposed sensitive data were detected in the content. The absence of privacy and cookie policies indicates non-compliance with GDPR and other privacy regulations. Overall, the site is safe for general audiences and does not contain adult or explicit content. The overall risk is low given the personal blog nature, but improvements in security headers, privacy compliance, and DNS security are recommended to enhance trust and protection against potential threats.

The website ssi.fyi represents a small technology-focused entity branded as SERVER SCANNING INC, registered under Private by Design, LLC in the US. The site is minimalistic, primarily serving as a portal linking to community and code repositories such as Discord, GitHub, and Forgejo. The domain is relatively new, created in 2023, consistent with a startup or new project in the technology sector. The business model and detailed service offerings are not explicitly described on the site, limiting comprehensive business insights. Technically, the site uses basic web technologies including SVG for branding, CSS for styling, and JavaScript for minimal interactivity. Hosting and DNS services are provided by Cloudflare, a reputable provider, but DNSSEC is not enabled. The site lacks advanced security headers and privacy compliance mechanisms such as cookie consent or privacy policies, indicating room for improvement in security posture and regulatory adherence. Security-wise, no immediate vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of security headers and privacy policies reduces the overall security maturity. No incident response or vulnerability disclosure information is provided, which could impact trust and compliance. The site is accessible without WAF or security challenges, and no adult or explicit content is present, making it safe for general audiences. Overall, the website scores moderately on content quality, technical implementation, and business credibility but scores low on privacy compliance and security best practices. Strategic improvements in privacy policy publication, security header implementation, and contact transparency would enhance trust and compliance.

E

Epic Blazed, Inc.

epicblazed.com

53

Epic Blazed, Inc. is a newly established small business focused on retail and branding of cannabis-related products such as blunts, joints, and various strains. The website content is basic and primarily targets adult consumers interested in cannabis culture. The site branding includes multiple trademarks related to cannabis products, indicating a niche market positioning. Technically, the website is simple, built with basic HTML and CSS, hosted and registered via Cloudflare, but lacks modern web features such as CMS, analytics, or advanced SEO. Security posture is weak due to absence of HTTPS information, security headers, and privacy policies. No contact or compliance information is provided, limiting trust and credibility. Overall, the site is functional but minimalistic, with significant room for improvement in security, privacy, and user engagement.

The website marisakirisame.net is a small personal or hobby site focused on technology-related content such as sourcemod, music, and graphical buttons. It does not represent a commercial business entity and serves a niche audience interested in these topics. The site is relatively new, founded in 2022, and uses Cloudflare DNS with domain registration through NameCheap. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript without any detected CMS or frameworks. Mobile optimization and navigation are functional but minimal. Security posture is moderate with some positive indicators such as clientTransferProhibited domain status and Cloudflare DNS, but lacks advanced security headers and policies. Privacy and cookie policies are absent, which impacts compliance. Overall, the site is safe with no adult or explicit content detected.

Wito.bar is a small personal or community website centered around gaming and creative content, with a focus on social media engagement and content sharing. The site features links to multiple social platforms such as Twitter, YouTube, Twitch, Steam, and others, indicating an active online presence. The domain is relatively new, registered in early 2023, and uses privacy protection services consistent with a personal or small community site. The website design is basic with a retro aesthetic and limited mobile optimization. From a technical perspective, the site uses standard HTML and CSS with web fonts and is hosted behind Cloudflare DNS services. However, no advanced frameworks or CMS platforms are detected. Performance and accessibility are moderate to basic, with no detected analytics or advertising scripts, suggesting minimal tracking or marketing tools in use. Security posture is basic; HTTPS is implied but no security headers or DNSSEC are enabled. No privacy, cookie, or terms of service policies are present, and no contact or incident response information is provided, limiting compliance and transparency. No forms or data collection mechanisms are found, reducing attack surface but also limiting user interaction. Overall, the site is safe for general audiences with no adult or explicit content detected. The domain registration and website content are consistent, with no suspicious indicators. Strategic improvements include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and providing contact and incident response information to enhance trust and compliance.

Foxwells Garden is a small, niche online community platform that brands itself as an 'online beer garden with less beer and more nerds.' It offers semi-private social spaces including chatrooms across multiple platforms (Telegram, Discord, Mumble, IRC) and gaming servers such as Minecraft. The site also hosts code repositories on GitHub and GitLab, indicating a tech-savvy user base. The business model centers on community engagement and social interaction rather than commercial services. The domain is privacy protected and registered since 2018, consistent with a small community site. Technically, the website is simple, built with basic HTML and CSS, hosted with DNS services via Cloudflare, and secured with HTTPS. The site lacks advanced frameworks or CMS and shows basic mobile optimization and accessibility. No analytics or tracking scripts are detected, indicating minimal user tracking. However, the site does not implement security headers or privacy/cookie policies, which are areas for improvement. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and security headers. No forms or data collection mechanisms are present, reducing attack surface. The absence of privacy and cookie policies and contact information limits compliance with GDPR and general trustworthiness. No vulnerabilities or suspicious activities are detected. Overall, Foxwells Garden is a modest, community-focused site with basic technical implementation and moderate security posture. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and security. The site is safe for general mature audiences, with content related to social gaming and community chat rather than explicit or adult material.

P

Private by Design, LLC

maggiepi.fyi

44

The website maggiepi.fyi is a personal site belonging to an individual named Maggie, a computer science student and technology enthusiast. The site serves primarily as a personal hub linking to Maggie's blog, social media, and technical interests. It provides detailed information about Maggie's interests, current desktop setup, and favorite media, targeting a general audience interested in technology and personal content. The site is small-scale and non-commercial, with no direct business services or e-commerce functionality. Technically, the site is built with basic HTML and CSS, uses Google Fonts, and is hosted with Cloudflare DNS services. The site is mobile responsive and has a moderate performance profile. However, it lacks advanced technical frameworks, CMS, or analytics tools. SEO and accessibility are basic but adequate for a personal site. From a security perspective, the site lacks critical security headers and does not have privacy or cookie policies, which impacts compliance and trust. The WHOIS data shows a suspicious future domain creation date, which reduces trustworthiness. No forms or data collection mechanisms are present, minimizing attack surface but also limiting user engagement. Overall, the security posture is basic with room for improvement in policy transparency and technical safeguards. The overall risk is low given the non-commercial nature and safe content, but the domain registration anomaly and lack of privacy policies suggest caution. Strategic improvements in security headers, privacy compliance, and domain registration transparency are recommended to enhance trust and security posture.

N

N/A

kneesox.moe

53

Kneesox.moe is a personal website operated by an individual known as Kneesox, primarily serving as a platform to share programming projects, image hosting, and personal interests. The site draws design inspiration from the videogame VA-11 HALL-A and offers tools such as a junkcode generator and a ShareX login portal. The target audience is general internet users interested in programming and niche personal content. The business model is that of a hobbyist or personal project without commercial intent or extensive market positioning. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with the use of Howler.js for audio playback. Hosting and DNS services are provided via Cloudflare and NameCheap respectively. The site demonstrates moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No CMS or major frameworks are detected, indicating a custom-built site. From a security perspective, the site uses HTTPS but lacks important security headers such as Content-Security-Policy and HSTS. There are no privacy or cookie policies, and no vulnerability disclosure or security.txt files are present. The domain is privacy protected, which is appropriate for a personal site, and no suspicious WHOIS patterns are found. Overall security posture is moderate but could be improved with standard best practices. The overall risk is low given the non-commercial and personal nature of the site, but improvements in privacy compliance, security headers, and transparency would enhance trustworthiness and user confidence. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, enabling DNSSEC, and adding vulnerability disclosure information.

P

Private by Design, LLC

maisy.moe

56

The website maisy.moe is a personal site belonging to an individual named maisy, who announces their departure from the wider Internet and discontinues several software projects. The site serves primarily as a personal blog and project archive with a focus on community and personal messaging rather than commercial activity. The domain is recently registered in 2023 with privacy protection, consistent with the personal nature of the site. The technical infrastructure uses the Astro framework and Cloudflare DNS services, indicating a modern but simple technical setup. The site is accessible with no WAF or blocking mechanisms detected. Security posture is basic with HTTPS enabled but lacks advanced security headers and policies. Privacy and cookie policies are absent, and no contact information or incident response details are provided. Overall, the site is safe for general audiences and does not contain adult or explicit content.

M

m6.wtf

m6.wtf

61

The website m6.wtf currently serves as a placeholder with minimal content, displaying only a 'SOON™️' message and a brief description stating 'srry, nothing here yet'. There is no substantive business information, contact details, or policies available, indicating that the site is either under development or inactive. The domain is registered through Porkbun LLC with a Canadian registrant and uses Cloudflare DNS services, suggesting a basic level of infrastructure readiness. The technical stack includes Next.js and React frameworks, which are modern and capable of supporting a robust web presence once fully developed. From a security perspective, the site lacks critical security headers and DNSSEC is not enabled, which are areas for improvement. No forms or data collection mechanisms are present, reducing immediate privacy risks but also indicating a lack of user engagement features. The absence of privacy, cookie, or terms of service policies means the site is currently non-compliant with GDPR and other privacy regulations. No contact or incident response information is provided, limiting transparency and trust. Overall, the site scores low on content quality, security posture, privacy compliance, and business credibility due to its placeholder status and lack of substantive information. There are no indications of malicious content or adult material, and the site is accessible without WAF or security challenges. Strategic recommendations include enabling DNSSEC, adding standard security headers, publishing privacy and cookie policies, and providing clear contact information to improve trust and compliance.

M

Mopigames

mopigames.gay

49

This website represents a personal portfolio and blog for an individual developer known as Mopigames, a lesbian MtF transgender girl living in France. The site serves as a personal branding platform with links to social media and community sites, targeting a general audience interested in technology and personal content. The domain is newly registered in 2024 with privacy protection, consistent with the personal nature of the site. Technically, the site uses standard HTML, CSS, and JavaScript with Cloudflare DNS services. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but no additional security headers or policies present. No privacy, cookie, or terms of service policies are found, indicating low privacy compliance. Contact information is clearly provided via email and social media links. No forms or data collection mechanisms are present, reducing risk exposure. The content is safe for general audiences with no adult or explicit material detected. Overall, the site is a small personal project with moderate professionalism and trustworthiness. Security and privacy improvements are recommended to enhance compliance and user trust.

W

WARP RECORDS

warp.net

59

Warp Records is an established independent music label specializing in groundbreaking music, videos, and cinema, representing notable artists such as Aphex Twin and Boards of Canada. The company operates a professional and well-branded website offering editorial content, artist information, events, and an online shop, targeting music enthusiasts and fans of experimental electronic music. The domain has been registered since 2002, supporting the legitimacy and longevity of the business. Technically, the website is built on modern frameworks like Next.js and React, with good performance, mobile optimization, and SEO practices. The site integrates multiple analytics and marketing pixels, indicating extensive user tracking. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is basic, with a cookie consent mechanism but no explicit privacy policy or terms of service found. Contact information is limited to forms and social media links, with no direct emails or phone numbers published.

S

Squarepusher

squarepusher.net

61

Squarepusher.net is the official website and e-commerce platform for the electronic music artist Squarepusher, offering remastered music releases, merchandise, and related projects. The site targets fans and collectors of electronic music, providing digital and physical formats for purchase. The business operates a niche direct-to-consumer model with a focus on official releases and limited editions, positioning itself as a trusted source for Squarepusher's content. Technically, the site employs modern web technologies including Google Analytics, Facebook Pixel, and Cloudflare DNS, with a proprietary or custom e-commerce platform likely based on Bleep. The site is moderately performant and mobile-optimized but lacks some accessibility features. Security posture is good with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Contact information and incident response details are absent, limiting transparency. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

N

no hello

nohello.net

60

The website nohello.net is a small, niche informational site created in 2020 that promotes efficient communication etiquette by discouraging users from sending just 'hello' messages in chat platforms. It uses a humorous tone and simple design to convey its message, targeting general internet users who engage in chat communications. The site is multilingual, supporting 18 languages, and is hosted on Cloudflare Pages with Cloudflare DNS, ensuring good performance and availability. Technically, it employs modern web standards including HTML5, CSS3, and JavaScript with the Typed.js library for dynamic text effects. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, which are recommended improvements. No privacy, cookie, or terms of service policies are present, and no contact or business information is disclosed, limiting its privacy compliance and business credibility. Overall, the site is safe, family-friendly, and functions well as a lighthearted communication awareness tool.

3

3D Realms

3drealms.com

64

3D Realms is a well-established game development and publishing company with a legacy spanning nearly three decades. The company focuses on AAA gaming titles characterized by action, attitude, and adrenaline, targeting a broad gaming audience. Their business model includes game publishing, community engagement through their 3DRmy program, and merchandise sales. The website reflects a mature market position with professional branding and consistent messaging. Technically, the site is built on a modern WordPress stack with Elementor and WooCommerce, hosted behind Cloudflare DNS, and optimized for performance and mobile devices. Security posture is strong with HTTPS enforced, security headers present, and cookie consent mechanisms implemented, although DNSSEC is not enabled and no explicit security policy or incident response information is published. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, though it could benefit from enhanced transparency on security policies and vulnerability disclosures.

S

Spaceship, Inc.

pyro.host

65

Pyro.host is a VPS hosting provider operated by Spaceship, Inc., established in 2023. The company offers high-performance virtual private servers with instant deployment capabilities, modern AMD Ryzen processors, and robust DDoS protection. Their platform targets developers, teams, and creators seeking scalable and reliable infrastructure solutions. The website demonstrates a professional design with good mobile optimization and clear navigation, leveraging modern web technologies such as Next.js and React. Analytics integration includes TikTok, Google Tag Manager, and PostHog, indicating a moderate level of user tracking. Security posture is solid with HTTPS and domain transfer protections, though improvements are needed in explicit security headers and privacy compliance documentation. Overall, Pyro.host presents a credible and technically mature VPS service with room for enhanced transparency and compliance.

D

DomRobot UG (haftungsbeschraenkt)

ntauthority.me

45

The website ntauthority.me is a personal homepage representing an individual known as Norma or 'nta'. The site focuses on personal expression, social interaction, and sharing interests related to technology, gaming, and community engagement. It does not represent a formal business entity but is linked to a domain registered under DomRobot UG in Germany, indicating a stable and legitimate domain ownership. The site targets general internet users interested in technology and online communities. Technically, the site is built with basic HTML and CSS, hosted with DNS managed by Cloudflare, and shows moderate performance and mobile optimization. Security posture is minimal with no advanced headers or policies published, and privacy compliance is low due to the absence of privacy or cookie policies. Overall, the site is safe, trustworthy, and suitable for general audiences but lacks formal business and security maturity.

N

N/A

hayden.moe

60

The website hayden.moe is a personal blog and portfolio site for Hayden, a UK-based DevOps and Platform Engineer. The site serves as a platform for sharing technical insights, personal interests, and community engagement through social media and Discord. It targets developers and technology enthusiasts, positioning itself as a niche personal technical blog with a focus on DevOps and platform engineering topics. The business model is primarily personal branding and content sharing, with no commercial transactions or services offered directly on the site. Technically, the site is built using modern web standards with HTML5 and CSS, leveraging the Astro framework for styling. Hosting and DNS are managed via Cloudflare, providing good performance and security at the infrastructure level. The site is mobile optimized and has a clean, consistent design with good navigation and user experience. However, there is room for improvement in accessibility and SEO optimization. From a security perspective, the site enforces HTTPS and uses domain transfer protection, but lacks DNSSEC and security headers such as Content-Security-Policy and Strict-Transport-Security. There are no visible vulnerabilities or exposed sensitive data. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap especially for GDPR compliance. No incident response or vulnerability disclosure information is provided. Overall, the site is low risk with a good security baseline but would benefit from enhanced privacy compliance and security hardening. Strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and implementing a vulnerability disclosure policy to improve trust and compliance.

The website ata.moe is a small, recently created personal or fan site dedicated to a character known as the raccoon girl. It primarily serves as an art showcase platform featuring works from various artists, with attribution links to their social media profiles. The site does not present commercial activities or business services and targets fans and art enthusiasts interested in this niche content. The domain is registered with privacy protection, consistent with the site's non-commercial nature and recent launch in December 2024. Technically, the site is built with standard HTML, CSS, and JavaScript, hosted behind Cloudflare DNS services but lacks DNSSEC and advanced security headers. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation and relevant content. However, it lacks privacy and cookie policies, contact information, and security best practices such as HTTPS enforcement and security headers. From a security perspective, the site shows a low maturity level with no evident security policies, incident response contacts, or vulnerability disclosures. No tracking or analytics services are detected, which reduces privacy concerns but also indicates minimal data collection. The absence of security headers and DNSSEC reduces the overall security posture. No adult or explicit content is present, making the site safe for general audiences. Overall, the site scores moderately on content quality and technical implementation but poorly on security and privacy compliance. Strategic improvements include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and publishing contact and incident response information to enhance trust and compliance.

The website 'ada.cat' serves as a personal homepage for an individual named Ada, also known as Pixel. It functions primarily as a personal portfolio and social hub linking to various social and gaming platforms. The site is built using modern frontend technologies including Vue.js, Nuxt.js, and Vuetify, indicating a good level of technical maturity for a personal project. Hosting and DNS are managed through OVH and Cloudflare respectively, though DNSSEC is not enabled, and no advanced security headers are detected. The domain is very recently registered in Poland, consistent with the website's new launch. Security posture is moderate but could be improved by implementing standard security headers and enabling DNSSEC. Privacy and cookie policies are absent, and no contact information is provided, which limits compliance and business credibility. Overall, the site is safe, well-designed, and targeted at a general audience with no adult content. The AI overall score is 66, reflecting good content and technical implementation but weaknesses in privacy and security compliance.

Sapphic Angels is a small technology-focused personal blog and professional site operated by software engineers and system administrators. The site provides technical articles, personal insights, and showcases expertise in software engineering and system administration. The business model appears to be content-driven with community engagement through social media and support platforms like Ko-fi. The website uses modern web technologies including Astro and React, ensuring good performance and mobile optimization. Hosting and DNS are managed via Cloudflare, providing a reliable infrastructure. Security posture is moderate with HTTPS enforced and domain transfer protections enabled, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced security and privacy practices.

P

Private by Design, LLC

travel.moe

56

The website travel.moe is a niche community platform themed around virtual travel within a '萌' (moe) culture and alternate dimension concept. It invites users to explore fictional planets and engage with a community of like-minded enthusiasts. The business behind the domain is registered to Private by Design, LLC, a US-based entity, with the domain created in 2021, indicating a relatively new but legitimate operation. The site content is primarily in Chinese and targets users interested in anime, virtual travel, and related cultural themes. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and Cloudflare DNS services. It employs Umami analytics, a privacy-focused tracking tool, indicating some attention to user privacy. However, the site lacks DNSSEC, security headers, and HTTPS configuration details are not explicitly confirmed. The site is mobile-optimized with basic accessibility and SEO features but overall technical sophistication is moderate. From a security perspective, the domain has standard registrar protections such as clientTransferProhibited and clientDeleteProhibited statuses, which help prevent unauthorized domain changes. However, the absence of DNSSEC and security headers, as well as missing privacy and cookie policies, represent compliance and security gaps. No contact or incident response information is provided, limiting transparency and user trust. No adult or explicit content is present, making the site safe for general audiences. Overall, the site scores moderately on AI evaluation metrics, with strengths in content presence and basic technical implementation but weaknesses in privacy compliance and security posture. Strategic improvements in security headers, privacy policies, and contact transparency would enhance trust and compliance.

D

Dani Donovan

adhddd.com

69

The website adhddd.com is a content-focused platform centered around ADHD-themed comics created by Dani Donovan. It serves a niche audience interested in ADHD awareness and related humor. The site is built on WordPress with WooCommerce and Elementor, indicating a moderate level of digital maturity and potential e-commerce capabilities. The technical infrastructure includes Cloudflare DNS and HubSpot marketing tools, reflecting a modern but basic setup. Security posture is moderate with HTTPS enabled but lacking advanced security headers and DNSSEC. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the site is functional and professionally presented but would benefit from enhanced security and compliance measures to improve trust and user protection.

L

miaowing

les.bi

57

The website les.bi is a personal portfolio site titled 'miaowing' representing a senior systems technician. The site provides basic navigation to about, projects, socials, hardware, and friends pages, with a contact email provided. The domain is newly registered in May 2024 with a reputable registrar and uses Cloudflare nameservers, indicating some level of infrastructure maturity. However, the site lacks privacy and cookie policies, security headers, and DNSSEC, which are important for security and compliance. The content is minimal but accessible and safe for general audiences.