Security Directory

S

Home | The SPSRF

stiffperson.org

0

The website stiffperson.org serves as a support group platform dedicated to Stiff Person Syndrome, a rare neurological disorder. It provides informational resources and community support primarily targeting patients, their families, and caregivers. The site is built on the Wix platform, leveraging Wix's hosting and content management system, which offers moderate performance and good mobile optimization. However, the content quality and design are basic, reflecting a small non-profit organization's typical digital presence. From a security perspective, the site uses HTTPS but lacks advanced security headers and formal privacy or cookie policies, which are important for compliance and user trust. No contact information or incident response details are provided, limiting transparency and responsiveness to security or privacy concerns. The site employs minimal tracking via Metricool analytics, indicating a low level of user tracking. Overall, the domain WHOIS data is unavailable or privacy protected, which is common for small non-profits but limits trust verification. The website content and structure do not raise suspicion and align with a legitimate support group. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance the site's trustworthiness and security posture.

C

Chronic Disease Fund, Inc DBA Good Days®

mygooddays.org

0

MyGoodDays.org is the official website of Good Days, a national non-profit charitable organization dedicated to supporting patients with chronic illnesses by providing resources for life-saving and life-extending treatments. The organization operates a patient assistance program, collaborates with healthcare providers and donors, and maintains a strong presence in the non-profit healthcare sector. The website reflects a mature digital presence with a clear mission, comprehensive content, and multiple trust certifications, positioning it as a reputable entity in its field. Technically, the site is built on WordPress with Elementor and integrates modern analytics and user engagement tools such as Google Analytics, Hotjar, and Five9 chat. The site is mobile optimized and SEO friendly, though some accessibility features are basic. Security posture is generally good with HTTPS enforced and domain protections in place, but improvements are recommended in DNSSEC deployment and security headers. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-maintained, serving its target audience effectively.

G

Global Genes

globalgenes.org

0

Global Genes is a well-established non-profit organization founded in 2010, dedicated to empowering the rare disease community globally. Their website serves as a comprehensive platform offering patient services, advocacy events, educational resources, and research facilitation tools. The organization targets individuals, caregivers, advocates, clinicians, and researchers involved in rare diseases, positioning itself as a trusted leader in this niche. The site’s content is rich, professionally presented, and highly relevant to its audience, reflecting a strong commitment to community support and education. Technically, the website is built on WordPress with a modern tech stack including jQuery, Yoast SEO, and various analytics and marketing tools such as Google Analytics, Hotjar, and Google Tag Manager. Hosting and DNS services are managed via GoDaddy and Cloudflare, ensuring reliable performance and moderate loading speeds. The site is mobile optimized and accessible, with good SEO practices implemented. From a security perspective, the site enforces HTTPS and employs domain status protections to prevent unauthorized changes. However, it lacks DNSSEC, Content-Security-Policy headers, and a publicly available security policy or incident response information, which are areas for improvement. No critical vulnerabilities or suspicious activities were detected, and privacy compliance is supported by clear privacy and cookie policies with consent mechanisms. Overall, Global Genes presents a secure, credible, and professionally managed online presence with minor security enhancements recommended to further strengthen its posture. The organization’s transparency, trust signals, and comprehensive resources contribute to a high level of trustworthiness and user confidence.

PANA is a French non-profit organization operating a national digital support network for associations, providing digital accompaniment, training, and individual support. The website is built on WordPress using Themify Ultra theme and integrates Google Maps API for location-based services. The technical infrastructure is modern and includes Bootstrap and jQuery, hosted by OVH sas. Security posture is adequate with HTTPS and domain protections but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. The website is professional, well-branded, and trustworthy with multiple contact points and structured data. Overall, the site serves its target audience effectively but should improve privacy and security disclosures.

Nadace sportující mládeže is a Czech non-profit foundation dedicated to supporting and developing sport-talented youth through grants, direct contributions, and specialized projects. The foundation enjoys a positive market position within the Czech Republic's youth sports sector, supported by partnerships and endorsements from notable athletes. The website reflects a professional and consistent brand image, targeting young athletes, sports organizations, and grant applicants. Technically, the site uses a Foundation CSS framework and jQuery 2.1.0, with Mailchimp integrated for marketing and newsletter purposes. While the site is mobile-optimized and user-friendly, some technical improvements are recommended, including updating JavaScript libraries and enhancing security headers. Security posture is moderate, with cookie consent implemented but lacking visible security headers and incident response contacts. The absence of WHOIS data limits domain trust verification, though the website content and structure suggest legitimacy. Overall, the site scores well in content quality and business credibility but should address security and compliance gaps to improve trust and resilience.

S

Résolu

soyezresolu.org

0

Résolu is a French non-profit project focused on promoting ethical and free digital tools for organizations within the Social and Solidarity Economy sector. The website serves as an educational manual providing guides and fiches to help collectives adopt libre software aligned with their values of solidarity and sharing. Supported by reputable organizations such as Framasoft and Fondation Free, the project is positioned as a niche resource advocating for digital sovereignty and ethical collaboration. Technically, the website is a static site generated with MkDocs and the Material theme, delivering good design quality and mobile optimization. The site uses modern web standards but lacks advanced security headers and DNSSEC, which could enhance its security posture. Analytics are implemented via Matomo, but no cookie consent mechanism or privacy policy is present, indicating gaps in privacy compliance. From a security perspective, the site benefits from HTTPS and domain transfer protection but would benefit from enabling DNSSEC and adding security headers. No forms or user data collection reduce attack surface, but the absence of privacy and cookie policies is a compliance risk. The domain registration is consistent and legitimate, matching the project timeline and content. Overall, the website is a well-structured, trustworthy resource with good content quality and moderate technical maturity. Strategic improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

S

Spolek ROKYCANŠTÍ PATRIOTI

rokycanstipatrioti.cz

0

The website rokycanstipatrioti.cz represents a small Czech non-profit organization named Spolek ROKYCANŠTÍ PATRIOTI, focused on preserving and promoting the cultural and natural heritage of the Rokycany region. The site provides community information, event announcements, a local encyclopedia, and multimedia galleries, targeting local citizens and history enthusiasts. Technically, the site runs on an outdated Joomla! 1.5 CMS with legacy JavaScript libraries, hosted on shared hosting, and lacks modern security headers and privacy policies. Security posture is moderate but weakened by the use of unsupported software and absence of explicit GDPR compliance. The domain WHOIS data is consistent with the organization's history and location, supporting legitimacy. Overall, the site is functional and content-rich but requires modernization and improved security and privacy compliance to enhance trust and resilience.

I

iRaiser Group

iraiser.eu

0

iRaiser Group is a digital fundraising solutions provider specializing in tools for charities and non-profits to enhance donor engagement and increase donations. With a global client base of over 900 charities, iRaiser offers services such as donation forms, peer-to-peer fundraising, crowdfunding, event fundraising, and ticketing. The company positions itself as a leader in digital fundraising innovation since 2012. Technically, the website is built on HubSpot CMS and integrates multiple modern analytics and marketing technologies including Google Analytics, Piwik PRO, and Facebook Pixel. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and policies could be improved. The absence of WHOIS data for the domain reduces transparency but does not negate the legitimacy indicated by the website content and client references. Overall, iRaiser demonstrates a mature digital presence with strong business credibility in the non-profit fundraising sector.

M

Mountain Riders

mountain-riders.org

0

Mountain Riders is a French non-profit association founded in 2001, dedicated to ecological transition and sustainable development in mountain regions. The organization focuses on education, awareness campaigns, waste reduction initiatives, and professional training related to environmental protection. Their website reflects a well-established presence with clear branding, partner endorsements, and active community engagement through events and newsletters. Technically, the site is built on WordPress with a modern, responsive design and uses Matomo for privacy-conscious analytics. Security posture is good with HTTPS and no visible vulnerabilities, though some security headers and explicit policies could be improved. Privacy compliance is partial, lacking cookie consent mechanisms. Overall, the site is trustworthy and professional, though WHOIS data is unavailable, slightly impacting domain trust.

The Adventist Organizational Directory is a long-established, authoritative online resource maintained by the General Conference Corporation of Seventh-day Adventists. It serves as a comprehensive locator and reference for Adventist churches, schools, and other entities worldwide, targeting members, researchers, and the general public interested in Adventist organizational information. The website provides updated contact information and facilitates change requests, differentiating itself from the Adventist Yearbook by including local entities and more frequent updates. Technically, the website employs a custom-built platform leveraging jQuery, jQuery UI, Google Tag Manager, and TrustArc for cookie consent management. It is hosted behind Cloudflare DNS services but lacks DNSSEC, and some scripts are loaded over HTTP, which may introduce mixed content risks. The site demonstrates moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO. From a security perspective, the site enforces HTTPS and uses Cloudflare DNS, but lacks visible security headers and DNSSEC, which are recommended for enhanced protection. The cookie consent mechanism indicates GDPR compliance efforts, although no explicit security or incident response policies are published. Overall, the security posture is moderate with actionable recommendations to improve DNS security, script delivery, and header implementation. The website is trustworthy and professional, with consistent branding and clear organizational affiliation. It does not contain any adult or questionable content, making it safe for general audiences. The domain registration data supports legitimacy with a long history and consistent organizational identity. Strategic improvements in security and technical modernization would enhance the site's resilience and user trust.

I

International Fiscal Association, Česká republika

ifa-cr.cz

0

International Fiscal Association, Česká republika is a non-profit organization serving as the Czech branch of the international IFA. It focuses on tax law education, research, and networking among tax professionals, academics, and government officials. The website provides information about membership, statutes, upcoming events, and contact details. Technically, the site is built on JavaServer Faces with PrimeFaces and uses Matomo for privacy-respecting analytics. Security posture is adequate with HTTPS and session management, but lacks explicit security headers and published privacy or security policies. Overall, the site is professional and trustworthy, serving a niche audience in the tax and fiscal law domain.

F

Flocon Vert

flocon-vert.org

0

Flocon Vert is a French non-profit organization providing a sustainability label for mountain tourism destinations committed to ecological transition. The website presents detailed information about the label, criteria, partner destinations, and upcoming events. It targets mountain destinations, tourism professionals, and environmentally conscious visitors. The site is built on WordPress with Elementor and integrates modern web technologies and Google analytics tools. Security posture is good with HTTPS and CAPTCHA protections, but lacks some security headers and explicit privacy/cookie policies. Contact information and social media presence enhance business credibility. Overall, the site is professional and trustworthy with a clear mission in sustainable tourism.

B

Biskupství ostravsko-opavské

varhanyproostravu.cz

0

The website 'VARHANY PRO OSTRAVU' is a dedicated non-profit project aimed at supporting the installation of new cathedral organs in the Ostrava Cathedral of the Divine Savior. It is operated under the auspices of the Biskupství ostravsko-opavské (Ostrava-Opava Diocese), targeting donors, cultural enthusiasts, and the local community. The site provides detailed information about the project, donation mechanisms including online adoption of organ pipes, and updates on progress. The business model is donation-based, focusing on cultural heritage preservation and community engagement. Technically, the website is built on WordPress using Elementor, with integrations for GDPR compliance (Complianz plugin), Google Analytics for visitor tracking, and Google Translate for multilingual support. Hosting and domain registration are managed by WEDOS, a reputable Czech provider. The site demonstrates good SEO practices, mobile responsiveness, and moderate performance. Accessibility is basic but functional. From a security perspective, the site enforces HTTPS and uses a cookie consent mechanism aligned with GDPR. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. The domain registration is recent but consistent with the project's timeline, and no suspicious WHOIS patterns were identified. Overall, the security posture is good but could be improved with additional headers and a vulnerability disclosure policy. The overall risk assessment is low, with the site presenting a trustworthy and professional front for a cultural non-profit initiative. Strategic recommendations include enhancing security headers, adding a security.txt file, and improving accessibility features to further strengthen compliance and user trust.

D

Denotevrenychlesu.cz

denotevrenychlesu.cz

0

Denotevrenychlesu.cz is a Czech non-profit event website dedicated to organizing the 'Den otevřených lesů' (Open Forest Day), an event that invites the public to experience forests differently by visiting various forest locations managed by private, municipal, and church owners. The website targets families and nature enthusiasts, providing educational content and event information. The business operates on a small scale with a focus on public engagement and environmental education. Technically, the site is built on WordPress using Elementor and JetEngine plugins, integrating Google Maps for location display. The site is mobile-optimized and SEO-friendly but lacks privacy and cookie policies, which are compliance gaps. Security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers are missing. Overall, the site is trustworthy and professionally presented but could improve privacy compliance and security hardening.

S

Slovenská biblická spoločnosť

bibliaprenepocujucich.sk

0

The website 'Biblia pre nepočujúcich' is a non-profit project managed by the Slovenská biblická spoločnosť, providing biblical stories in Slovak sign language targeted at the deaf community in Slovakia. The project is educational and religious in nature, relying on donations for continuation. The site features video content, a sign language dictionary, and is designed with accessibility in mind, though some accessibility features could be improved. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, JW Player for video playback, and integrates Google Tag Manager, Google Analytics, and Facebook Pixel for tracking and analytics. The site is mobile optimized and has good SEO practices, but lacks some advanced accessibility features and security headers. From a security perspective, the site uses HTTPS and includes a CSRF token, but does not expose security headers such as Content-Security-Policy or X-Frame-Options. No privacy or cookie policies are present, which is a compliance gap. No contact information for security incidents or data protection officers is provided. The domain uses privacy protection in WHOIS, which is justified for this non-profit. No vulnerabilities or suspicious patterns were detected. Overall, the website is functional, professional, and safe for general audiences, but improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and security posture.

A

ADRA Network

adra.cloud

0

ADRA Network operates a donation platform focused on humanitarian aid campaigns such as disaster relief and COVID-19 response. The organization targets donors interested in supporting global aid efforts. The website is built on a WordPress CMS with WooCommerce for donation processing, enhanced by Elementor for design and Cloudflare for hosting and CDN services. The technical infrastructure is modern and supports multi-currency donations and multilingual content, indicating a mature digital presence. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to absence of visible privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the site is professional and trustworthy but could improve transparency and security practices.

A

ADRA Connections

adraconnections.org

0

ADRA Connections is a small US-based non-profit organization affiliated with the Adventist Development and Relief Agency (ADRA). It focuses on organizing volunteer service trips and providing scholarships to student volunteers, targeting individuals and groups interested in faith-based humanitarian service. The website is built on Squarespace and integrates social media and video content to engage its audience. While the site uses HTTPS and includes tracking tools like Google Analytics and Facebook Pixel, it lacks comprehensive privacy and cookie policies and has minimal security headers, indicating room for improvement in privacy compliance and security hardening. The WHOIS data is privacy protected, which is common for non-profits, and no suspicious patterns were detected. Overall, the website presents a professional and trustworthy image with good content quality and business credibility but should enhance its privacy and security posture.

F

Framasoft

mobilizon.fr

0

Mobilizon.fr is a community-driven event and group management platform operated by Framasoft, a French non-profit organization promoting free software and digital freedom. The website serves as an instance of the Mobilizon platform, enabling users to organize, mobilize, and manage events and groups. The platform targets general audiences interested in community engagement and activism. Technically, the site uses modern JavaScript frameworks such as Vue.js and UI libraries like Oruga, with good mobile optimization and accessibility features. The domain is registered with GANDI since 2019, consistent with the platform's operational timeline. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks some security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is functional, trustworthy, and professionally presented but would benefit from enhanced privacy and security documentation.

F

Framasoft

framacarte.org

0

Framasoft is a French non-profit association dedicated to promoting digital autonomy and popular education through ethical, free/libre software services. Framacarte is one of its flagship projects, offering a free online map customization tool based on OpenStreetMap and the uMap software. The organization is funded primarily by donations and emphasizes privacy, minimal data collection, and transparency. The website is professionally designed, mobile-optimized, and rich in content, targeting a broad audience interested in digital emancipation and open-source tools. Technically, the site uses modern web technologies including Vue.js and Bootstrap, hosted by OVH sas. It employs HTTPS with good SSL configuration but lacks DNSSEC and some security headers, which are recommended for enhanced security. Analytics are handled via Matomo with minimal tracking, aligning with the organization's privacy ethos. Security posture is solid for a non-profit, with domain registration protections and no evident vulnerabilities, though improvements are suggested in DNS security and explicit security policies. Privacy compliance is good, with clear terms and privacy policies, though no cookie consent mechanism was detected. Overall, Framasoft and Framacarte present a trustworthy, well-managed digital service with strong community and ethical foundations. Strategic improvements in security and privacy transparency would further enhance trust and resilience.

F

Framasoft

framalistes.org

0

Framasoft is a French non-profit organization providing ethical digital services, including Framalistes, a free mailing list platform focused on privacy and user autonomy. The organization is well-established with a domain age consistent with its founding and operates transparently with donation-based funding. The website is professionally designed, mobile-optimized, and accessible, reflecting a mature digital presence. Technically, it uses modern frameworks like Vue.js and the Sympa mailing list software, hosted by a reputable registrar, Gandi SAS. Security posture is good with HTTPS and domain transfer protections, though DNSSEC and explicit security policies could be improved. Privacy compliance is strong with minimal tracking and clear terms of use. Overall, the site is trustworthy and serves a niche audience seeking ethical alternatives to commercial mailing list services.

F

Framasoft

framasoft.org

0

Framasoft is a well-established French non-profit organization founded in 2004, dedicated to digital emancipation through free software, hosting ethical online services, and popular education. It operates a variety of community-driven projects and platforms such as PeerTube, Mobilizon, and Framablog, supported primarily by donations. The organization targets individuals and groups interested in liberating their digital practices and promoting social justice. Technically, the website uses modern frameworks like Vue.js and Bootstrap, is hosted by OVH, and demonstrates excellent mobile optimization and performance. Security posture is strong with HTTPS and domain protections, though DNSSEC is not enabled and security policies are not explicitly published. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism was detected. Overall, the website is professional, trustworthy, and transparent, with a high legitimacy score based on WHOIS data and content consistency.

G

Globenet

globenet.org

0

Globenet is a small, non-profit oriented website focused on digital rights, surveillance, and privacy activism. It provides news articles, event information, and resources primarily in French, targeting activists and the general public interested in digital liberties. The website uses the SPIP CMS platform with Bootstrap and jQuery, indicating a moderately modern technical infrastructure. The site is accessible and well-structured but lacks explicit privacy and cookie policies, contact information, and security headers, which are areas for improvement. The WHOIS data is unavailable, likely due to privacy protection, which is understandable given the activist nature of the site. Overall, the website is legitimate and serves a niche community but could enhance its security and compliance posture.

N

Nadace Jedličkova ústavu

kolobezkaden.cz

0

Koloběžka DEN is a Czech family-oriented sports event organized by the non-profit Nadace Jedličkova ústavu. The website serves as an informational and promotional platform for the annual event held in Prague, featuring race details, schedules, galleries, and partner information. The event targets families and sports enthusiasts, emphasizing community engagement and local participation. The site is well-branded and supported by multiple reputable partners, enhancing its credibility. Technically, the website is built on WordPress with a modern but somewhat dated tech stack including Bootstrap 3 and jQuery. It uses common plugins for mobile navigation, image lightboxes, and slideshows. The site is hosted likely by WEDOS, a Czech hosting provider, and uses HTTPS with a good SSL configuration. Performance and mobile optimization are adequate, though accessibility and SEO could be improved. From a security perspective, the site has HTTPS enabled but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is present. Google Analytics and Tag Manager are used for tracking without visible consent mechanisms, indicating privacy compliance gaps. No forms are present on the homepage, reducing attack surface but also limiting direct data collection. Overall, the website is functional and trustworthy for its purpose but should improve privacy compliance and security best practices to enhance user trust and regulatory adherence.

N

Nadace Jedličkova ústavu

kolickovyden.cz

0

Kolíčkový den is a charitable fundraising campaign organized by Nadace Jedličkova ústavu, focused on supporting children and young people with disabilities in the Czech Republic. The campaign engages schools and organizations nationwide to raise funds and awareness for better communication and support for people with handicaps. The website is professionally designed using WordPress CMS with SEO optimization and includes multimedia content such as embedded videos and testimonials to enhance engagement. Technically, the site uses modern tools like Google Tag Manager and CookieScript for analytics and privacy compliance, hosted by a reputable Czech provider. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers could improve defenses. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements, serving as an effective platform for its non-profit mission.

Q

Quartier Libre Besançon

quartierlibre-besancon.fr

0

Quartier Libre Besançon is a non-profit association uniting three community centers (MJC Palente, MJC Clairs-Soleils, and Maison de quartier Rosemont St-Ferjeux) in Besançon, France. The organization focuses on promoting cultural, social, and leisure activities for local residents, families, youth, and adults. The website serves as a portal for information on events, activities, and community engagement, reflecting a strong local community presence. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, with integration of Google Analytics and Google reCAPTCHA for security and analytics. The site is well-structured, mobile-optimized, and uses modern web technologies, though some security headers are missing. Cookie consent and GDPR compliance mechanisms are implemented, indicating attention to privacy regulations. Security posture is generally good with HTTPS enforced and reCAPTCHA protecting forms, but the absence of certain security headers and lack of a published security policy or incident response contact are areas for improvement. No vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable, likely due to privacy protection, but the website content and contact information support legitimacy. Overall, the website is professional, trustworthy, and serves its community-oriented mission effectively. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining up-to-date software to mitigate risks.

T

Téčko

tka.cz

0

Téčko is a cultural organization based in Rožnov pod Radhoštěm, Czech Republic, providing a wide range of cultural events including concerts, exhibitions, workshops, and cinema programs. The organization targets local citizens and visitors interested in cultural and educational activities. The website presents a professional and well-structured platform with event calendars, ticket sales, and multimedia galleries, supporting its role as a community cultural hub. Technically, the site uses established JavaScript libraries and cookie consent tools, with HTTPS enabled ensuring secure communication. However, the absence of WHOIS data raises concerns about domain registration legitimacy, though the website content and social media presence suggest a legitimate entity. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Security posture is moderate, with room for improvement in security headers and incident response transparency. Overall, the site is functional, user-friendly, and trustworthy from a content perspective but would benefit from enhanced security practices and domain registration clarity.

A

ADRA International

adra.org

0

ADRA International is a well-established global non-profit organization focused on humanitarian aid, development, and disaster relief across more than 120 countries. The organization operates through local offices and partners to fight poverty and create sustainable change. Their website reflects a professional and consistent brand image, with comprehensive content targeting donors, volunteers, and partners. The business model is centered on charitable donations, volunteer engagement, and strategic partnerships, positioning ADRA as a leading humanitarian agency with strong trust indicators including multiple certifications and transparent financial disclosures. Technically, the website is built on WordPress using Elementor, integrating modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and RudderLabs. The site is mobile optimized with good SEO practices and moderate performance. Hosting and domain registration are stable and consistent with the organization's profile. From a security perspective, the site uses HTTPS with good SSL configuration and some security headers, though DNSSEC is not enabled and there is no visible security.txt or vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and indicate GDPR compliance, supporting responsible data protection practices. Overall, ADRA International's website demonstrates a mature digital presence with strong business credibility and good security posture. Minor improvements in DNS security and formal vulnerability disclosure could further enhance trust and resilience.

S

Slovenská biblická spoločnosť

biblickaspolocnost.sk

0

The Slovenská biblická spoločnosť is a Slovak non-profit organization dedicated to spreading the Bible and related religious materials through multiple channels including print, online, audio, and visual media. With over 30 years of history, it holds a reputable position in the religious non-profit sector in Slovakia. The organization operates several related websites and an online bookshop, targeting a general audience interested in biblical content and religious education. Technically, the website is built on a modern WordPress platform using Elementor and other popular plugins, with good SEO and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and formal policies are missing. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate non-profit entity.

A

ADRA Slovensko

adra.sk

0

ADRA Slovensko is a Slovak non-profit humanitarian organization focused on providing aid and development projects both domestically and internationally. The website presents a professional and content-rich platform showcasing their key services such as humanitarian aid, volunteer programs, and fundraising initiatives. The organization is affiliated with ADRA International, enhancing its credibility and market position. Technically, the website is built on WordPress with modern tools like Elementor and WooCommerce, hosted likely by Websupport. Security posture is adequate with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the site is trustworthy, well-branded, and serves its target audience effectively.

The website adventistmission.org serves as the official mission portal for the Seventh-day Adventist Church, providing comprehensive resources, news, training, and donation options to support global missionary work. It targets church members, missionaries, donors, and supporters worldwide, positioning itself as a key platform for mission engagement within the Adventist community. The business model is non-profit and religious, backed by the General Conference Corporation of Seventh-day Adventists, a large and established organization. Technically, the site employs a modern tech stack including jQuery, Google Tag Manager, Fundraise Up for donations, and Bloomerang CRM for constituent management. It is hosted behind Cloudflare, ensuring good performance and security. The site is mobile-optimized with good SEO and basic accessibility features, though some improvements could be made in security headers and accessibility. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The site uses a consent management platform for GDPR and cookie compliance, reflecting good privacy practices. However, it lacks publicly available security policies or incident response contacts, which could be improved to enhance trust. Overall, the site is professional, trustworthy, and well-maintained, with a high legitimacy score despite the absence of detailed WHOIS data due to privacy protection. Strategic recommendations include implementing security headers, publishing security and incident response policies, and adding vulnerability disclosure mechanisms to further strengthen security and compliance.

C

Creative Opportunities Unlimited

creativeopportunities.org

0

Creative Opportunities Unlimited is a small non-profit organization dedicated to supporting participants of Odyssey of the Mind through scholarships and association support. Their website, built on the Wix platform, presents a professional and consistent brand image focused on educational and creative development for youth. The technical infrastructure is standard for Wix-hosted sites, with modern JavaScript polyfills and HTTPS enabled, ensuring a secure browsing experience. However, the site lacks visible privacy and cookie policies, as well as explicit contact information, which are important for compliance and user trust. The WHOIS data is unavailable or privacy-protected, which is common for small non-profits but slightly reduces transparency. Overall, the site is trustworthy and safe, with room for improvement in privacy compliance and security best practices.

Odyssey Angels is a small non-profit community program focused on encouraging creative problem-solving to assist overlooked individuals in local communities. The website serves as an informational portal for enrollment and program details, linking to related official sites and sponsors. Technically, the site is built on Drupal 7 and hosted by InMotion Hosting, with moderate performance and basic mobile optimization. Security posture is moderate but lacks modern best practices such as DNSSEC, security headers, and visible HTTPS enforcement. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is safe and trustworthy but would benefit from improved security and compliance measures.

I

International Committee of Sports for the Deaf

deaflympics.com

0

The International Committee of Sports for the Deaf (ICSD) operates the Deaflympics.com website, serving as the official platform for deaf athletes competing internationally. The site provides comprehensive information about Deaflympics games, athletes, sports, countries, and news updates. It holds a recognized position in the international sports community, affiliated with the International Olympic Committee, and targets deaf athletes and sports enthusiasts globally. The business model is non-profit, focusing on event coordination and information dissemination. Technically, the website uses a modern tech stack including jQuery 3.6.0 and Bootstrap 5, hosted likely by 1&1 IONOS. The site is moderately performant, mobile-optimized, and has a consistent branding approach. However, accessibility and SEO optimizations are basic, and no CMS or advanced platforms are detected. From a security perspective, the site lacks DNSSEC and visible security headers, and no cookie consent mechanism is present, which impacts privacy compliance. The domain is well-established with consistent WHOIS data, indicating legitimacy. No WAF or blocking mechanisms are detected, and no critical vulnerabilities are visible in the provided content. Overall, the website is professional and trustworthy but would benefit from enhanced security headers, DNSSEC implementation, and privacy compliance improvements to strengthen its security posture and user trust.

Des Livres en Communs is a French non-profit initiative operated by Framasoft that offers an innovative publishing model supporting authors with grants and editorial assistance to produce works published under free licenses. The website presents a clear mission focused on free culture and alternative publishing, targeting authors and readers interested in open access literature. Technically, the site is built using the Hugo static site generator with Bootstrap and Fork Awesome for styling, hosted by OVH, and uses Matomo for analytics, reflecting a modern and privacy-conscious infrastructure. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers, and no privacy or cookie policies are present, indicating room for compliance improvements. Overall, the site is professional and trustworthy but could enhance transparency and security practices to better align with GDPR and best practices.

H

HETI Federation

hetifederation.org

0

HETI Federation is an international organization dedicated to promoting horses in education and therapy. The website serves as a platform to support equine-assisted activities and therapies, targeting individuals and organizations interested in this niche field. The business model appears to be non-profit or educational, with a focus on federation services and community building. Technically, the website is built on WordPress using the Divi theme and several plugins for event management, payments, and membership, indicating a moderate level of digital maturity. The site is hosted with DNS managed via Cloudflare and uses HTTPS, ensuring basic security. However, there is room for improvement in security practices, such as enabling DNSSEC and implementing security headers. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which could pose compliance risks. Overall, the website is functional and moderately professional but requires enhancements in privacy and security to improve trust and compliance.

N

Nadace Jedličkova ústavu

nadaceju.cz

0

Nadace Jedličkova ústavu is a Czech non-profit foundation established in 2002, dedicated to supporting children and young adults with physical and combined disabilities. The foundation focuses on promoting independence and social integration through educational support, personal assistance, barrier-free transportation, leisure activities, and medical aids. It operates primarily through donations, partnerships, and fundraising events, maintaining a strong presence in the Czech disability support sector. The website reflects a professional and consistent brand image with clear communication of its mission and activities. Technically, the website is built on WordPress 6.8.2 with Yoast SEO and uses modern web technologies including jQuery and Google Fonts. It is hosted by WEDOS, a Czech hosting provider, and is optimized for mobile devices with good SEO practices. However, there is room for improvement in accessibility and performance tuning. From a security perspective, the site uses HTTPS and secure forms but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data confirms the domain's legitimacy and long-standing presence, supporting trustworthiness. Overall, the site is a credible and professional platform for a non-profit organization but should enhance privacy compliance and security headers to strengthen its security posture and regulatory adherence.

N

Nadace AGROFERT

nadace-agrofert.cz

0

Nadace AGROFERT is a well-established non-profit foundation based in the Czech Republic, focused on providing social support, grants, and scholarships primarily for children, youth, handicapped individuals, and single parents. The foundation has been operational since 2012 and is affiliated with the Agrofert group. Their website reflects a professional and consistent brand image, offering clear information about their projects, grant programs, and contact details. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Analytics, ensuring a responsive and accessible user experience. Security measures such as HTTPS, reCAPTCHA, and cookie consent are implemented, although some security headers could be improved. Overall, the site demonstrates a good security posture and compliance with GDPR requirements. The domain registration data aligns well with the business claims, supporting the legitimacy of the foundation.

Č

Česká hiporehabilitační společnost, z.s.

hiporehabilitace-cr.com

0

Česká hiporehabilitační společnost, z.s. (ČHS) is a well-established non-profit organization in the Czech Republic dedicated to supporting hippotherapy practices. With over 30 years of history, it serves a broad audience including children and adults with disabilities, healthcare professionals, and hippotherapy centers. The organization offers licensing for hippotherapy horses, educational courses, membership services, and organizes events and conferences. The website reflects a mature digital presence with comprehensive content and a clear mission. Technically, the website is built on WordPress with modern plugins and uses a reputable Czech hosting provider. It incorporates Google Fonts, Facebook Pixel for marketing and analytics, and a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and provides a good user experience, though some accessibility and security header improvements could be made. From a security perspective, the site uses HTTPS and demonstrates GDPR compliance with dedicated privacy and cookie policy pages. However, no explicit security policies or incident response contacts were found. The domain registration is stable and consistent with the organization's profile, enhancing trustworthiness. Overall, the website presents a professional and trustworthy front for the organization, with minor technical and security enhancements recommended to further strengthen its posture.

The Forum National des Associations & Fondations website represents a well-established French event focused on the associative and social economy sectors. Organized by Les Echos Le Parisien Événements, the site promotes the 19th edition scheduled for November 2025 in Paris. The platform provides detailed event information, partner listings, speaker highlights, and replay content, targeting professionals and stakeholders in the non-profit sector. The website demonstrates consistent branding and a professional presentation aligned with its market position as a leading national event. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and uses Google Tag Manager for analytics and Didomi for GDPR-compliant consent management. The site is mobile-optimized with good SEO practices and moderate performance. No CMS or hosting provider is explicitly identified, but the infrastructure appears stable and professionally maintained. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks explicit security headers and published security policies or incident response information. The domain WHOIS data shows a long-standing registration since 2005 with appropriate domain status protections, indicating legitimacy and stability. No WAF or blocking mechanisms are detected, and no vulnerabilities or exposed sensitive data are apparent. Overall, the website is safe, professional, and compliant with privacy regulations, serving its audience effectively. Recommendations include enabling DNSSEC, adding security headers, and publishing security and incident response policies to enhance trust and security posture.

R

Réseau National des Maisons des Associations

rnma.fr

0

The Réseau National des Maisons des Associations (RNMA) operates as a national non-profit network dedicated to supporting local associative life in France. The organization provides resources, events, and research to strengthen community engagement and associative activities. Their website reflects a professional and well-structured platform with clear navigation, event listings, and active social media channels. Technically, the site is built on WordPress using modern plugins and themes, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though explicit security headers are lacking and no public security policy is found. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism. However, the absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness, warranting further verification. Overall, the RNMA website is a credible and valuable resource for its target audience but could improve transparency and security practices.

DROSOS STIFTUNG is a well-established non-profit foundation founded in 2002, focused on supporting disadvantaged youth and young adults to realize their full potential and achieve economic independence. The foundation operates primarily in Switzerland and maintains a professional and consistent online presence through its website drosos.org. The website is built on WordPress, leveraging modern plugins such as Yoast SEO and Real Cookie Banner Pro to ensure good SEO and privacy compliance. The technical infrastructure is hosted via GoDaddy with Swiss-based name servers, reflecting the organization's geographic focus. Security posture is solid with HTTPS enforced and domain status protections in place, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is strong, with comprehensive privacy and cookie policies and an effective consent mechanism. No critical vulnerabilities or suspicious patterns were detected. Overall, the website and domain reflect a trustworthy and credible organization with a clear mission and professional digital footprint.

E

enpact e.V.

startuphaus.org

0

enpact e.V. is a Berlin-based non-profit organization dedicated to empowering entrepreneurship and ecosystem development, with a regional hub called Startup Haus Cairo established in 2018. The organization supports startups, freelancers, and creative professionals through workspace provision, mentoring, events, and community building. Their market position is that of a key regional enabler in the MENA startup ecosystem, supported by reputable partners such as the Drosos Foundation. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting entrepreneurs and ecosystem stakeholders. Technically, the site is built on WordPress with standard plugins for GDPR compliance and analytics, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and published security policies. No critical vulnerabilities or suspicious elements were detected. Overall, the site is trustworthy and well-maintained, suitable for its non-profit mission.

E

Empresas Socialmente Responsables

topsmexicosocialmenteresponsables.com

0

The website 'Empresas Socialmente Responsables – Tops Mexico ESR' serves as an informational platform focused on socially responsible companies in Mexico. It provides news, articles, resources, and learning materials related to corporate social responsibility and sustainability. The target audience includes businesses and professionals interested in these topics within the Mexican market. The business model appears to be centered on content dissemination and community engagement around social responsibility themes. The domain was registered in 2021, aligning with a relatively new but focused initiative. Technically, the website is built on WordPress 6.8.3, utilizing common plugins such as MetaSlider, Kubio, and WPForms Lite. It uses Google Fonts and jQuery, hosted by Neubox Internet S.A. de C.V., a Mexican registrar. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. The design is professional and consistent, supporting a positive user experience. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. However, it lacks DNSSEC and explicit security headers, which are recommended for enhanced security. No privacy or cookie policies are present, which is a compliance gap. Contact information is limited to a phone number and a contact form, with no email addresses or incident response contacts provided. Tracking is implemented via Metricool and Tagembed widgets, indicating moderate user tracking. Overall, the website is safe and suitable for a general audience, with no adult or questionable content detected. The domain registration details are consistent with the website's Mexican focus, and the legitimacy score is high. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear incident response contacts to improve compliance and security posture.

T

The Invisible Dog Art Center

theinvisibledog.org

0

The Invisible Dog Art Center is a Brooklyn-based non-profit organization focused on promoting contemporary art through exhibitions, performances, culinary experiences, and artist residencies. The website serves as a hub for event information, fundraising, and community engagement, targeting art enthusiasts and supporters locally and internationally. The organization maintains an active social media presence and has received recognition such as multiple New York Emmy Awards for its fundraising video. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including JavaScript, Typekit fonts, and Google Fonts. The site is mobile-optimized with good SEO practices and structured data for enhanced search engine visibility. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS but lacks some advanced security headers such as HSTS and Content Security Policy. No exposed sensitive data or vulnerabilities were detected in the content. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, which is a notable gap for GDPR and other regulations. Overall, the website presents a professional and trustworthy front for the art center, though improvements in privacy compliance and security headers would enhance its posture. The lack of WHOIS data reduces domain trust slightly but does not detract significantly from the site's legitimacy given the rich content and social proof.

I

Institute for Nonprofit News

inn.org

0

The Institute for Nonprofit News (INN) operates as a nonprofit membership network supporting over 500 nonprofit news organizations. The website serves as a platform to provide access to nonprofit news coverage on local and global issues, targeting nonprofit news organizations, journalists, and the general public interested in nonprofit news. The organization is well-established, with a domain registered since 1999, reflecting its longstanding presence in the nonprofit news sector. The website employs a WordPress CMS infrastructure with multiple plugins to support donations, events, and user management, indicating a mature digital infrastructure. Technically, the site uses modern web technologies including Google Analytics and Tag Manager for analytics, Font Awesome for icons, and Yoast SEO for search optimization. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Security-wise, the site uses HTTPS and domain registration protections but lacks DNSSEC and visible security headers, and does not publish a security policy or incident response contacts. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms in the provided content. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

Č

ČLOVÍČEK (ONE LITTLE) z.s.

clovicekbrno.cz

0

ČLOVÍČEK (ONE LITTLE) z.s. is a Czech non-profit organization dedicated to supporting children with health disadvantages through various community, educational, and therapeutic activities primarily based in Brno. The organization operates with a small-scale model funded by grants, donations, and sponsorships, offering services such as holiday camps, weekend events, therapy, and family support. Their website reflects a well-structured and content-rich platform that effectively communicates their mission and services to families, donors, and volunteers. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses popular plugins for SEO, cookie consent, and contact forms. The site is mobile responsive and optimized for good user experience, although some accessibility features could be improved. Performance is moderate, with external dependencies on CDNs and Google Fonts. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks important security headers and a security.txt file for vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain reduces trustworthiness somewhat, but the website content and contact information appear legitimate and consistent with a small non-profit entity. Overall, the site presents a trustworthy and professional image suitable for its community-focused mission. Strategic improvements in security headers, WHOIS transparency, and incident response readiness would enhance its security posture and trustworthiness further.

M

Modrá pomáhá, z.s.

modrapomaha.cz

0

Modrá pomáhá, z.s. is a Czech non-profit organization dedicated to supporting children with autism through a variety of services including therapies, social skills training, and recreational activities. The organization operates locally with partnerships from regional companies and foundations, positioning itself as a trusted community resource. The website reflects this mission with clear service offerings and partner acknowledgments. Technically, the site is built on WordPress using WPBakery Page Builder, with standard libraries like jQuery and Google Analytics integrated. The site is hosted by REG-ZONER, a Czech hosting provider, and uses HTTPS ensuring secure connections. However, some security best practices such as security headers and cookie consent mechanisms are missing. No direct contact emails or phone numbers are visible, suggesting reliance on contact forms for communication. Overall, the website is professional and trustworthy but could improve privacy compliance and security posture.

N

Nadační fond Kometa

nadacnifondkometa.cz

0

Nadační fond Kometa is a Czech non-profit foundation established in 2015, focused on charitable activities including support for children with autism and community events. The foundation operates an e-shop for fundraising and maintains partnerships with local organizations such as HC Kometa Brno. The website is built on WordPress and uses common web technologies including jQuery, Google Analytics, and WPBakery Page Builder. The site is well-branded and provides relevant content for its audience, though it lacks explicit privacy and cookie policies. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the website is functional and trustworthy but could improve compliance and security transparency.

B

Barnes Foundation

barnesfoundation.org

0

The Barnes Foundation is a well-established non-profit art institution based in Philadelphia, specializing in impressionist, post-Impressionist, and modern art. It offers a rich collection, educational programs, tours, and events targeting art enthusiasts, educators, and the general public. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, it leverages modern analytics and marketing tools, hosted on AWS infrastructure, and built on Craft CMS. Security posture is good with HTTPS and CSRF protections, though improvements in DNSSEC and security headers are recommended. Privacy policies and terms are present and GDPR compliant, supporting trust and compliance. Overall, the site is professional, trustworthy, and serves its audience effectively.

F

Find Your News

findyournews.org

0

Find Your News is a nonprofit platform dedicated to connecting users with nonprofit newsrooms across various topics and geographic locations. It operates under the umbrella of the Institute for Nonprofit News (INN), which supports hundreds of independent, nonpartisan news organizations. The website offers a user-friendly interface with search and filtering capabilities to match users with relevant nonprofit journalism sources. Technically, the site is built on WordPress, leveraging modern web technologies such as jQuery and autocomplete.js, and integrates Google Analytics and StackAdapt for analytics and advertising. The site demonstrates good SEO practices and mobile optimization but lacks explicit privacy and cookie policies, which are critical for compliance and user trust. Security-wise, the site uses HTTPS and domain status protections but does not enable DNSSEC or implement security headers, representing areas for improvement. Overall, the website is professional, trustworthy, and serves a clear nonprofit media mission, though it should enhance privacy compliance and security posture to align with best practices.