Security Directory

D

DoSomething.org

dosomething.org

0

DoSomething.org is a well-established non-profit organization founded in 1995, dedicated to empowering young people to engage in social activism and community service. The platform offers a variety of volunteer opportunities, educational resources, and campaigns focused on equity, justice, climate action, and wellbeing. It targets youth and young adults, positioning itself as a leading youth-driven social change platform in the United States. The website is professionally designed with excellent content quality and clear navigation, supporting a positive user experience and strong brand consistency. Technically, the website leverages modern web technologies including React and Next.js, hosted on AWS infrastructure with Sanity CMS for content management. The site demonstrates good performance, mobile optimization, and SEO practices. Security measures include HTTPS enforcement and multiple security headers, though DNSSEC is not enabled. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a visible cookie consent mechanism and direct contact emails for security or incident response. The security posture is strong overall, with no detected vulnerabilities or exposed sensitive data. The domain WHOIS data confirms legitimacy with a long registration history and consistent registrant information. Social media integration is robust, enhancing community engagement and trust. Recommendations include implementing a cookie consent banner, publishing a security policy and incident response contacts, and enabling DNSSEC to further strengthen security. Overall, DoSomething.org presents a credible, secure, and user-friendly platform with a clear mission to mobilize youth for social good, supported by a mature technical infrastructure and solid business credibility.

D

Digital Democracy Institute of the Americas

ddia.org

0

The Digital Democracy Institute of the Americas (DDIA) is a small non-profit organization founded in 2018, focused on strengthening digital democracy and information integrity for Latino communities across the Americas. It operates as a research and advocacy hub, providing public opinion research, narrative analysis, capacity-building, and policy guidance. The organization targets Latino populations in the U.S. and Latin America, policymakers, journalists, and civil society actors. The website reflects a professional and consistent brand with clear messaging and a strong social media presence. Technically, the website is built on modern frameworks including React and Next.js, hosted and secured via Cloudflare. It demonstrates good performance, mobile optimization, and SEO practices. Security posture is solid with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is partially addressed with privacy and cookie policies present, but lacks an explicit cookie consent mechanism. Contact information is primarily via a contact form and social media channels, with no direct emails or phone numbers publicly listed. Overall, the site is safe, trustworthy, and well-maintained, with minor improvements recommended in security transparency and privacy consent. Strategic recommendations include enabling DNSSEC, publishing a security policy and incident response contacts, implementing cookie consent mechanisms, and considering a vulnerability disclosure policy to enhance trust and compliance.

C

CyberPeace Institute

cyberpeaceinstitute.org

0

CyberPeace Institute is a specialized non-profit organization dedicated to protecting vulnerable entities in cyberspace by providing cybersecurity assistance, tracing cyberattacks and disinformation, and advocating for accountability and cyberpeace. The organization operates multiple projects and initiatives aimed at underserved organizations, humanitarian actors, and policymakers. Their market position is that of a trusted advocate and service provider in the cybersecurity non-profit sector. Technically, the website is built on a modern WordPress platform with popular plugins and frameworks, hosted behind Cloudflare for DNS and CDN services, and incorporates GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enabled and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. The site lacks explicit privacy policy and terms of service pages, as well as direct contact information for security incidents, which are areas for enhancement. Overall, the website is professional, trustworthy, and well-branded, serving a general audience interested in cybersecurity and cyberpeace advocacy.

C

Cyber Collective

cybercollective.org

0

Cyber Collective is a nonprofit organization focused on empowering individuals and communities with digital safety education and resources. Their flagship program, Internet Street Smarts, along with workshops and a comprehensive resource library, positions them as a leader in grassroots digital safety advocacy. The website reflects a professional, accessible, and community-oriented approach, with strong calls to action for donations and partnerships. Technically, the site leverages modern web technologies including Webflow CMS, Stripe for payments, and privacy-respecting analytics. Security posture is strong with HTTPS and CAPTCHA protections, though some security headers could be enhanced. Privacy compliance is good with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. WHOIS data is unavailable, likely due to privacy protection, which is typical for nonprofits. Overall, the site is trustworthy, well-designed, and serves its mission effectively.

C

Consumer Reports

consumerreports.org

0

Consumer Reports is a well-established non-profit organization focused on providing unbiased product reviews, ratings, and consumer advocacy. The website serves a broad consumer audience seeking trustworthy buying advice and in-depth reporting on consumer issues. It operates on a membership and donation-based business model, emphasizing ad-free and influence-free content. The technical infrastructure is modern, leveraging advanced JavaScript modules, personalization tools, and secure membership management. The site is highly optimized for performance, mobile responsiveness, and accessibility, with strong SEO practices. Security posture is robust with HTTPS enforcement, security headers, and secure forms, although explicit security policies and incident response information are not publicly detailed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable resource for consumers.

C

Consumer Action

consumer-action.org

0

Consumer Action is a well-established 501(c)(3) nonprofit organization focused on consumer education, advocacy, financial literacy, and consumer protection primarily serving underrepresented consumers nationwide. The website reflects a mature digital presence with multilingual support and a broad range of consumer resources including publications, newsletters, training modules, and a help desk. Technically, the site uses a moderate technology stack including jQuery, Google Tag Manager, and Cloudflare DNS, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and domain transfer protections but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR indicators. Overall, the site is professional, trustworthy, and content-rich, supporting its mission effectively.

C

Common Sense Media

commonsense.org

0

Common Sense Media is a leading nonprofit organization dedicated to making the digital world safer and healthier for children and families. Their services include media ratings, educational resources, advocacy for tech accountability, and research on digital well-being. The organization targets families, educators, and policymakers, positioning itself as a trusted authority in child digital safety and education. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its audience. Technically, the site is built on Drupal 10 with PHP 8.3.26, leveraging modern web technologies including Google Tag Manager, Google Analytics, and OneTrust for consent management. The site is mobile-optimized, accessible, and employs security best practices such as HTTPS, CAPTCHA on forms, and content security policies. Performance is moderate, with CDN usage enhancing delivery. Security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR compliance indicators, and user consent mechanisms. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present and could be improved. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for a nonprofit organization focused on child safety and education. The lack of WHOIS data is likely due to privacy protection, which is justified for this business type. No signs of malicious or suspicious activity were detected.

C

Center for Internet Security

cisecurity.org

0

The Center for Internet Security (CIS) is a reputable nonprofit organization dedicated to improving cybersecurity for public and private entities by leveraging a global IT community. Their website reflects a professional and well-structured digital presence, offering resources, collaboration opportunities, and cybersecurity best practices. The organization targets IT professionals, businesses, and government agencies seeking to enhance their security posture. Technically, the website employs modern web technologies including Vue.js, jQuery, and Sitecore CMS, supported by analytics and marketing tools such as Matomo, Cookiebot, and Optimizely. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and integrates privacy-compliant analytics. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security headers should be verified and a security.txt file could enhance vulnerability disclosure. Overall, CIS presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security header implementation, formalizing vulnerability disclosure, and continuous monitoring of third-party scripts to maintain security integrity.

B

BlackGirlsHack

blackgirlshack.org

0

BlackGirlsHack is a nonprofit organization dedicated to increasing diversity in cybersecurity by providing training, mentoring, and community support primarily for Black girls and women, though open to all. The organization offers a variety of services including career resources, educational outreach, networking events, and training programs. Their market position is strong within the diversity and cybersecurity training space, supported by partnerships with major tech companies and a growing community platform. Technically, the website is built on the WildApricot CMS platform, uses modern JavaScript libraries, and integrates Google reCAPTCHA for security on forms. The site is moderately optimized for performance and mobile use, with good content quality and navigation. Security posture is adequate with HTTPS enforced and CAPTCHA usage, but lacks some advanced security headers and DNSSEC. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the organization.

B

BCVoices Inc.

bcvoices.org

0

BCVoices Inc. is a small non-profit organization dedicated to telling the stories of women's rights struggles and achievements from America's founding to the present day. Their key services include producing online docuseries, documentary shorts, and maintaining an oral history collection to educate and advocate for gender equity and women's autonomy. The organization targets a general audience interested in women's rights history and social justice. Technically, the website is built on WordPress using Elementor, with standard plugins for e-commerce and image optimization. The site is moderately performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy with strong social media presence and award recognition.

A

AnitaB.org

anitab.org

0

AnitaB.org is a well-established nonprofit organization dedicated to empowering tech professionals through mentorship, apprenticeships, networking, and research. The organization holds a strong market position as a leader in tech workforce development and diversity initiatives. Their digital presence is built on a modern tech stack including Next.js and Sanity CMS, hosted on Azure infrastructure, with excellent mobile optimization and SEO practices. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is adequate with clear privacy and cookie policies, but lacks active consent mechanisms. Overall, the website is professional, trustworthy, and serves a general audience with safe content.

J

JobPath

yourjobpath.com

0

JobPath is a specialized online platform dedicated to connecting military veterans, transitioning service members, and military spouses with meaningful employment opportunities. The platform offers a comprehensive suite of services including job search, MOS translation, skills training, and career mentorship. It also provides employers with subscription-based tools to post jobs and search for qualified veteran candidates. The company has established strong partnerships with notable veteran organizations such as Gridiron Capital and the Bob Woodruff Foundation, enhancing its market position and credibility within the veteran employment ecosystem. Technically, JobPath leverages a modern web technology stack including React and Next.js, hosted likely on AWS infrastructure with media assets served from S3 buckets. The site demonstrates good performance, mobile optimization, and SEO practices. Security measures include HTTPS enforcement, Google reCAPTCHA integration, and Stripe for secure payment processing. However, there is room for improvement in security headers and DNSSEC implementation. From a security and compliance perspective, the site maintains a good posture with no critical vulnerabilities detected. Privacy policies are present and comprehensive, though cookie consent mechanisms are lacking, which may impact GDPR compliance. No incident response or security policy pages were found. The domain registration is consistent with the business claims, showing a mature and legitimate online presence. Overall, JobPath presents a professional, trustworthy, and well-maintained platform serving a niche but important market segment. Strategic improvements in security headers, cookie consent, and vulnerability disclosure policies would further enhance its security posture and compliance standing.

G

GoFundMe Pro

classy.org

0

GoFundMe Pro is a leading nonprofit fundraising platform that combines the powerful software capabilities of Classy with the scale and community of GoFundMe. It offers a comprehensive suite of fundraising tools including donation forms, crowdfunding, event ticketing, peer-to-peer fundraising, and payment processing solutions tailored for nonprofit organizations. The platform targets nonprofits seeking to maximize their fundraising reach and donor engagement through customizable campaigns and intelligent fundraising tools. Technically, the website is built on WordPress with modern integrations such as Google Tag Manager, Facebook Pixel, and Wistia for video content, reflecting a mature digital infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a professional user experience. Security-wise, the site enforces HTTPS and uses asynchronous loading of tracking scripts, but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. The absence of WHOIS data for the subdomain is typical and does not detract from the legitimacy given the strong brand association with GoFundMe. Overall, the platform presents a secure, professional, and feature-rich environment for nonprofit fundraising, though it would benefit from enhanced transparency in privacy and security policies.

H

Haus der Natur Obere Donau

hausdernatur-oberedonau.de

0

Haus der Natur Obere Donau is a regional non-profit nature and cultural education center located in Beuron, Germany. It serves as the seat for three organizations focused on nature conservation, sustainable tourism, and regional product marketing. The website provides information about their permanent exhibition, events, boat rentals, and educational offerings, targeting nature enthusiasts, local visitors, and schools. The site is well-structured, professionally designed, and consistent with its mission and audience. Technically, it is built on the Contao CMS platform, uses jQuery and Colorbox for UI, and is hosted on servers associated with kasserver.com. The website is mobile-optimized and SEO-friendly but lacks some advanced accessibility features.

T

Take 9 seconds before you click, download, or share

pausetake9.org

0

Take9 is a public service cybersecurity awareness campaign launched in 2024 by Craig Newmark Philanthropies in partnership with numerous reputable cybersecurity organizations. The campaign educates the general public on the importance of pausing 9 seconds before clicking, downloading, or sharing online content to avoid cyber threats such as phishing and scams. The website serves as an educational platform providing tips, videos, and resources to enhance personal and community cybersecurity awareness. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Tag Manager, Hotjar, and AdRoll for analytics and marketing. It is hosted with Cloudflare as registrar and DNS provider, ensuring good performance and security. The site is mobile optimized and accessible with good SEO practices, although some accessibility features could be improved. The site lacks DNSSEC and explicit security headers, which are recommended for enhanced security. From a security posture perspective, the site uses HTTPS with a valid SSL certificate and enforces domain transfer protection. However, it lacks a cookie consent mechanism and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The site’s privacy policy and terms of use are present but basic, with limited GDPR compliance indicators. Overall, the website is trustworthy, professionally maintained, and serves a clear non-profit educational mission. Strategic improvements include enabling DNSSEC, adding security headers, implementing cookie consent for GDPR compliance, and publishing detailed security and incident response policies to enhance user trust and compliance.

B

Bob Woodruff Foundation

bobwoodrufffoundation.org

0

The Bob Woodruff Foundation is a well-established nonprofit organization dedicated to supporting veterans, service members, and their families by funding effective programs and services nationwide. The website reflects a strong market position as a leading veteran-focused nonprofit with a comprehensive grantmaking and community impact model. Their digital presence is robust, leveraging WordPress CMS with modern JavaScript libraries and integrations for donations and analytics. The site is professionally designed, mobile-optimized, and provides clear navigation and rich content tailored to their audience. Security posture is strong with HTTPS enforcement and domain locking, though improvements can be made by enabling DNSSEC and publishing formal security policies. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness.

S

SocialTIC

smalldata.technology

0

Small Data is a non-profit educational project by SocialTIC focused on documenting and promoting the use of Small Data methodology for social impact among small organizations and community groups. The website provides case studies, methodology explanations, and resources primarily in Spanish, targeting non-profit and social impact sectors in Mexico and Latin America. The technical infrastructure is based on Adobe Muse with legacy technologies such as jQuery 1.8.3 and includes Google Analytics for visitor tracking. While the site is accessible and well-designed with good mobile optimization, it lacks modern security practices such as updated libraries, security headers, and privacy/cookie policies. WHOIS data is unavailable due to TLD restrictions, but the association with SocialTIC supports legitimacy. Overall, the site is functional and professional but requires improvements in security and privacy compliance to enhance trust and protection.

C

Creative Commons

creativecommons.org

0

Creative Commons is a well-established international nonprofit organization founded in 2001, dedicated to enabling open sharing of knowledge and culture through its widely adopted open licenses and tools. The organization serves a global audience including educators, creators, and institutions, positioning itself as a leader in the open culture and commons movement. Their website reflects a professional and consistent brand with excellent content quality and clear navigation. Technically, the site is built on WordPress with modern SEO and analytics integrations, hosted with reputable providers and secured with HTTPS. Security posture is solid but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is adequate with a clear privacy policy but lacks a cookie consent mechanism despite using Google Analytics. Contact information is transparent with email and postal address provided, though no phone numbers or explicit security incident contacts are published. Overall, the website is trustworthy, secure, and professionally maintained, supporting the organization's mission effectively.

D

DonationPay

donationpay.org

0

DonationPay is a nonprofit-focused service providing powerful fundraising tools to facilitate donations and campaign management. The website is built on WordPress using the Brizy page builder and integrates third-party services such as Google Tag Manager for analytics and Tawk.to for live chat support. The content is professionally presented and targeted at nonprofit organizations seeking fundraising solutions. Technically, the site is moderately optimized with HTTPS enabled and basic mobile responsiveness, though accessibility and SEO features are basic. Security posture is adequate with SSL but lacks advanced security headers and vulnerability disclosure mechanisms. Privacy and cookie policies are not found, indicating compliance gaps. The domain WHOIS data is unavailable, which reduces transparency and trustworthiness. Overall, the site is functional and safe but would benefit from improved privacy compliance and clearer contact information.

The Engine Room is a non-profit organization dedicated to supporting civil society in leveraging technology and data strategically, effectively, and responsibly. Their market position is that of an established entity providing consulting, research, and support services focused on social justice and digital resilience. The website reflects a medium-sized organization with a clear mission and active engagement through reports, events, and a resource library. Technically, the website is built on WordPress with modern frameworks such as Bootstrap 5 and uses popular libraries like jQuery and FontAwesome. SEO is well implemented with Yoast SEO plugin, and the site is mobile optimized with good performance. Analytics are conducted via Piwik (Matomo), indicating a moderate level of user tracking balanced with privacy considerations. From a security perspective, the site enforces HTTPS and shows no signs of exposed sensitive data or vulnerabilities. However, security headers are not explicitly detected, and there is no visible dedicated security policy or incident response contact, which could be improved. Privacy and cookie policies are present and include consent mechanisms, supporting GDPR compliance. Overall, the website is professional, trustworthy, and safe for general audiences. The lack of WHOIS data is likely due to privacy protection, which is reasonable for this type of organization. Strategic recommendations include enhancing security headers, publishing a formal security policy, and establishing clear incident response contacts to further strengthen trust and compliance.

C

craig newmark philanthropies

craignewmarkphilanthropies.org

0

Craig Newmark Philanthropies is a small non-profit organization founded in 2017 by Craig Newmark, the founder of craigslist. The organization focuses on supporting military families and veterans, cybersecurity initiatives, promoting truthful information, and pigeon rescue. The website presents a professional and consistent brand image with clear navigation and relevant content targeted at philanthropic stakeholders and the general public interested in social good. Technically, the website uses modern web technologies including Google Analytics and Google Tag Manager, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the domain registration data aligns well with the organization's claims, supporting legitimacy and trustworthiness.

O

Open Society Foundations

opensocietyfoundations.org

0

Open Society Foundations is a globally recognized philanthropic organization dedicated to promoting freedom, democracy, and human rights through grant giving, research, advocacy, and strategic litigation. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting non-profit organizations, activists, and the general public interested in social justice. Technically, the site employs modern analytics tools such as Matomo and Google Tag Manager, along with cookie consent management, ensuring compliance with privacy regulations. Security posture is strong with HTTPS enforced and secure form handling, although explicit security headers could be verified further. Overall, the site demonstrates high trustworthiness and professionalism, with no signs of blocking or malicious activity.

N

New Venture Fund

newventurefund.org

0

New Venture Fund is a well-established non-profit organization founded in 2009 that provides fiscal sponsorship and philanthropic portfolio management services to change leaders and social impact projects globally. The organization manages a charitable portfolio exceeding $356 million and supports a wide range of initiatives including environment, education, advocacy, and global health. Their business model focuses on operational expertise and cost-effective support to accelerate positive impact. The website reflects a professional and consistent brand with clear navigation and relevant content targeted at grant seekers and partners. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Jetpack, and integrates Google Tag Manager for analytics. The site is mobile optimized and demonstrates good SEO practices. Hosting appears to be through GoDaddy, consistent with the domain registrar information. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and domain registration protections but lacks DNSSEC and some recommended security headers. There is no explicit incident response contact or vulnerability disclosure policy visible. Privacy policies and whistleblower policies are published, indicating a commitment to compliance and governance. However, cookie consent mechanisms are absent, which may impact GDPR compliance. Overall, the website and organization present a low-risk profile with strong business credibility and a good security posture. Strategic improvements in DNS security, security headers, and privacy compliance would enhance their security and trustworthiness further.

Landschaftserhaltungsverband Landkreis Tuttlingen e.V. is a regional non-profit organization dedicated to the conservation and sustainable management of cultural landscapes and natural heritage in the Landkreis Tuttlingen area of Germany. The organization acts as a mediator and service provider for local farmers, foresters, municipalities, and conservation groups, facilitating landscape maintenance and preservation efforts. The website reflects a professional and consistent presentation of their mission, services, and contact information, targeting local stakeholders and interested citizens. Technically, the website is built on the Weebly platform, utilizing jQuery 1.8.3 and Google Analytics for tracking. While the site is accessible and well-structured, it shows signs of aging technology and lacks some modern security best practices such as security headers and cookie consent mechanisms. The site is moderately optimized for mobile and SEO but could benefit from updates to improve performance and compliance. From a security perspective, HTTPS is enabled, but the absence of security headers and use of an outdated JavaScript library present potential risks. No explicit security policies or incident response contacts are provided, indicating room for improvement in security transparency and readiness. Privacy compliance is partially met with a privacy policy page but lacks cookie consent and detailed GDPR indicators. Overall, the website is trustworthy and professional for its non-profit mission but should prioritize technical and security enhancements to strengthen its digital maturity and compliance posture.

N

Naturpark Obere Donau e.V.

naturpark-obere-donau.de

0

Naturpark Obere Donau e.V. operates as a regional non-profit nature park organization in southern Baden-Württemberg, Germany. The website serves as an information hub for visitors and locals interested in nature experiences, regional products, events, and educational resources. The organization maintains a visitor center called 'Haus der Natur' and promotes regional culture and environmental awareness. The site is well-positioned as a trusted regional authority with sponsorship from local government and lottery funds. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Matomo analytics and Usercentrics for privacy compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS and consent management, though it lacks explicit HTTP security headers and a public security policy. Overall, the domain registration and website content align well, indicating legitimacy and trustworthiness.

P

Partner & Partners

partnerandpartners.com

0

Partner & Partners is a worker-owned design practice established in 2011, specializing in print, exhibition, interactive, and identity design services. Their clientele includes organizations in art, architecture, government, and activism sectors, positioning them as a niche player with a socially engaged business model. The website reflects a professional and consistent brand image with high-quality content and clear navigation, targeting collaborators and clients in their specialized fields. Technically, the site is built on WordPress with WooCommerce and uses modern JavaScript libraries such as jQuery, Flickity, and Swiper. Hosting and DNS services are managed via Cloudflare, providing good performance and security infrastructure. However, DNSSEC is not enabled, and security headers are absent, representing areas for improvement. The site employs Google Analytics and Jetpack Stats for user tracking, with moderate tracking levels and basic privacy compliance. Contact information is clearly presented, but no privacy, cookie, or security policies are published, which could impact compliance and user trust. Overall, the website is secure, professional, and trustworthy but would benefit from enhanced privacy and security disclosures.

B

Bits of Freedom

jouwplatformrechten.nl

0

The website 'Blijf Luid | Bits of Freedom' is an advocacy platform focused on informing users about their digital rights and new European regulations that empower users to claim their online space more freely and autonomously. It is operated by Bits of Freedom, a non-profit organization based in the Netherlands. The site targets a general audience interested in digital rights and platform freedoms, providing educational content and advocacy resources. Technically, the site is built using modern JavaScript frameworks such as Nuxt.js and Vue.js, with custom fonts and a responsive design optimized for mobile devices. Matomo analytics is employed, reflecting a privacy-conscious approach to user tracking. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and security policy pages suggests room for improvement. Privacy compliance is limited due to the lack of visible privacy and cookie policies. Overall, the site is professional and trustworthy but could enhance transparency and compliance by publishing relevant policies and contact information.

B

Bits of Freedom

bigbrotherawards.nl

0

Bits of Freedom is a Dutch non-profit organization dedicated to protecting internet freedom, communication rights, and privacy. The website prominently features the Big Brother Awards 2024 campaign, highlighting their advocacy work and engagement with the public through awards, reports, and calls for donations. The organization targets Dutch-speaking internet users and privacy advocates, positioning itself as a leading digital rights group in the Netherlands. Technically, the site is built on WordPress with a modern tech stack including WooCommerce for donations, MailPoet for newsletters, and Matomo for analytics. The site is well-structured, mobile-optimized, and uses HTTPS with good security practices, though it lacks some security headers and explicit cookie consent mechanisms. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a mature digital presence suitable for a small non-profit advocacy group.

F

Ford Foundation

fordfoundation.org

0

The Ford Foundation is a globally recognized philanthropic organization dedicated to advancing social justice, equity, and opportunity for all. Established in 1936, it operates as a large non-profit entity providing grants and mission investments to support various social causes including challenging inequality, climate justice, and human rights. The website reflects the foundation's mission with professional design, comprehensive content, and clear navigation targeting non-profit organizations, activists, and the global community. Technically, the website is built on WordPress and leverages modern tools such as Google Tag Manager and OneTrust for analytics and cookie consent management. It demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. The site is served over HTTPS with strong security headers, indicating a solid security posture. Security-wise, while no explicit vulnerabilities or exposed sensitive data were detected, the site lacks a dedicated security policy or incident response contact information, which are recommended for transparency and readiness. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the Ford Foundation website is a trustworthy, professional, and secure platform that effectively supports its mission. Strategic recommendations include publishing a security policy, incident response details, and a vulnerability disclosure program to further enhance trust and security posture.

S

Spyware Accountability Initiative

stopspyware.fund

0

The Spyware Accountability Initiative (SAI) is a focused non-profit effort supported by major philanthropic organizations including the Ford Foundation and Apple. It aims to combat spyware proliferation by funding research, advocacy, and accountability efforts globally, with a particular emphasis on the Global South. The initiative operates under the fiscal sponsorship of the New Venture Fund, ensuring a structured grantmaking process advised by a global technical advisory council. Technically, the website is built on Squarespace, providing a modern and responsive platform with good security practices such as HTTPS and HSTS. However, it lacks explicit privacy and cookie policies, which are important for compliance and user trust. Security posture is strong in terms of transport security but could be improved with additional headers and incident response disclosures. Overall, the website presents a credible and professional front for a niche non-profit organization addressing a critical human rights issue.

M

Modern Slavery PEC

modernslaverypec.org

0

Modern Slavery PEC is a UK-based non-profit research center dedicated to funding and co-creating high-quality research focused on modern slavery and human rights, emphasizing policy impact. The organization collaborates with academics, policymakers, businesses, civil society, and survivors to address this global challenge. The website reflects a professional and well-structured digital presence, supported by reputable academic partners and funded by the Arts and Humanities Research Council (AHRC). The content is relevant, comprehensive, and targeted primarily at stakeholders involved in research and policy development related to modern slavery. Technically, the website employs modern web technologies including JavaScript and privacy-focused analytics (Plausible). It is mobile-optimized, fast-loading, and SEO-friendly, though no specific CMS or hosting provider is identified. Security posture is strong with HTTPS enforced and no visible vulnerabilities, but lacks some advanced security headers and published security policies. Privacy compliance is good with a clear privacy policy, though no cookie consent mechanism is detected. Overall, the site demonstrates a high level of professionalism and trustworthiness, with strong academic and funding affiliations. The absence of WHOIS data due to privacy protection is justified given the organization's non-profit nature. Recommendations include enhancing security headers, publishing incident response information, and implementing cookie consent to improve GDPR compliance and user trust.

F

Fondation CNRS

fondation-cnrs.org

0

Fondation CNRS is a non-profit foundation affiliated with the CNRS, the premier scientific research center in France and Europe. The foundation serves as a vehicle for philanthropy, enabling companies and individuals to fund ambitious and free scientific research. The website targets researchers, laboratories, and potential sponsors, providing information about the foundation's governance, supported projects, and ways to contribute. Technically, the website is built on WordPress using Elementor and several modern plugins, hosted by OVH sas. It features good SEO optimization and a cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS enabled and no exposed sensitive data, though security headers and explicit security policies are absent. Overall, the site is professional, trustworthy, and well-aligned with its mission, though it lacks visible contact details and formal privacy or terms of service pages.

S

SafeOpt Gives

safeopt.org

0

SafeOpt Gives is a charitable initiative focused on supporting communities through sponsorships and charitable giving, primarily targeting non-profit organizations. The website promotes partnerships with various charitable organizations and offers email retargeting services to help non-profits increase their outreach and impact. The site is built on the Squarespace platform, leveraging modern web technologies and integrations such as Google Tag Manager and reCAPTCHA to enhance functionality and security. While the website demonstrates a professional design and good security posture with HTTPS and HSTS, it lacks visible privacy and cookie policies, which are important for compliance and user trust. The absence of WHOIS data limits domain registration transparency, but the overall content and presentation support legitimacy. Strategic improvements in privacy compliance and security headers would enhance the site's trustworthiness and compliance standing.

K

KAROLINGISCHE KLOSTERSTADT e.V.

campus-galli.de

0

Campus Galli is a German non-profit organization dedicated to the historical reconstruction of a Carolingian monastery using authentic 9th-century methods. The website serves as an educational and visitor information platform, offering event calendars, ticket sales, and detailed insights into the project. The organization positions itself as a niche cultural heritage and educational tourism entity with a medium-sized operational scale. Technically, the website is built on WordPress with modern plugins and frameworks, hosted by a reputable German provider, and optimized for SEO and mobile use. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers and incident response details could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its mission.

E

European Digital Rights (EDRi)

edri.org

0

European Digital Rights (EDRi) is a well-established non-profit network of NGOs, experts, advocates, and academics focused on defending and advancing digital rights across Europe. With over 20 years of history, EDRi operates as a collective advocacy organization providing campaigns, publications, events, and policy influence to protect human rights in the digital environment. The website reflects a professional and consistent brand presence targeting stakeholders interested in digital rights and privacy. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Matomo Analytics, ensuring good SEO and privacy-respecting analytics. The site is mobile-optimized and includes accessibility features, enhancing user experience and inclusivity. Hosting is managed via Gandi SAS, a reputable registrar and hosting provider. From a security perspective, the site uses HTTPS with a clientTransferProhibited domain status, indicating domain transfer protection. However, DNSSEC is not enabled, and no explicit security headers were detected in the HTML content. The site lacks a cookie consent mechanism and does not publish explicit security or incident response policies, which are areas for improvement. Overall, the website is trustworthy, professionally maintained, and aligned with its mission. The risk level is low, but enhancements in security headers, DNSSEC, and privacy compliance (cookie consent) would strengthen its posture further.

O

Open Future Foundation

openfuture.eu

0

Open Future Foundation operates as a think tank focused on developing new approaches to an open internet that maximizes societal benefits of shared data, knowledge, and culture. The organization targets a general audience interested in internet openness and policy development. The website is built on WordPress with a custom theme and hosted by TransIP Group BV, a reputable registrar and hosting provider. The digital infrastructure is moderately optimized for mobile and performance but lacks advanced SEO and accessibility features. Security posture is basic with no detected security headers or incident response policies, and privacy compliance is minimal due to the absence of privacy and cookie policies. Overall, the site presents a professional image but would benefit from enhanced security and compliance measures.

B

Bits of Freedom

bitsoffreedom.nl

0

Bits of Freedom is a well-established Dutch non-profit organization dedicated to advocating for internet freedom, privacy, and digital rights. The organization actively engages in legal actions against major technology companies, public campaigns, and educational efforts to protect online communication freedoms. Their website reflects a professional and consistent brand presence, targeting a general audience interested in digital rights and internet freedom. Technically, the site is built on WordPress with modern plugins and frameworks, offering good performance and mobile optimization. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are absent. Overall, the domain registration and WHOIS data align with the organization's claims, supporting legitimacy and trustworthiness.

The Center for Democracy and Technology (CDT) is a well-established 501(c)(3) non-profit organization founded in 1994, focused on promoting democratic values through technology policy and internet architecture advocacy. The organization operates both in the United States and Europe, with specialized branches such as CDT Europe and the CDT AI Governance Lab. CDT provides research, policy advocacy, and public education services targeting policymakers, technology professionals, and civil rights advocates. Their market position is strong within the technology policy non-profit sector, supported by a consistent brand and multiple trust indicators including high charity ratings. Technically, the website is built on WordPress with modern technologies including jQuery, Google Tag Manager, and Simple Analytics for tracking. Hosting and DNS services are provided via Cloudflare, ensuring good performance and security. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses domain transfer protection, and avoids exposing sensitive data. However, DNSSEC is not enabled, and there is no explicit security or incident response policy publicly available. Privacy compliance is good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a minor gap. No vulnerabilities or suspicious activities were detected. Overall, CDT presents a low-risk profile with a high level of professionalism and trustworthiness. Strategic recommendations include enabling DNSSEC, implementing a cookie consent mechanism, publishing security policies, and adding a vulnerability disclosure framework to further enhance security posture and compliance.

L

Loterie Romande

entraide.ch

0

Soutien Loterie Romande is a professional non-profit platform dedicated to distributing the proceeds of the Loterie Romande to public utility institutions active in various domains within Suisse Romande. The website serves as an authoritative regional platform providing information about beneficiaries, contribution requests, and institutional communication. The platform leverages modern web technologies including Drupal 10, Google Tag Manager, and reCAPTCHA to ensure a secure and user-friendly experience. The site is well-structured, multilingual, and optimized for mobile devices, reflecting a mature digital presence. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the website demonstrates high trustworthiness and professionalism suitable for its non-profit mission.

P

Public Interest Registry

thenew.org

0

Public Interest Registry (PIR) is a nonprofit organization established in 1996 by the Internet Society to manage the .ORG domain and its family of domains. The organization focuses on providing a safe, trusted online environment for mission-driven organizations and individuals worldwide. PIR offers domain registration services, anti-abuse initiatives, privacy policies, and community engagement programs such as the .ORG Impact Awards. The website reflects a strong commitment to empowering nonprofits and mission-driven entities through education, celebration, and support. Technically, the site is built on WordPress with modern JavaScript libraries and SEO tools, delivering a good user experience with accessibility and mobile optimization. Security posture is strong with HTTPS, content security policies, and anti-abuse policies, though DNSSEC is not enabled. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, PIR demonstrates high business credibility and trustworthiness with transparent policies and active community involvement.

H

Harambee

sayouth.mobi

0

SAYouth.mobi is a digital platform operated by Harambee, a not-for-profit social enterprise focused on addressing youth unemployment in South Africa. The website provides a range of services including job opportunities, entrepreneurial programs, youth development initiatives, and skill-building resources. It targets young people seeking employment and career growth, positioning itself as a key player in the youth employment support ecosystem. The platform is supported by a toll-free helpline and active social media channels, enhancing accessibility and engagement. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and custom web components, with integration of Google Analytics and Google Ads for tracking and marketing. The site is mobile optimized and offers a good user experience with clear navigation and relevant content. However, the domain registration is expired, which poses a significant operational and security risk. The hosting provider is inferred from nameservers, and no CMS is explicitly detected. From a security perspective, the site uses HTTPS but lacks visible security headers and does not implement DNSSEC. There is no privacy or cookie policy present, indicating compliance gaps with data protection regulations such as GDPR. The expired domain status is a critical vulnerability that should be addressed immediately to maintain trust and service continuity. No signs of malware or phishing were detected, and the content is safe for general audiences. Overall, SAYouth.mobi is a credible and valuable resource for youth employment in South Africa but requires urgent attention to domain renewal and enhancement of privacy and security practices to strengthen its security posture and compliance.

A

American Homebrewers Association

homebrewersassociation.org

0

The American Homebrewers Association operates a well-established, membership-driven non-profit website dedicated to educating and connecting homebrewing enthusiasts. The site offers extensive resources including recipes, seminars, events, and advocacy information, positioning itself as a leading community in the homebrewing sector. The technical infrastructure is built on WordPress with modern libraries and integrations such as Algolia search and Google Tag Manager, ensuring a robust and user-friendly experience. Security posture is solid with HTTPS enforcement and domain locking, though DNSSEC is not enabled and some advanced security headers could be added. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the website demonstrates high professionalism, good content quality, and trustworthy business credibility.

A

ActBlue

actblue.com

0

ActBlue is a prominent online fundraising platform specializing in political campaigns, charities, and nonprofit organizations. It provides a secure, user-friendly platform that enables grassroots fundraising efforts, having facilitated over $10 billion in donations since 2004. The platform targets candidates, political organizations, and donors, offering tailored solutions for federal, state, and local campaigns as well as nonprofits. ActBlue's market position is strong, supported by a consistent brand presence and extensive social media engagement. Technically, ActBlue leverages a modern technology stack including WordPress CMS, React, jQuery, and various analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. The website is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs reputable third-party services for analytics and tracking. While explicit security headers are not visible in the HTML, the overall security posture is good. However, the absence of a visible cookie consent mechanism and lack of published vulnerability disclosure or incident response contacts are areas for improvement. Overall, ActBlue presents a trustworthy and professional online presence with strong business credibility. The missing WHOIS data slightly reduces trust but is likely due to privacy protection. Strategic recommendations include enhancing security header implementation, adding cookie consent, and publishing security policies to further strengthen compliance and trust.

Y

Yes4Youth

yes4youth.co.za

0

Yes4Youth is a prominent South African non-profit organization focused on addressing youth unemployment through private sector partnerships. The organization facilitates the creation of quality 12-month work experiences for unemployed youth, enabling them to develop skills and become future leaders, professionals, and entrepreneurs. Businesses benefit by improving their B-BBEE scorecard levels and integrating youth employment into their ESG strategies. The website demonstrates a mature digital presence leveraging HubSpot CMS, modern JavaScript libraries, and comprehensive marketing and analytics tools. Privacy and cookie consent mechanisms are implemented effectively, reflecting good compliance with data protection regulations. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly available. The absence of WHOIS data is a notable gap, reducing domain registration transparency, but the website's content, social media presence, and partnerships support its legitimacy. Overall, Yes4Youth presents a professional and trustworthy platform with room for improvement in transparency and security disclosures.

T

The Green Web Foundation

thegreenwebfoundation.org

0

The Green Web Foundation is a well-established non-profit organization dedicated to promoting a fossil-free internet by 2030. They provide a suite of tools, datasets, and educational resources aimed at helping website owners, hosting providers, and developers reduce the carbon footprint of digital services. Supported by reputable foundations and organizations, they hold a strong position in the digital sustainability sector. Technically, the website is built on a modern WordPress platform with a responsive design, optimized for performance and accessibility. Security posture is solid with HTTPS and secure form handling, though some improvements in security headers and cookie consent could be made. Overall, the site demonstrates high professionalism, trustworthiness, and a clear mission focus.

A

American Registry for Internet Numbers, Ltd.

arin.net

0

The American Registry for Internet Numbers (ARIN) is a nonprofit, member-based organization responsible for the administration and management of IP addresses and Autonomous System Numbers (ASNs) in North America and parts of the Caribbean. ARIN plays a critical role in supporting the operation and growth of the Internet by providing registry services, policy development, and community engagement. The website reflects ARIN's authoritative position with comprehensive resources, clear navigation, and a professional design tailored to its technical and policy-oriented audience. Technically, the website is built using modern technologies including the Hugo static site generator, Bootstrap framework, and Font Awesome icons, ensuring fast performance and excellent mobile optimization. The site employs HTTPS with strong SSL configuration, though explicit security headers are not evident from the provided data. Google Tag Manager is used for analytics and tracking, indicating moderate user tracking levels with basic privacy compliance. From a security perspective, ARIN's website demonstrates good practices such as secure login mechanisms and no visible exposure of sensitive data. However, the absence of a cookie consent mechanism and security.txt file suggests areas for improvement in privacy compliance and vulnerability disclosure. The WHOIS data for the domain is unavailable, which is unusual but likely due to registry policies or privacy measures rather than malicious intent. Overall, the site is trustworthy, professional, and well-maintained, serving a critical infrastructure role in Internet governance.

T

The Conservation Alliance

conservationalliance.com

0

The Conservation Alliance is a well-established non-profit organization founded in 2000, focused on leveraging the collective power of businesses and outdoor communities to protect North America's wild places. Their business model centers on strategic advocacy, grantmaking, and partnership building with grassroots organizations. The website reflects a mature digital presence with professional design, clear navigation, and rich content targeted at businesses and conservation advocates. Technically, the site is built on WordPress with modern SEO and analytics tools, though performance is moderate and accessibility is basic. Security posture is good with HTTPS and domain transfer protections, but lacks DNSSEC and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite use of tracking scripts. Overall, the site is trustworthy and professional, with room for improvement in privacy and security transparency.

F

Fundraising Regulator

fundraisingregulator.org.uk

0

The Fundraising Regulator is an independent UK regulatory body overseeing charity fundraising standards across England, Wales, and Northern Ireland. It aims to improve fundraising practices and restore public trust, offering services such as complaint handling, registration, and proactive regulation. The website is professionally designed, well-structured, and targets charitable organizations, fundraisers, and the general public interested in ethical fundraising. Technically, the site is built on Drupal 10, uses Google Tag Manager for analytics, and implements cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers and a public security policy could enhance trust. Overall, the site is trustworthy, compliant with privacy regulations, and provides comprehensive information relevant to its sector.

G

GambleAware

begambleaware.org

0

GambleAware is a UK-based non-profit organization dedicated to providing free, confidential advice and support for individuals concerned about gambling addiction. The website offers tools and resources aimed at helping those affected by gambling-related issues. It holds a recognized position in the gambling awareness sector within the UK, targeting individuals and families seeking help. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, and Cookiebot for consent management, ensuring a compliant and user-friendly experience. The site is well-structured with good mobile optimization and SEO practices, although some accessibility features could be enhanced. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms effectively but lacks visible security headers and explicit incident response policies. The WHOIS data is unavailable due to privacy protection, which is justified given the sensitive nature of the services provided. Overall, the website demonstrates a solid security posture and compliance with privacy regulations, making it a trustworthy resource for its audience.

G

GamCare

gamcare.org.uk

0

GamCare is a well-established UK non-profit organization dedicated to providing support and treatment services for individuals affected by gambling harms. It operates the National Gambling Helpline and offers multiple support channels including phone, live chat, email, and an online community. The organization maintains a strong market position as a leading provider in Great Britain, supported by comprehensive resources and outreach programs. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to its target audience. Technically, the website is built on WordPress with modern plugins and analytics tools such as Google Tag Manager, Microsoft Clarity, and TikTok Pixel. It uses Amazon CloudFront CDN for hosting and delivers a mobile-optimized, accessible user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers should be verified. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data query failed due to a domain naming rules error, but this is a known issue when querying 'www.gamcare.org.uk' instead of the registered 'gamcare.org.uk'. This does not impact the legitimacy of the domain or organization. Overall, the site demonstrates high trustworthiness, compliance with GDPR, and transparency in privacy and cookie policies. Strategic recommendations include verifying and enhancing security headers, establishing a public vulnerability disclosure policy, and continuing to maintain transparency and user trust through clear communication and compliance adherence.