Security Directory

T

The Lion Foundation

lionfoundation.nz

0

The Lion Foundation is a well-established charitable trust in New Zealand, operating since 1985 and focused on distributing funds raised from community gaming to eligible community organizations. The website reflects a reputable non-profit entity with a clear mission to support thousands of good causes nationwide. It provides comprehensive information on funding criteria, application processes, audit procedures, and contact details, targeting community organizations and the general public in New Zealand. The organization maintains a moderate-sized team with clear leadership and account management roles. Technically, the website is built on WordPress with a modern tech stack including popular plugins and frameworks, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements are recommended in DNS security and HTTP security headers. Privacy compliance is basic, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and functional, supporting the organization's mission effectively.

W

Whutupōro Rīki Whaikaha o Aotearoa (Physical Disability Rugby League New Zealand Inc)

pdrlnz.kiwi

0

Whutupōro Rīki Whaikaha o Aotearoa (PDRLNZ) is a small non-profit organization established in 2022, focused on empowering physically disabled individuals in New Zealand through Rugby League. The organization aims to provide opportunities for growth and community engagement beyond the sport itself. The website reflects this mission with clear contact information and social media presence, primarily on Facebook. Technically, the site is built on WordPress using Oxygen Builder and integrates a custom Facebook feed plugin, hosted with DNS managed by Cloudflare. Performance and mobile optimization are moderate to good, though SEO and accessibility are basic. Security posture is adequate with HTTPS enabled but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration is consistent with the organization's founding date and business claims, with privacy protection justified for this type of entity.

Wijzijnstaf is a Belgian non-profit organization founded in 2020 that provides personal support and guidance to people with disabilities to enable independent living. The website targets individuals seeking support, caregivers, and professionals in the Leuven region. The organization offers services such as begeleid wonen (guided living), mobile ambulant support, home guidance, and training sessions. The site is well-branded, consistent, and provides clear contact information and social media presence, indicating a trustworthy and community-focused entity. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, Google Maps API, and popular font/icon libraries. The site is mobile optimized and performs moderately well, though no CMS or advanced frameworks are detected. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and has a misconfigured Facebook Pixel. Privacy compliance is basic with a privacy policy and cookie banner but no detailed GDPR statements or security policies. Overall, the site is professional and credible but could improve in security and privacy transparency.

T

The National Gay and Lesbian Chamber of Commerce

nglcc.org

0

The National Gay and Lesbian Chamber of Commerce (NGLCC) operates as the largest non-profit advocacy organization dedicated to expanding economic opportunities and advancements for LGBTQ+ and allied businesses. Established in 2002, NGLCC provides certification services (LGBTBE Certification), a network of affiliate chambers, and various programs and initiatives designed to support business growth and inclusion. Their market position is strong within the LGBTQ+ business advocacy sector, supported by a large network of certified suppliers and corporate partners. The website reflects a professional, well-branded platform targeting LGBTQ+ business owners, corporate partners, and allied organizations.

The domain nw.org is registered to NeighborWorks America, a US-based non-profit organization established in 1995. The website is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. As a result, no direct information about the organization's services, policies, or contact details can be extracted from the website content. The domain registration data is consistent and indicates a legitimate entity with a long operational history. Technically, the website is protected by Cloudflare, which provides security and performance services. However, DNSSEC is not enabled, and no security headers or privacy-related policies are visible on the blocked page. The lack of accessible content and policies limits the ability to assess the website's compliance with privacy regulations such as GDPR or its security posture in detail. From a security perspective, the presence of a Cloudflare block page indicates active protection against potential threats, but also suggests possible false positives or overly aggressive security rules that may impact legitimate users. No vulnerabilities or exposed sensitive data were detected due to the lack of accessible content. The domain's WHOIS data supports the legitimacy of the organization, with no suspicious patterns or privacy protection masking registrant details. Overall, the website's current state limits comprehensive analysis. The primary risk is the lack of accessible information for users and auditors, which impacts trust and transparency. Strategic recommendations include enabling DNSSEC, publishing clear privacy and security policies, and tuning WAF rules to reduce false positives while maintaining protection.

D

DrinkWise

drinkwise.org.au

0

DrinkWise is a well-established Australian non-profit organization dedicated to promoting a healthier and safer drinking culture through education, campaigns, and support services. The website serves a broad Australian audience including adults, parents, young adults, and under 18s, providing expert advice, health resources, and interactive tools such as a standard drinks calculator. The organization leverages partnerships and social media to extend its reach and impact. Technically, the website is built on WordPress and employs modern JavaScript libraries and frameworks such as jQuery, OwlCarousel, and AOS for enhanced user experience. It integrates analytics tools like Microsoft Clarity and Google Tag Manager, and supports multilingual access via Google Translate. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine visibility. From a security perspective, the site uses HTTPS with a strong SSL configuration, but lacks visible security headers and a formal security or incident response policy. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a comprehensive privacy policy present but no explicit cookie consent mechanism. WHOIS data is transparent and consistent with the organization's Australian identity, supporting legitimacy. Overall, DrinkWise's website is professional, trustworthy, and content-rich, effectively supporting its mission. Strategic improvements in security headers, cookie consent, and incident response transparency would further enhance its security posture and compliance.

Trusted Brands Australia 2025 operates a well-established consumer trust awards platform with a 26-year history of honoring brands Australians trust most. The website serves as a hub for showcasing award winners, brand showcases, and consumer-driven recognition, targeting Australian consumers and brands. The business model is based on independent consumer feedback without commercial influence, emphasizing transparency and credibility. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and LayerSlider, supported by Google Analytics and Tag Manager for marketing and analytics. The site is mobile-optimized and presents good SEO practices. Security posture is solid with HTTPS and standard best practices, though security headers and vulnerability disclosures are absent. Privacy and cookie policies are not detected, indicating a compliance gap. Overall, the domain appears legitimate despite WHOIS privacy protection, consistent with the business's nature. Strategic recommendations include adding privacy and cookie policies, enhancing security headers, and publishing vulnerability disclosure information.

The Warriors Community Foundation is a New Zealand-based non-profit organization established in 2020, dedicated to fostering community connections, education, and inspiration with a focus on physical and mental wellbeing. It serves as the official charity partner of the One NZ Warriors, coordinating community activations and programs across Aotearoa. The foundation operates primarily through partnerships, sponsorships, and donations, targeting schools and community members to promote social wellbeing. Technically, the website is built using modern frameworks such as Gatsby and Sanity CMS, hosted likely on Netlify, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the domain registration is privacy protected but consistent with the organization's founding date and business claims, indicating legitimacy. The website demonstrates a high level of professionalism and trustworthiness, supported by a broad partner ecosystem and clear business focus.

H

Humanitix

humanitix.com

0

Humanitix is a socially responsible ticketing platform that channels 100% of its booking fee profits to charitable causes focused on education, healthcare, and basic human necessities. Established in 2005, it has positioned itself as a niche leader in ethical event ticketing, serving event organizers and attendees who value social impact. The website demonstrates a mature technical infrastructure leveraging modern frameworks like Next.js and React, hosted via Cloudflare with integration of Google Maps API and other third-party services. The site is well-designed, mobile-optimized, and provides a seamless user experience with clear navigation and rich content. Security posture is solid with HTTPS enforced and domain registration protections in place, though improvements are needed in DNSSEC adoption and security headers. Privacy compliance is currently weak due to the absence of explicit privacy and cookie policies and consent mechanisms. Overall, the platform is trustworthy and credible but should enhance transparency and security practices to meet higher compliance standards.

M

MembershipWorks

membershipworks.com

0

MembershipWorks is a specialized SaaS provider offering comprehensive membership management software tailored for chambers of commerce, associations, non-profits, and similar groups. Established in 2011 and operating under the parent company SourceFound, it serves over 10,000 customers with a suite of services including member directories, event management, billing, donations, and website integration plugins for popular platforms like WordPress, Squarespace, and Weebly. The website reflects a mature business with consistent branding, good content quality, and clear navigation aimed at its target audience. Technically, the website is built on WordPress with custom themes and uses modern web standards including HTML5 and CSS3. It is mobile-optimized and SEO-friendly, though some accessibility features could be improved. The site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and no dedicated security or incident response policies are published on the site. From a security and compliance perspective, the site enforces HTTPS and provides privacy and cookie policies, indicating GDPR compliance. Contact information is clearly provided, including phone and email. No forms or tracking scripts were detected on the homepage, suggesting minimal user data collection at this entry point. The domain registration data is consistent with the business claims, supporting legitimacy and trustworthiness. Overall, MembershipWorks presents a professional, trustworthy, and functional online presence with a strong focus on its niche market. Strategic improvements in security headers, incident response transparency, and accessibility would further enhance its security posture and compliance standing.

D

Downtown Lexington Partnership

downtownlex.com

0

Downtown Lexington Partnership is a non-profit organization dedicated to promoting and enhancing the Downtown Lexington area as a vibrant community hub for living, working, and playing. The website serves as a comprehensive resource for residents, visitors, and businesses, offering event information, real estate listings, business directories, and community engagement opportunities. The organization positions itself as a key local leader in economic development and cultural promotion within Lexington, Kentucky. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, Google Tag Manager, and several plugins for events and forms. The site demonstrates good mobile optimization, clear navigation, and professional design, though some accessibility features could be improved. Performance is moderate, with use of CDNs and asynchronous loading of scripts. From a security perspective, the site enforces HTTPS and integrates Google reCAPTCHA for form protection, but lacks several important security headers such as Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited, with no explicit privacy or cookie policies found, which represents a compliance gap. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, the website is a well-constructed community resource with strong business credibility and user experience. However, it should address privacy compliance and security header implementation, and verify domain registration status to enhance trustworthiness and reduce risk.

C

Commerce Lexington Inc.

commercelexington.com

0

Commerce Lexington Inc. is a non-profit organization dedicated to supporting and advocating for businesses and organizations in Lexington, Kentucky, and the Central Kentucky region. Their services focus on economic development, minority business growth, leadership development, and advocacy at various government levels. The organization positions itself as a regional leader and a circle of influence for business growth and community support. The website reflects a professional and consistent brand image with clear navigation and relevant content for its target audience of business owners, entrepreneurs, and community leaders. Technically, the website is built on the EditMySite platform (a Weebly reseller), utilizing common web technologies such as jQuery, Google Analytics, Google Tag Manager, and Video.js for media content. The site is served over HTTPS with a good SSL configuration, though some modern security headers are missing. Performance is moderate with good mobile optimization and basic accessibility features. SEO is basic but present with meta tags and Open Graph data. From a security perspective, the site uses HTTPS and includes tracking scripts responsibly but lacks visible privacy and cookie policies, consent mechanisms, and security incident response information. No vulnerability disclosure or security.txt file is found. The WHOIS data is missing or indicates the domain may not be currently registered, which is a significant concern for domain legitimacy and trust. Overall, the website is professional and functional but would benefit from improved privacy compliance, enhanced security headers, and clarification of domain registration status to strengthen trust and security posture.

L

Lancaster Archery Foundation

lancasterarcheryfoundation.org

0

Lancaster Archery Foundation is a small nonprofit organization dedicated to expanding and promoting competitive archery through grants and scholarships. The website is built on Squarespace, featuring a professional design with clear navigation and calls to action. The technical infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is good with HTTPS and HSTS enabled, but lacks additional security headers and privacy compliance mechanisms. The absence of WHOIS data limits domain trust verification. Overall, the site is trustworthy and serves its niche audience effectively but would benefit from enhanced privacy and security policies.

U

USA Archery Foundation

usaarcheryfoundation.org

0

The USA Archery Foundation is a small US-based nonprofit organization dedicated to supporting USA Archery through funding and promoting the sport nationally. The website is professionally designed using Squarespace, featuring donation integration via GiveButter and social media presence on major platforms. The technical infrastructure is modern and secure, with HTTPS and HSTS enabled, and reCAPTCHA Enterprise protecting forms. However, the site lacks explicit privacy, cookie, and terms of service policies, which are important for compliance and user trust. WHOIS data is unavailable due to privacy protection, which is typical and justified for nonprofits. Overall, the site presents a trustworthy and professional image with room for compliance improvements.

E

Easton Foundations

esdf.org

0

Easton Foundations is a US-based non-profit organization dedicated to promoting archery through educational programs, community archery centers, scholarship tours, and an extensive archery library. The website is professionally designed using Squarespace, featuring clear navigation and a consistent brand presence. The organization targets archery enthusiasts, educators, and communities interested in archery sports and education. Technically, the site uses modern web technologies including Google Tag Manager and MailerLite for marketing automation, with good mobile optimization and SSL security. Security posture is strong with HTTPS and HSTS enabled, though privacy compliance could be improved by adding cookie consent mechanisms and more detailed privacy disclosures. The WHOIS data is unavailable due to privacy protection, which is typical for non-profits. Overall, the site is trustworthy and well-positioned in its niche, with room for improvement in privacy and security transparency.

T

Tuckerton Seaport

tuckertonseaport.org

0

Tuckerton Seaport is a well-established non-profit maritime museum and cultural heritage center located in New Jersey, USA. The organization offers a variety of services including museum exhibits, ferry and creek tours, educational classes, and community programs that celebrate and preserve the coastal culture of the Jersey Shore. The website reflects a strong community focus with active engagement through social media and partnerships with local and state organizations. Technically, the website is built on WordPress using Elementor and integrates modern tools such as Google Analytics and YouTube embeds, providing a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS enabled and use of reCAPTCHA, though it lacks some advanced security headers and explicit security policies. Privacy compliance is a notable gap, with no visible privacy or cookie policies or consent mechanisms, which should be addressed to meet regulatory standards. Overall, the domain WHOIS data aligns well with the business claims, showing a long-standing registration consistent with the organization's history, supporting high legitimacy and trustworthiness.

K

Kindness Factory

playkindcards.com

0

Play Kind Cards is a small non-profit initiative operated by the Kindness Factory, focused on promoting kindness through the sale of a card deck that encourages acts of kindness. The organization is based in Australia and the USA and uses proceeds to fund educational programs. The website is built on WordPress with WooCommerce and uses modern themes and plugins, hosted on Bluehost. It features a professional design with good mobile optimization and clear navigation. Security posture is moderate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained but could improve security and privacy practices.

U

USA Archery

usarchery.org

0

USA Archery is the recognized National Governing Body for the Olympic sport of archery in the United States, responsible for selecting and training athletes for major international competitions including the Olympic and Paralympic Games. The organization operates as a non-profit entity, providing memberships, organizing events, offering coaching certifications, and supporting athlete development programs. Their website reflects a well-structured and professional digital presence with clear navigation, relevant content, and strong branding consistency. The site targets archery athletes, coaches, clubs, and enthusiasts across the U.S., fostering community engagement and sport growth. Technically, the website employs modern web technologies including HTML5, CSS, JavaScript, and popular libraries such as jQuery and Slick Carousel. It integrates third-party services like Constant Contact for email signups and has social media integration. While performance and mobile optimization are good, there is room for improvement in accessibility and security headers. Some tracking scripts like Google Analytics and Facebook Pixel are present but commented out, indicating a cautious approach to user privacy. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and a cookie consent mechanism, which are important for compliance and protection. The absence of WHOIS data limits domain registration verification, but the website's content, partner affiliations, and official recognitions strongly support its legitimacy. Overall, the security posture is moderate with recommendations to enhance header policies and privacy compliance. The overall risk assessment is low, with the site presenting as a trustworthy and professional platform for the archery community. Strategic recommendations include implementing security headers, adding cookie consent for GDPR compliance, and maintaining up-to-date technical components to ensure continued trust and security.

Patrokov vzw is a Belgian non-profit organization established in 2010 that provides employers in the construction sector (specifically those under paritair comité 124 with fewer than 20 employees) with services to reclaim guaranteed wages paid to sick or injured workers. The organization is funded through patronale contributions and serves a substantial member base with over 15 years of active operation. The website is professionally designed, multilingual (Dutch and French), and provides clear information about membership and procedures for medical attest submissions. Technically, the website employs a modern technology stack including jQuery, Bootstrap 4, Font Awesome, and several UI libraries such as Swiper.js and Owl Carousel. It is likely built on the Yools CMS platform and hosted in Belgium, with good mobile optimization and moderate performance. The site includes a comprehensive cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site enforces HTTPS and implements cookie consent controls but lacks explicit published security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, showing a domain registered since 2010 with a reputable Belgian registrar. Overall, the site demonstrates a solid security posture with room for improvement in transparency and formal security documentation. The overall risk is low, with recommendations to enhance security headers, publish security and incident response policies, and improve accessibility compliance. The business credibility is high, supported by clear contact information and trust indicators such as longevity and member statistics.

K

Kindness Factory

kindnessfactory.com

0

Kindness Factory is a small non-profit organization dedicated to promoting kindness through educational programs, community engagement, and logging acts of kindness. Their website serves as a platform to encourage participation, provide resources such as a kindness curriculum, and offer related products via a kindness shop. The organization maintains an active social media presence and leverages modern web technologies to deliver a user-friendly experience. Technically, the site is built on WordPress with the Avada theme and integrates Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS and reCAPTCHA in place, though some security headers and policies are missing. Privacy compliance is limited due to the absence of privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy and security disclosures.

H

Hearts in Rugby Union

heartsinrugbyunion.com.au

0

Hearts in Rugby Union is a small Australian non-profit charity dedicated to supporting seriously injured rugby union players who have suffered life-altering injuries. Founded in 2007 by an injured player and his rugby mates, the organization fills a critical gap in care and financial support for affected players. The website reflects a focused mission with clear calls to action for donations, events, and beneficiary support. Technically, the site uses modern web technologies including Next.js, React, and integrates Google reCAPTCHA and Facebook Pixel for security and analytics. The site is hosted on Amazon CloudFront CDN, ensuring good performance and availability. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though cookie consent mechanisms are absent. Privacy compliance is basic with a privacy policy present but lacking explicit GDPR compliance indicators. Overall, the site is professional, trustworthy, and well-positioned within its niche charity sector.

USA Rugby is the official national governing body for rugby union in the United States, providing governance, membership services, event management, and community engagement for rugby players and fans. The organization operates as a non-profit entity focused on growing and supporting rugby at all levels across the country. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeted at rugby stakeholders in the USA. Technically, the site leverages modern web technologies including Next.js, React, and Video.js, with integration of Google services such as Maps API, Tag Manager, and reCAPTCHA for enhanced functionality and security. The site is hosted with a reputable registrar and uses CDN services for content delivery, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and standard security headers present, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR indicators. Overall, the site is trustworthy and well-maintained but could improve in privacy and security transparency.

T

Tiltify, Inc.

tiltifyimpact.com

0

Tiltify Impact is a specialized service provider partnering with non-profits, influencers, and celebrities to maximize philanthropic impact through digital and hybrid fundraising events. The company focuses on influencer-driven campaigns, large-scale digital telethons, and community fundraising on platforms like Twitch and YouTube. Their market position is strong within the niche of digital influencer philanthropy, supported by references to notable campaigns and a professional web presence. Technically, the website employs modern frontend technologies including Bootstrap and Google Tag Manager, hosted on AWS infrastructure. The site is mobile optimized and SEO friendly but lacks some accessibility features and security headers. Security posture is moderate with HTTPS implied but no explicit security policies or headers detected. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data aligns well with the business founding date and shows no suspicious patterns, indicating legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy, security, and contact transparency.

F

Funraisin

funraisin.co

0

Funraisin is a specialized SaaS platform providing advanced online fundraising solutions tailored for nonprofits and charities. The company offers a comprehensive suite of fundraising tools including peer-to-peer fundraising, DIY fundraising, donation management, event ticketing, and marketing integrations. Positioned as a trusted provider powering thousands of charities worldwide, Funraisin targets nonprofit organizations seeking to enhance their fundraising capabilities through technology. The website reflects a mature digital presence with professional design, clear navigation, and extensive content describing their services and features. Technically, the website employs a modern technology stack including jQuery, Bootstrap, and various marketing and analytics tools such as Google Tag Manager, Facebook Pixel, HubSpot, and Hotjar. Hosting is supported by Amazon CloudFront CDN, ensuring content delivery performance. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but could be improved by adding explicit security headers and publishing security policies. The security evaluation shows good practices with encrypted communications and cookie consent mechanisms, but lacks published incident response or vulnerability disclosure information. WHOIS data is privacy protected, which is common for SaaS businesses, and no suspicious patterns were detected. Contact information includes multiple regional phone numbers, but no public contact emails were found. Privacy and cookie policies are present and appear GDPR compliant. Overall, Funraisin presents a professional, trustworthy, and technically competent online presence suitable for its nonprofit fundraising market. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and improving accessibility compliance to further strengthen trust and compliance.

T

Tiltify

tiltify.com

0

Tiltify is a well-established digital fundraising platform founded in 2013, specializing in interactive charity and personal fundraising campaigns, particularly leveraging livestreaming and community engagement. The platform integrates with major services such as Stripe for payments, Twitch and YouTube for livestreaming and video content, and Freshdesk for customer support, demonstrating a mature and modern technical infrastructure. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive privacy and cookie policies, indicating strong digital maturity and user focus. Security posture is solid with HTTPS, bot protection via Google reCAPTCHA, and cookie consent mechanisms, although some security headers could be explicitly published and a vulnerability disclosure policy could enhance transparency. Overall, Tiltify presents a trustworthy and professional online presence with a high legitimacy score and no critical security issues detected.

T

The Rugby Club Foundation Limited

rugbyclub.com.au

0

The Rugby Club Foundation Limited is a well-established Australian non-profit organization dedicated to supporting grassroots rugby, primarily in New South Wales. With a history dating back to 1945, the foundation promotes rugby through memberships, events, and grants programs, fostering community and fellowship among rugby enthusiasts. The website reflects a professional and consistent brand image, targeting rugby players, fans, and community supporters. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including jQuery and Google reCAPTCHA Enterprise for form security. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS and HSTS enabled, though some improvements in privacy compliance and published security policies are recommended. Overall, the security posture is solid with no visible vulnerabilities or malicious content. The WHOIS data is limited due to .au domain policies, but the website's content and external partnerships support its legitimacy. Strategic recommendations include implementing cookie consent mechanisms, publishing security and incident response policies, and enhancing accessibility features to improve compliance and trust.

R

RaffleTix Holdings Pty Ltd

raffletix.com.au

0

RaffleTix Holdings Pty Ltd operates Australia's largest and most trusted online raffle platform, serving charities, schools, community groups, sporting clubs, and other not-for-profit organizations. Founded in 2017, the company provides a comprehensive digital solution for raffle fundraising, including branded websites, online and in-person ticket sales, real-time analytics, and compliance support. The platform is well-positioned as a market leader in the Australian non-profit sector, with a strong focus on regulatory adherence and customer success. Technically, the website leverages a mature technology stack including ASP.NET WebForms, jQuery, Bootstrap, Google reCAPTCHA Enterprise, Facebook Pixel, Klaviyo, and Zendesk for support. The site is mobile-optimized and employs modern security practices such as HTTPS enforcement and Content Security Policy headers. Performance is moderate with good SEO and accessibility basics in place. From a security perspective, the platform demonstrates solid practices including secure forms with anti-forgery tokens, integration of enterprise-grade CAPTCHA, and asynchronous loading of third-party scripts. However, there is room for improvement in privacy compliance, notably the absence of a visible cookie consent mechanism and lack of explicit security or incident response policies. No critical vulnerabilities or suspicious indicators were found. Overall, RaffleTix presents a trustworthy and professional online presence with strong business credibility and technical maturity. Strategic enhancements in privacy transparency and accessibility would further strengthen its security posture and compliance standing.

N

NSW Country Rugby Union

nswcountryrugby.com.au

0

NSW Country Rugby Union is a community-oriented non-profit organization dedicated to promoting and supporting rugby across regional New South Wales, Australia. The website serves as a hub for players, volunteers, and fans, offering information on playing opportunities, volunteer roles, community programs, and media content. The organization maintains partnerships with various corporate and regional entities, enhancing its community engagement and resource base. Technically, the website is built on WordPress with Elementor and several plugins, providing a modern and responsive user experience. While the site uses HTTPS and has a valid SSL configuration, it lacks DNSSEC and explicit security headers, which are recommended for enhanced security. Privacy and cookie policies are not explicitly found, indicating a gap in compliance with privacy regulations. Overall, the website is professional, trustworthy, and well-branded, but could improve in privacy compliance and security best practices.

S

Sydney FC Foundation

sydneyfcfoundation.com

0

Sydney FC Foundation is a community-focused non-profit organization dedicated to empowering youth and the wider community through football-related programs. The foundation operates several key initiatives including the Sydney FC Empowers Me, Sydney FC Powerchair, and Sky’s Her Limit programs, aiming to promote health, wellbeing, and community engagement within the Sydney region. The website is professionally designed and hosted on Squarespace, reflecting a moderate level of digital maturity with good mobile optimization and user experience. However, the absence of WHOIS data raises questions about domain registration legitimacy, though the active and consistent content suggests operational legitimacy. Security posture is strong with HTTPS and HSTS enabled, and use of Google reCAPTCHA for form protection. Privacy compliance is partial, with a cookie consent banner present but lacking explicit privacy and terms of service pages. Overall, the website presents a trustworthy and professional front for the foundation but would benefit from enhanced transparency and compliance documentation.

K

Karate Vlaanderen

karatevlaanderen.be

0

Karate Vlaanderen is a recognized non-profit sports federation representing karate clubs in the Vlaanderen region of Belgium. The organization promotes karate, provides training and education, organizes events, and supports both individual members and clubs. The website reflects a medium-sized organization with a clear focus on community engagement and sports development. Technically, the website uses modern web technologies including Laravel Livewire, JavaScript libraries like Swiper and Fancybox, and integrates Google Analytics and CookieYes for analytics and privacy compliance. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are absent. Overall, the site is professional, trustworthy, and well-structured, serving its target audience effectively.

D

Dry July Foundation

dryjuly.com

0

Dry July Foundation operates a well-established non-profit fundraising campaign encouraging participants to abstain from alcohol in July to raise funds for cancer support services. The website is professionally designed, mobile-optimized, and rich in content, providing clear calls to action, participant leaderboards, and fundraising resources. The technical infrastructure leverages modern analytics, marketing, and payment technologies including Google Tag Manager, Facebook Pixel, Braintree, and Apple Pay, hosted via Amazon CloudFront CDN. Security posture is strong with HTTPS, secure form validations, and CSRF protections, though explicit cookie consent mechanisms and vulnerability disclosure policies are absent. WHOIS data is missing or unavailable, which slightly reduces domain trustworthiness but does not detract from the legitimacy of the campaign as evidenced by the website content and external references.

C

Canteen Australia

raiseit.org.au

0

The website www.raiseit.org.au/raise-it serves as a dedicated fundraising platform for Canteen Australia, a non-profit organization supporting young people impacted by cancer. The site provides multiple fundraising options including hosting events, virtual marathons, streaming, and merchandise sales. It targets donors and fundraisers primarily within Australia and positions itself as a trusted and established charity with tax-deductible status. The platform leverages modern web technologies and integrates with third-party services to enhance fundraising capabilities. Technically, the site is well-structured, mobile-optimized, and uses reputable CDNs and analytics tools. Security posture is generally strong with HTTPS enforced, though it lacks some security headers and cookie consent mechanisms. WHOIS data is limited due to privacy policies but aligns with legitimate Australian domain management practices. Overall, the site is professional, trustworthy, and effective in its mission, with room for improvement in privacy compliance and security best practices.

C

Canteen

bandannaday.org.au

0

Bandanna Day is a well-established Australian non-profit fundraising campaign operated by Canteen, focused on supporting young people impacted by cancer. The website provides information about the campaign, encourages registration for selling bandannas, and offers an online shop for purchases. The site is professionally designed with consistent branding and clear navigation, targeting individuals, schools, and businesses interested in supporting the cause. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and various analytics and tracking tools, hosted via Amazon CloudFront CDN. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is basic, lacking explicit privacy and cookie policies. WHOIS data is privacy protected, typical for non-profit organizations, and domain legitimacy is high based on content and activity. Overall, the site is trustworthy and serves its fundraising mission effectively.

APEFE is a well-established international cooperation agency integrated within the international relations framework of the Federation Wallonia-Brussels and Wallonia, active for over 50 years in emerging countries. The organization focuses on sustainable development goals, delivering projects in environment, social and economic inclusion, and health sectors. The website reflects a professional and consistent brand image with clear alignment to UN SDGs and multiple country programs and partnerships. Technically, the site is built on WordPress with modern libraries and plugins, offering moderate performance and good mobile optimization. Security posture is solid with HTTPS enabled, but could be improved by adding security headers and explicit incident response policies. Privacy compliance is partially addressed with a privacy policy present but lacking cookie consent mechanisms. WHOIS data is unavailable, limiting domain registration trust assessment, but the overall site content and presentation support legitimacy.

U

US Center for Safe Sport

uscenterforsafesport.org

0

The U.S. Center for SafeSport is a reputable nonprofit organization dedicated to preventing and addressing abuse in sports within the U.S. Olympic and Paralympic Movement. Their website offers comprehensive resources including training courses, reporting mechanisms, and educational toolkits aimed at athletes, coaches, and sport organizations. The organization maintains a strong market position as a leading authority on athlete safety and abuse prevention. Technically, the website is built on WordPress with Elementor and integrates multiple modern analytics and marketing tools such as Google Analytics, HubSpot, Hotjar, and TikTok Pixel. The site is well-optimized for mobile devices, has good SEO practices, and uses Cloudflare for DNS and domain registration, enhancing performance and security. From a security perspective, the site enforces HTTPS, uses reCAPTCHA on forms, and has domain transfer protections. However, DNSSEC is not enabled, and some security headers are not explicitly detected, suggesting room for improvement. No critical vulnerabilities or exposed sensitive data were found. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms implemented. Overall, the website presents a low risk profile with strong business credibility and digital maturity. Strategic recommendations include enabling DNSSEC, enhancing security headers, and publishing a vulnerability disclosure policy to further strengthen security posture.

C

Canteen

canteen.org.au

0

Canteen is a well-established Australian non-profit charity dedicated to supporting young people aged 12-25 impacted by cancer, including those diagnosed themselves or with family members affected. The organization offers a comprehensive range of free support services such as counselling, peer programs, grief support, and online communities. The website reflects a mature digital presence with professional design, clear navigation, and strong branding consistency. It actively promotes fundraising and partnership opportunities, indicating a robust business model reliant on community and corporate support. Technically, the site is built on Drupal 10 with modern frameworks and integrates multiple analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and no evident vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high trustworthiness and professionalism suitable for its charitable mission.

A

Assistance Dogs Australia

assistancedogs.org.au

0

Assistance Dogs Australia is a well-established non-profit charity focused on providing trained assistance dogs to Australians with mobility challenges, autism, and PTSD. The organization holds recognized accreditations and maintains a strong market position within the Australian non-profit sector. Their website reflects a professional and trustworthy image, offering comprehensive information about their services, volunteer opportunities, and donation channels. The digital infrastructure is built on WordPress with modern plugins and tracking tools, supporting a good user experience and engagement. Security measures such as HTTPS, reCAPTCHA, and anti-spam plugins are in place, although some security headers could be improved. Privacy compliance is evident with clear privacy and cookie policies, and GDPR considerations are addressed. Overall, the site demonstrates a mature digital presence with room for enhanced security policies and incident response transparency.

S

Sydney Children's Hospitals Foundation

schf.org.au

0

Sydney Children's Hospitals Foundation is a well-established non-profit organization dedicated to supporting sick children through fundraising and community engagement. The website serves as a platform to inspire donations and facilitate fundraising activities, targeting community members and donors. The organization maintains a professional online presence with consistent branding and clear messaging focused on children's health and hospital support in Sydney, Australia. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Font Awesome, and integrates multiple third-party services such as Google Tag Manager, Facebook Pixel, Hotjar, and Visual Website Optimizer. Hosting is supported by AWS Cloudfront CDN, ensuring reasonable performance and availability. The site is mobile-optimized and includes accessibility considerations, though some improvements could be made. From a security perspective, the site uses HTTPS and loads scripts asynchronously to reduce risk. However, no explicit security headers were detected in the provided data, and privacy and cookie policies are not clearly presented, which may impact compliance and user trust. The WHOIS data is unavailable, limiting domain trust assessment, though the website content and technical setup indicate a legitimate and professional operation. Overall, the website is functional, secure to a reasonable degree, and professionally maintained, but would benefit from enhanced transparency in privacy policies, security headers, and domain registration information to improve trust and compliance.

The website 'Proiect: Start în Antreprenoriatul Social' represents a newly launched social entrepreneurship project funded by the European Social Fund, targeting vulnerable rural populations in Romania. The project aims to improve labor market access and promote independent social economy activities through integrated services including training, business plan contests, and non-reimbursable funding for selected social enterprises. The website serves as an informational and engagement platform for potential beneficiaries and partners, with a clear focus on social impact and rural development. Technically, the website is built on WordPress with modern technologies such as React, jQuery, and Google Tag Manager. It employs accessibility features and SEO optimizations, ensuring good user experience and mobile responsiveness. Hosting is provided by Space Ro SRL, a legitimate Romanian hosting provider. Cookie consent and privacy policies are implemented, reflecting GDPR compliance. From a security perspective, the site uses HTTPS with good SSL configuration but lacks advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the project timeline and business claims, enhancing trustworthiness. Overall, the website is professional, secure, and compliant with privacy regulations, suitable for its social project purpose. Strategic improvements could include enhanced security headers, explicit security policies, and more direct contact information to strengthen trust and incident readiness.

R

Ronald McDonald House Charities Northern NSW

rmhcnnsw.org.au

0

Ronald McDonald House Charities Northern NSW is a well-established non-profit organization dedicated to supporting families with seriously ill children by providing accommodation, family rooms, retreats, and educational programs. With over 30 years of service, it holds a strong market position in the Northern NSW region, supported by a robust community and fundraising ecosystem. The website reflects a professional and consistent brand image, targeting families, donors, and volunteers. Technically, the site is built on WordPress with Elementor and integrates modern tracking and analytics tools, though some minor performance and accessibility improvements are possible. Security posture is good with HTTPS and reCAPTCHA protections, but lacks published security policies and security headers. Privacy compliance is a notable gap due to missing privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security transparency.

R

Ronald McDonald House Charities

rmhcgws.org.au

0

Ronald McDonald House Charities Greater Western Sydney is a well-established non-profit organization dedicated to providing critical support services and accommodation for families with sick and injured children in the Greater Western Sydney region. The organization supports thousands of families annually through various programs including accommodation, hospitality carts, education services, and holistic support. Their market position is strong within the charitable healthcare support sector in Australia, with clear branding and a professional online presence. The website is built on a modern WordPress platform using Elementor and Yoast SEO, indicating a mature digital infrastructure. It employs Google Tag Manager for analytics and tracking, and the site is mobile-optimized with good SEO practices. However, there is room for improvement in accessibility and security headers implementation. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The domain is properly registered and locked, enhancing trustworthiness. Privacy compliance is partial, with a comprehensive privacy policy present but lacking a cookie consent mechanism. No incident response or security policy information is publicly available. Overall, the website presents a trustworthy and professional image suitable for its non-profit mission, but should enhance privacy compliance and security headers to improve its security posture and regulatory adherence.

A

AGPI - Asociación Galega de Profesionais da Ilustración

agpi.es

0

AGPI - Asociación Galega de Profesionais da Ilustración is a non-profit professional association founded in 2000, representing illustrators primarily in Galicia, Spain. The organization focuses on defending the rights and interests of its members, providing resources, hosting events, and promoting the illustration profession regionally. The website is well-structured, localized in Galician, and presents a professional image consistent with its mission. It leverages WordPress CMS with modern plugins and a responsive design to serve its audience effectively. Technically, the website uses a mature WordPress infrastructure with plugins such as Yoast SEO, Contact Form 7, and Shield Security, indicating a reasonable level of digital maturity and security awareness. The site is HTTPS enabled with cookie consent mechanisms, although explicit privacy and terms of service pages are missing, which could be improved for compliance and transparency. From a security perspective, the site benefits from HTTPS and active security plugins but lacks visible security headers and formal incident response or vulnerability disclosure information. No critical vulnerabilities or suspicious content were detected. The absence of WHOIS data due to Red.es restrictions limits full domain trust analysis but the website content and external affiliations suggest legitimacy. Overall, AGPI's website is a solid digital presence for a regional non-profit association with good content quality and security posture. Enhancements in privacy policy transparency, security headers, and WHOIS data availability would further strengthen trust and compliance.

D

David Suzuki Foundation

davidsuzuki.org

0

The David Suzuki Foundation is a well-established Canadian non-profit organization dedicated to environmental protection, sustainability, and education. The website reflects a professional presence with a clear focus on advocacy and policy analysis to support a sustainable Canada. The organization has a long history dating back to 1997, supported by consistent domain registration data. The site uses a modern WordPress CMS with integrated marketing and analytics tools, including Google Tag Manager, Facebook Pixel, Hotjar, and Visual Website Optimizer, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enabled and domain transfer protections, though DNSSEC is not enabled and no explicit security or privacy policies are published on the homepage. Privacy compliance is limited by the absence of visible cookie consent mechanisms and privacy policy links. Overall, the website is trustworthy and professional but could improve transparency and compliance by publishing comprehensive privacy, cookie, and security policies.

É

Équiterre

equiterre.org

0

Équiterre is a well-established Canadian non-profit organization dedicated to environmental activism and promoting social equity. Their website reflects a mature digital presence with a focus on advocacy, education, and community engagement. The organization operates campaigns in key areas such as food and agriculture, transportation, climate, and sustainable consumption. Their market position is strong within the environmental NGO sector, supported by a medium-sized audience and active social media engagement. Technically, the website uses modern frameworks like SvelteKit and integrates multiple analytics and marketing tools including Google Analytics, HubSpot, and Facebook Pixel. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a high level of digital maturity. From a security perspective, the site enforces HTTPS and uses reCAPTCHA on forms, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. However, explicit security headers could be more clearly implemented. Overall, the website presents a low risk profile with strong trust indicators and professional content. The lack of WHOIS data due to privacy protection is typical for NGOs and does not detract from legitimacy. Strategic recommendations include enhancing security headers, continuous monitoring of third-party scripts, and maintaining compliance with evolving privacy regulations.

W

Women’s Refuge

shielded.co.nz

0

The Shielded Site, operated by Women’s Refuge, is a New Zealand-based non-profit initiative focused on providing a safe and discreet way for victims of domestic violence to seek help online. The website serves as a platform to embed a shielded help tool on partner websites, enabling victims to access resources without fear of detection by abusive partners. The organization has established a broad partnership network across various sectors in New Zealand, enhancing its reach and credibility. Technically, the website employs a modern JavaScript stack including Vue.js, Bootstrap, and several libraries for UI and interactivity. Hosting is supported by Amazon AWS infrastructure, ensuring reliable availability. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some areas such as accessibility and SEO could be improved. From a security perspective, the site uses HTTPS and trusted external libraries but lacks DNSSEC and security headers, which are recommended to enhance protection. No sensitive data exposure or vulnerabilities were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information is limited to an email address, with no phone or physical address provided. Overall, the website is trustworthy and professionally maintained, with a strong focus on its social mission. Strategic improvements in security headers, DNSSEC, and privacy compliance would further strengthen its posture and user trust.

C

Cultuurloket vzw

kunstenloket.be

0

Cultuurloket vzw is a Belgian non-profit organization dedicated to providing business support, legal, fiscal, and financial information to the cultural sector. The website serves as a comprehensive resource hub offering knowledge articles, training programs, consultancy, and document templates tailored for cultural professionals and organizations. It maintains a strong market position as a trusted advisor within the cultural community in Belgium, supported by a consistent brand presence and active social media engagement. Technically, the website is built on Drupal 9 with Commerce 2, integrating modern web technologies such as Google reCAPTCHA v3 for security and AddToAny for social sharing. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience. Cookie compliance and privacy policies are well implemented, reflecting adherence to GDPR requirements. From a security perspective, the site uses HTTPS and includes security best practices like CAPTCHA and cookie consent mechanisms. However, explicit security headers and incident response contacts are not evident and could be improved. The WHOIS data is restricted due to registry policy, but the website's professional content and transparency support its legitimacy. Overall, Cultuurloket presents a secure, compliant, and professionally maintained digital presence that effectively supports its mission to assist the cultural sector in Belgium.

S

SPEAK UP! Stay ChatTY

staychatty.com.au

0

SPEAK UP! Stay ChatTY is a non-profit organization focused on promoting positive mental health and preventing suicide across Australia. The website serves as a platform to deliver key messages about mental health awareness, stigma reduction, and encouraging help-seeking behaviors through community programs and events. The organization targets the general Australian public, aiming to foster open conversations about mental health and support networks. Technically, the website is built on WordPress with WooCommerce integration, likely to support merchandise or donations. It employs modern web technologies including jQuery, Slider Revolution, and FontAwesome icons. Hosting appears to be managed by Zest Hosting, an Australian provider. The site is mobile-optimized and performs moderately well, with good SEO practices evident in meta tags and structured data. From a security perspective, the site uses HTTPS and Google reCAPTCHA to protect forms, but lacks advanced security headers and explicit privacy or cookie policies. There is no visible incident response or vulnerability disclosure information, which could be improved to enhance trust and compliance. WHOIS data is transparent and consistent with the organization's Australian identity, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security hardening, and clearer contact information. These improvements would strengthen user trust and regulatory adherence.

P

Professional Footballers' Association

thepfa.com

0

The Professional Footballers' Association (PFA) website serves as the official union platform for current and former footballers and scholars in the Premier League, FA Women’s Super League, and English Football Leagues. It provides comprehensive support including union representation, wellbeing services, education, and community engagement. The site is well-positioned as a trusted organization dedicated solely to football players' interests, with a strong market presence in the UK football sector. Technically, the website employs modern web technologies including jQuery, Google Analytics, and YouTube APIs, ensuring a responsive and user-friendly experience across devices. The site is well-structured with good SEO and accessibility practices, although some improvements in security headers and cookie consent mechanisms could enhance compliance and security posture. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, the absence of WHOIS data limits domain registration transparency. No critical vulnerabilities or security issues were detected in the content. Privacy and cookie policies are present, indicating a commitment to GDPR compliance, though explicit consent mechanisms could be improved. Overall, the PFA website demonstrates a strong professional and trustworthy presence with moderate to high digital maturity. Strategic recommendations include enhancing security headers, implementing a security.txt file, and improving cookie consent transparency to further strengthen trust and compliance.

L

Lexington Eagles

lexingtoneagles.com

0

Lexington Eagles is a small, faith-based non-profit soccer program launched in 2024, operating as a division of Missionary Athletes International. The organization focuses on empowering players of all ages and backgrounds through soccer and leadership development, offering programs such as urban ministry, school programs, international tours, and volunteer opportunities. The website is professionally designed using Squarespace, featuring good navigation and mobile optimization. However, the absence of privacy and cookie policies and missing WHOIS domain registration data present compliance and trust concerns. Security posture is strong with HTTPS and HSTS enabled, but additional security headers and policies are recommended. Overall, the site is functional and trustworthy from a content perspective but requires improvements in privacy compliance and domain legitimacy transparency.