Non-profit security reports

F

Free Software Foundation Europe

fsfe.org

0

The Free Software Foundation Europe (FSFE) is a well-established non-profit organization founded in 2001, dedicated to advocating for software freedom and empowering users to control technology. The website serves as a comprehensive platform for news, events, campaigns, and community engagement related to free software in Europe. It targets users, contributors, and policy stakeholders interested in digital rights and software freedom. The organization operates with a clear mission and maintains a consistent brand presence with multilingual support and community testimonials. Technically, the website employs a modern yet somewhat dated technology stack including jQuery, Modernizr, and Bootstrap 3. It is hosted under the registrar Gandi SAS and shows moderate performance with good mobile optimization and accessibility. The site lacks a CMS indication, suggesting a custom or static site approach. SEO and metadata are well implemented with comprehensive Open Graph and Twitter card tags. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy, though no cookie consent mechanism was found. Contact is primarily via forms and a contact page, with no direct emails or phone numbers publicly listed. Social media presence is limited but includes Mastodon and Peertube. Overall, FSFE's website demonstrates a high level of professionalism, trustworthiness, and content quality suitable for its non-profit advocacy role. Recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing explicit security and incident response policies to further enhance trust and compliance.

S

Software Freedom Conservancy

sfconservancy.org

0

Software Freedom Conservancy is a small, established non-profit organization dedicated to promoting and defending free and open source software rights, including copyleft compliance and software freedom. Their services include legal defense, community support, internships, and advocacy initiatives. The website reflects a mature and consistent brand with excellent content quality and user experience. Technically, the site uses standard web technologies and is hosted via Gandi SAS, with good mobile optimization and SEO. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the domain registration data aligns well with the organization's history, supporting legitimacy and trustworthiness.

C

CARE

care.org

0

CARE is a globally recognized non-profit humanitarian organization dedicated to fighting global poverty and world hunger, with a strong focus on empowering women and girls. The organization operates at a large scale with a well-established brand and a comprehensive portfolio of services including emergency response, health, nutrition, and development programs. Their website reflects a mature digital presence with professional design, clear navigation, and extensive content relevant to their mission and audience. Technically, the site leverages modern web technologies and analytics tools such as Google Tag Manager, Hotjar, and Facebook Pixel, integrated within a WordPress CMS framework. Security measures are robust, featuring HTTPS, security headers, and reCAPTCHA protections, although explicit security policy documentation is not publicly found. Overall, CARE demonstrates a strong security posture and compliance with privacy regulations including GDPR. The domain WHOIS data is privacy protected but consistent with a legitimate, longstanding organization. Strategic recommendations include enhancing transparency around security policies and incident response, and continuous monitoring of third-party scripts to maintain security integrity.

F

Forces Employment Charity

forcesemployment.org.uk

0

Forces Employment Charity is a UK-based non-profit organization dedicated to providing lifelong employment support, job opportunities, and training for service leavers, veterans, reservists, and their families. The charity holds recognized registrations in England, Wales, and Scotland, and is patronized by HRH The Princess Royal, indicating strong legitimacy and trust within its sector. The website is professionally designed with clear navigation and comprehensive content tailored to its target audience, including multiple specialized programs and resources.

F

Feathr

feathr.co

0

Feathr is a specialized marketing platform focused on empowering nonprofits to grow their donor base, increase engagement, and boost revenue through data-driven digital campaigns. The company offers a suite of services including email marketing, digital and social advertising, audience segmentation, marketing automation, and real-time analytics. Positioned as a trusted partner for nonprofits, Feathr leverages integrations with popular nonprofit CRMs and emphasizes measurable ROI and impact. Technically, the website is built on the HubSpot CMS platform, utilizing modern marketing and analytics tools such as Google Analytics and Facebook Pixel, ensuring a robust digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms like cookie consent banners. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. Overall, the website is professional, trustworthy, and well-optimized for its target audience, with a moderate to high AI score reflecting solid content quality, technical implementation, and business credibility.

W

Webling Vereinssoftware

webling.ch

0

Webling.ch is a well-established Swiss online software provider specializing in club and association management. The company offers a comprehensive SaaS platform that covers membership management, accounting, event organization, and communication tools tailored for clubs of all sizes. With over 15 years of experience and a strong customer base exceeding 8000 clubs, Webling positions itself as a trusted and user-friendly solution in the non-profit sector. The website reflects a professional and modern digital presence, leveraging advanced web technologies such as Nuxt.js and Vue.js, ensuring fast performance and excellent mobile responsiveness. Security practices are robust, including HTTPS enforcement, Swiss-based hosting, daily backups, and compliance with GDPR and Swiss data protection laws. However, the site lacks visible cookie consent mechanisms and explicit terms of service or security incident response contacts, which are areas for improvement. Overall, Webling demonstrates a mature technical infrastructure and a strong market position with high trust indicators.

R

Ruddershift

ruddershift.com

0

Ruddershift is a mission-driven organization dedicated to supporting veterans in their transition to meaningful careers, focusing on workforce development and employment innovation. The website presents a professional and clear message targeting veterans and related stakeholders. Technically, the site is built on Squarespace, leveraging modern web technologies and providing a responsive user experience. Security posture is strong with HTTPS and HSTS enabled, though additional security headers and policies could enhance protection. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms and terms of service. The absence of WHOIS data raises concerns about domain registration legitimacy, suggesting a need for further verification. Overall, the site is trustworthy and functional but could improve in compliance and transparency.

J

Joint Development Foundation

jointdevelopment.org

0

The Joint Development Foundation is a small non-profit organization established in 2014, focused on facilitating collaborative development projects. The website presents basic but professional content aimed at organizations interested in joint development initiatives. Technically, the site is built on WordPress and employs standard technologies such as Google Tag Manager and New Relic for analytics and monitoring. The SSL configuration is good, ensuring secure HTTPS connections, but DNSSEC is not enabled, which could enhance DNS security. Security posture is moderate with no critical vulnerabilities detected, but the absence of security policies and incident response contacts limits transparency. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the site is functional and moderately secure but would benefit from enhanced privacy disclosures and security documentation.

G

Get Your Start in DFIR

getyourstartindfir.org

0

Get Your Start in DFIR is a small non-profit organization founded in 2021, dedicated to improving diversity and providing educational assistance in the Digital Forensics and Incident Response (DFIR) field. The organization offers scholarships for training, certifications, and books, and maintains a job board for entry-level DFIR positions. Their business model relies entirely on donations, with transparent financial reporting facilitated through partnerships with Hack Club Bank. The website is professionally designed using WordPress and the Kadence theme, with a moderate technical infrastructure and good mobile optimization. Security posture is adequate with HTTPS and domain transfer protections, but lacks advanced DNS security and formal security policies. Privacy compliance is a notable gap, with no privacy or cookie policies detected. Overall, the website is trustworthy and serves a clear niche audience effectively.

F

Fédération romande des consommateurs

frc.ch

0

The Fédération romande des consommateurs (FRC) is a Swiss non-profit consumer advocacy organization focused on defending, informing, and acting for enlightened and sustainable consumption primarily in the French-speaking regions of Switzerland. The website presents a professional and comprehensive digital presence with rich content including legal advice, consumer tests, investigations, and advocacy campaigns. The organization targets consumers seeking independent information and legal support. Technically, the site is built on Drupal 11 with modern JavaScript frameworks like Alpine.js and HTMX, and uses Matomo for analytics, indicating a mature and privacy-conscious infrastructure. Security posture is strong with HTTPS and secure form handling, though some improvements are recommended such as adding cookie consent mechanisms and publishing explicit security policies. Overall, the site is trustworthy, well-branded, and provides valuable services to its audience.

S

Stiftung für Konsumentenschutz

konsumentenschutz.ch

0

The Stiftung für Konsumentenschutz operates as a Swiss non-profit consumer protection foundation focused on providing advice, information, and support to consumers. The website reflects a well-established organization with a clear mission targeting Swiss consumers. The digital infrastructure is built on a modern WordPress CMS with Bootstrap and various plugins enhancing SEO, accessibility, and user experience. The site demonstrates good mobile optimization and accessibility features, including a dedicated accessibility tool for users with disabilities. Security posture is solid with HTTPS enabled and some security plugins in use, though explicit security policies and incident response information are absent. Privacy compliance is limited due to missing visible privacy and cookie policies. Overall, the website is professional and trustworthy but could improve transparency in privacy and security disclosures.

R

Rebel Idealist Inc

donorbox.org

0

Donorbox is a well-established SaaS provider specializing in donation software and nonprofit fundraising solutions. Founded in 2013 and operated by Rebel Idealist Inc, it offers a comprehensive suite of tools including AI-powered CRM, donation forms, event ticketing, and peer-to-peer fundraising. The platform targets nonprofits, charities, educational institutions, and political campaigns, positioning itself as a market leader with strong customer satisfaction and extensive features. Technically, Donorbox employs a modern and robust infrastructure leveraging Cloudflare CDN, Stripe payment processing, and multiple analytics and marketing integrations, ensuring fast performance and excellent mobile optimization. Security is a priority with HTTPS enforcement, security headers, and a dedicated security page, although DNSSEC is not enabled. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Donorbox demonstrates a mature digital presence with high trustworthiness and a strong reputation in the nonprofit fundraising sector.

I

ISSA International

issa.org

0

ISSA International is a well-established non-profit professional association focused on information security. Founded in 1999, it provides networking, educational events, awards, and professional development services to information security professionals worldwide. The website reflects a mature digital presence with a professional design and good SEO practices, leveraging WordPress and modern web technologies. The domain age and registration details align with the organization's long-standing history, supporting its credibility. Technically, the website uses WordPress CMS with Yoast SEO and jQuery libraries, hosted with GoDaddy registrar and DNS managed by Cloudflare. Performance and mobile optimization are good, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain registration protections, but lacks advanced security headers and DNSSEC. Security-wise, no critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit privacy and cookie policies, security.txt, and incident response contacts indicates room for improvement in compliance and transparency. Analytics usage includes Google Analytics with moderate user tracking. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to strengthen user trust and regulatory adherence.

B

BBWIC Foundation

bbwic.com

0

BBWIC Foundation operates as a non-profit organization focused on community development and empowerment. The website, hosted on the Wix platform, provides basic information about the foundation's mission and activities but lacks detailed business or contact information. The technical infrastructure is standard for Wix-hosted sites, with no advanced frameworks or custom technologies detected. Security posture is moderate with HTTPS enabled but lacking security headers and explicit security policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site presents a basic digital presence suitable for a small non-profit but would benefit from enhanced transparency and security measures.

N

Nobel Peace Center

nobelpeacecenter.org

0

The Nobel Peace Center website serves as the official online presence of the museum dedicated to the Nobel Peace Prize in Oslo, Norway. It offers visitors information about exhibitions, events, and guided tours inspired by Nobel Peace Prize laureates. The site targets a broad audience including tourists, peace advocates, and the general public interested in peace and cultural heritage. The business operates as a non-profit cultural institution with a medium organizational size and a strong market position in Norway's museum sector. Technically, the website is built using modern web technologies including Next.js (React framework) and Sanity CMS, ensuring fast performance and excellent mobile optimization. The site integrates Cookiebot for cookie consent management and Google Tag Manager for analytics, reflecting a mature digital infrastructure. Accessibility and SEO optimizations are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs a comprehensive cookie consent mechanism with granular user controls, supporting GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security headers and a security.txt file suggests room for improvement in security best practices. The WHOIS data is unavailable due to query failure or privacy protection, but the domain and website content indicate legitimacy. Overall, the website demonstrates a strong security posture, good privacy compliance, and high business credibility. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving contact information visibility to further strengthen trust and compliance.

C

Cyber Esports Foundation

cyberesportsfoundation.org

0

Cyber Esports Foundation is a 501c3 nonprofit organization dedicated to fostering a diverse, skilled, and collaborative global cybersecurity workforce through esports and cybersecurity games. The organization operates by engaging communities via cyber leagues, competitions, and research initiatives, supported by donors and partners. Their market position is niche but professionally established within the cybersecurity and esports intersection, targeting cybersecurity professionals, gamers, and supporters. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies including jQuery, HubSpot forms, Facebook Pixel, and Donorbox for donations. The site is mobile-optimized, accessible, and performs moderately well. SEO and content quality are strong, with clear branding and consistent messaging. From a security perspective, the site enforces HTTPS and uses secure iframe sandboxing for embedded content. However, it lacks explicit security headers and published security policies such as privacy policy or terms of service, which are compliance gaps. The WHOIS data is incomplete, limiting domain trust verification. No vulnerabilities or malicious content were detected. Overall, the website presents a professional and trustworthy front for a nonprofit organization, but improvements in transparency, security headers, and WHOIS data availability are recommended to enhance trust and compliance.

B

Bio Suisse

bio-suisse.ch

0

Bio Suisse is a Swiss non-profit umbrella organization representing organic farms certified under the Knospe label. The organization focuses on sustainable agriculture, animal welfare, and fair trade, holding the registered trademark for Knospe products. Their market position is strong within Switzerland as a leading certifier and promoter of organic farming. The website targets consumers and producers interested in organic products and sustainability. Technically, the site employs modern web technologies including JavaScript, Cookiebot for consent management, and Google Tag Manager for analytics, ensuring good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and standard security headers present, though no dedicated security policy or incident response information is publicly available. Privacy compliance is robust with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the website is professional, trustworthy, and well-maintained, reflecting the organization's credibility and commitment to transparency.

C

Carrefour addictionS

monado.ch

0

MonAdo.ch is a non-profit informational website operated by Carrefour addictionS, focused on supporting parents of adolescents dealing with addiction and related challenges. The site offers educational content on alcohol, tobacco, cannabis, gambling, screens, and nightlife, targeting a mature audience of concerned parents. It is positioned as a specialized resource in the addiction prevention and adolescent support sector within Switzerland. Technically, the site is built on WordPress with a modern plugin ecosystem including WPML for multilingual support, Google Tag Manager for analytics, and Complianz for cookie consent management. The site demonstrates good mobile optimization and SEO practices but lacks explicit privacy and terms of service pages. Security posture is solid with HTTPS and reCAPTCHA usage, though some security headers are not explicitly confirmed. Overall, the site is trustworthy and professionally maintained, with room for improvement in privacy compliance and direct contact information.

L

L'ESPACE

lespacedapres.ch

0

L'ESPACE is a community-focused, modular venue located in Geneva, Switzerland, offering flexible spaces for meetings, conferences, and collaborative events. The website serves as a platform for room reservations, community event listings, and resource sharing, targeting local organizations and professionals interested in social economy and collective activities. Technically, the site is built on Drupal 9 with modern web technologies, providing good mobile optimization and accessibility. Security posture is moderate with HTTPS usage and secure forms but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security transparency.

A

Association Valaisanne des Musées

musees-vs.ch

0

The Association Valaisanne des Musées (AVM) is a Swiss non-profit organization established in 1981, serving as the umbrella organization for museums in the Valais region. The website provides comprehensive information about the association's activities, events, and coordination efforts for the local museum network. The site targets cultural institutions and the general public interested in museum-related content in Valais. Technically, the website is built on WordPress using the Divi theme, enhanced with modern plugins for SEO, caching, and cookie compliance, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a clear cookie consent mechanism and a comprehensive privacy policy. However, the site lacks explicit security policies and incident response information, which could be improved to enhance trust and preparedness. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission and audience.

P

Pensionistenverband Österreichs

pvoe.at

0

The Pensionistenverband Österreichs (PVÖ) is a well-established non-profit organization serving the senior citizen community in Austria. It offers membership benefits including discounts, advocacy, events, and free counseling services. The website is professionally designed using TYPO3 CMS, targeting the 50+ generation with a focus on community, support, and travel opportunities. The organization maintains a strong market position as a leading pensioners association in Austria, supported by clear contact information and social media presence. Technically, the website employs modern web technologies including TYPO3 CMS and Matomo analytics for user tracking. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enforced and cookie consent implemented, but lacks some advanced security headers and explicit security policies. No blocking or WAF mechanisms were detected, allowing full content access. Security-wise, the site shows good practices but could improve by adding security headers, publishing a security policy, and implementing vulnerability disclosure mechanisms. Privacy compliance is basic, with cookie consent present but no explicit privacy policy or terms of service found on the main page. Contact information is clearly provided, enhancing business credibility. Overall, the PVÖ website is a trustworthy, mature platform serving its target audience effectively, with room for improvement in security and privacy transparency to further strengthen user trust and compliance.

C

Carrefour Addictions

carrefouraddictions.ch

0

Carrefour Addictions is a Geneva-based non-profit umbrella organization focused on the prevention of addictions including alcohol, cannabis, tobacco, gambling, and video games. Founded in 2013, it consolidates efforts from multiple prevention entities to provide coordinated interventions and resources for the local population, targeting youth, parents, and professionals. The organization is financially supported by the Republic and Canton of Geneva, reinforcing its legitimacy and regional importance. The website reflects a professional and informative presence with clear contact channels and social media engagement. Technically, the site is built on WordPress with modern plugins and caching mechanisms, ensuring moderate performance and good mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. Privacy compliance is strong with comprehensive policies and GDPR adherence. Overall, the site is trustworthy and well-positioned as a regional prevention resource.

A

Association ESPAS

espas.info

0

Association ESPAS is a Swiss non-profit organization dedicated to supporting children, adolescents, and adults affected by sexual abuse. The organization provides therapeutic support, family therapy, evaluation services, and prevention and training programs aimed at professionals and volunteers working with vulnerable populations. The website reflects a focused mission with clear service offerings and a target audience that includes victims, families, and professionals. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap, and it employs HTTPS with Google Analytics and Facebook SDK for tracking. However, it lacks explicit privacy and cookie policies and security headers, which are areas for improvement. The WHOIS data is not publicly available, indicating privacy protection, which is reasonable for a non-profit entity. Overall, the site is professional, trustworthy, and accessible, with moderate technical and security maturity.

B

Beyond125

beyond125.org

0

Beyond125 is a non-profit initiative dedicated to protecting NGOs worldwide from cyber threats and disinformation. The organization collaborates with cybersecurity experts, international organizations, and volunteers to provide cybersecurity tools, services, and AI-driven platforms such as the CyberPeace Tracer. Their mission is to secure the digital future of civil society organizations by fostering resilience and transparency in cyberspace. The website is professionally designed on the Squarespace platform, offering clear navigation and relevant content focused on the NGO sector. However, it lacks visible contact information and formal privacy or cookie policies, which could be improved to enhance trust and compliance. The security posture is strong with HTTPS and HSTS enabled, but additional security headers and incident response details would strengthen it further.

V

Verein Jobdach

jobdach.ch

0

Verein Jobdach is a Swiss non-profit organization established in 1996, providing survival aid and harm reduction services in the canton of Luzern. Their key offerings include emergency shelter (Notschlafstelle), long-term housing for individuals with addiction and mental health challenges (Obdach), and day structure programs (Wärchstatt). The website is built on Joomla CMS and incorporates modern web technologies such as Bootstrap and jQuery, with Google Analytics for visitor tracking. The site is well-structured, mobile-optimized, and presents a professional image consistent with its social mission. However, it lacks visible contact information on the homepage and does not implement cookie consent mechanisms, which may affect privacy compliance.

P

Protect Where We Play

protectwhereweplay.com

0

Protect Where We Play is a non-profit initiative launched in 2024 by Ocean Conservancy to engage sports, art, and music communities in ocean conservation efforts. The website serves as a platform to mobilize fans and partners through events, donations, and awareness campaigns. It leverages partnerships with sports teams and environmental organizations to amplify its mission. Technically, the site is built on WordPress using the Divi theme and integrates modern web technologies and SEO best practices. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. The security posture is solid with HTTPS and transfer lock on the domain, though DNSSEC is not enabled and some security headers are missing. Privacy and cookie policies exist but are basic, and no explicit incident response or vulnerability disclosure policies are published. Overall, the site is professional, trustworthy, and well-positioned for its niche audience.

O

Ocean Conservancy

oceanconservancy.org

0

Ocean Conservancy is a well-established U.S.-based non-profit organization dedicated to ocean conservation globally. Their website reflects a mature digital presence with comprehensive content focused on biodiversity, climate solutions, and plastic pollution prevention. The organization leverages volunteer engagement, corporate partnerships, and donor contributions to advance its mission. The site is professionally designed, mobile-optimized, and integrates modern web technologies including WordPress CMS, Gravity Forms, and analytics tools such as Google Tag Manager and New Relic. Cookie consent is managed via Cookiebot, indicating attention to privacy compliance, although explicit privacy and terms of service documents are not found. Security posture is solid with HTTPS enforced and domain registration consistent with a reputable entity, though DNSSEC is not enabled and some security headers could be improved. Overall, the website is trustworthy, user-friendly, and aligns well with the organization's mission and audience.

O

One Tree Planted

onetreeplanted.org

0

One Tree Planted is a well-established nonprofit environmental organization focused on global tree planting initiatives. Founded in 2014, it operates primarily through donations and corporate partnerships to restore habitats and promote sustainability. The website reflects a strong market position with clear messaging, comprehensive content, and a consistent brand image targeting environmentally conscious individuals and organizations. Technically, the website is built on the Shopify platform, leveraging modern web technologies and third-party integrations such as Klaviyo for marketing, Recharge for subscription payments, and Microsoft Clarity for analytics. The site demonstrates excellent mobile optimization, fast performance, and good SEO practices, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs domain locking mechanisms, and uses cookie consent banners to comply with privacy regulations. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which are areas for improvement. No critical vulnerabilities or suspicious activities were detected. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic enhancements in security transparency and DNS security (e.g., enabling DNSSEC) would further strengthen its posture.

No Kid Hungry is a well-established national nonprofit campaign operated by Share Our Strength, focused on ending child hunger in America through advocacy, fundraising, and partnerships. The website reflects a mature digital presence with professional design, clear messaging, and extensive use of modern marketing and analytics technologies. The technical infrastructure is based on Drupal 11 CMS and integrates multiple tracking and advertising pixels to optimize outreach and engagement. Security posture is strong with HTTPS, security headers, and reCAPTCHA protections, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy and aligns well with its nonprofit mission, with no signs of malicious activity or content blocking.

P

Pencils of Promise

pencilsofpromise.org

0

Pencils of Promise is a well-established non-profit organization founded in 2008, dedicated to improving education through building schools and implementing WASH programs. The website reflects a professional and consistent brand presence with a clear focus on its mission to create a better world through education. The technical infrastructure is modern, leveraging WordPress with Elementor, NitroPack for performance optimization, and Cloudflare for DNS and CDN services. Analytics and user tracking are implemented via Google Analytics, Google Tag Manager, and Hotjar, indicating a data-driven approach to user engagement. Security posture is generally good with HTTPS enforced and domain protections in place, though there is room for improvement in security headers and DNSSEC implementation. Privacy and cookie policies are notably absent or not detected in the provided content, representing a compliance gap. Overall, the website is trustworthy and professionally managed but should enhance privacy compliance and security transparency.

C

Cambodian Village Fund

cambodianvillagefund.org

0

Cambodian Village Fund is a well-established non-profit organization dedicated to improving education and community development in rural Cambodia. Their core activities include building schools, providing scholarships, and offering English language education to empower local communities. The organization has a strong market position supported by over 18 years of impactful work and a clear mission that resonates with donors and supporters. The website reflects a professional and trustworthy image with detailed program information and clear calls to action for donations and involvement. Technically, the site is built on WordPress with a modern block editor, hosted by a reputable registrar, and optimized for mobile and accessibility. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is a notable gap due to missing privacy and cookie policies. Overall, the site is credible and safe, with room for improvement in compliance and security transparency.

E

EdelCert & InSpectorat Sàrl

edelcert.net

0

EdelCert & InSpectorat Sàrl is a small Swiss company specializing in certification of quality management systems according to ISO standards and recognized labels, as well as providing related training services. The company targets private enterprises, public organizations, and non-profit entities primarily within Switzerland. Their market position is niche with over 200 certified clients, supported by accreditations such as SAS and ISO certifications. Technically, the website is built on WordPress with modern plugins like Elementor and WPForms, offering a responsive and professional user experience. Security posture is solid with HTTPS enforced and secure forms, though lacking some security headers and cookie consent mechanisms. The absence of WHOIS data reduces domain trustworthiness, but the website content and business information appear legitimate and professional. Overall, the site is well-structured, informative, and trustworthy for its intended audience.

S

Shreveport Metro Ballet

shreveportmetroballet.org

0

Shreveport Metro Ballet is a well-established community arts organization dedicated to ballet performances and education since 1973. The website serves as a platform to promote events, outreach programs, sponsorship opportunities, and merchandise sales, targeting local community members and supporters. The organization operates as a non-profit relying on donations and community engagement. Technically, the website is built on the Squarespace platform, leveraging modern web technologies and providing a responsive design with moderate performance and basic accessibility features. Security posture is strong with HTTPS and HSTS enabled, but lacks visible privacy and cookie policies, which impacts compliance. The absence of WHOIS data limits domain trust assessment, though the site content and branding appear consistent and professional. Overall, the site is functional and trustworthy but would benefit from enhanced privacy compliance and transparency.

C

CyberPeace Institute

cyberpeacetracer.ngo

0

CyberPeace Tracer is a professional non-profit platform operated by the CyberPeace Institute, focusing on exposing and analyzing cyber threats and disinformation impacting civil society organizations globally. The platform leverages AI and partnerships with data providers to deliver actionable cybersecurity insights and support to NGOs and nonprofits. The website is well-designed, mobile-optimized, and provides rich content including threat statistics, sector-specific case studies, and calls to action for donors and volunteers. Technically, the site uses modern frameworks like Astro and is hosted on Cloudflare, ensuring good performance and security. However, the absence of privacy and cookie policies, lack of security headers, and inconsistencies in WHOIS domain registration data present areas of concern. Overall, the platform demonstrates a strong commitment to digital resilience for civil society but should address compliance and security policy transparency to enhance trust and regulatory alignment.

The Underserved Project is an EU-funded initiative aimed at empowering law enforcement agencies to support humanitarian actors and NGOs in cyberspace. The project focuses on informing vulnerable sectors about cybercrime impacts, preventing cybercrime through capacity building, and connecting NGOs with law enforcement and CERTs to create a comprehensive cybercrime reporting network. The website serves as a platform for project information, deliverables, news, and open-source code repositories, targeting a niche audience within the non-profit and humanitarian sectors. Technically, the website is built using modern technologies including Astro framework, hosted on Vercel, and integrates Google Analytics and Vercel Analytics for tracking. It features responsive design and good SEO practices, with fast performance and basic accessibility. The site uses HTTPS with excellent SSL configuration but lacks some security headers that could enhance protection. From a security perspective, the site demonstrates good practices such as no exposed sensitive data and secure hosting. However, it lacks a cookie consent mechanism, published security or incident response policies, and a vulnerability disclosure program. The WHOIS data is consistent with the website's EU project nature, registered via a reputable registrar, indicating high legitimacy. Overall, the website is professional, trustworthy, and well-aligned with its mission, though improvements in privacy compliance and security policies would strengthen its posture and user trust.

C

CyberPeace Institute

cpb.ngo

0

CyberPeace Builders is a nonprofit initiative under the CyberPeace Institute focused on enhancing cybersecurity for nonprofits globally. The platform connects nonprofits with cybersecurity experts, corporate volunteers, and funding partners to build digital resilience and protect vulnerable communities from cyber threats. Their business model leverages partnerships, volunteering, and training to maximize social impact, aiming to protect one million nonprofits by 2035. The website is professionally designed, mobile-optimized, and uses modern web technologies including Astro framework and Cloudflare DNS services. Security posture is strong with HTTPS, Google reCAPTCHA Enterprise, and clientTransferProhibited domain status, though DNSSEC is not enabled. Privacy compliance is good with a comprehensive privacy policy, but no explicit cookie consent mechanism is present. Overall, the site demonstrates high trustworthiness and professionalism with reputable partners and clear impact metrics.

D

DoSomething

dosomethingstrategic.work

0

DoSomething Strategic is a social impact consultancy specializing in engaging Gen Z and purpose-driven growth strategies. The company positions itself as a trusted thought partner with over 30 years of experience in youth engagement, serving notable clients such as Nike, Spotify, and Feeding America. The website is professionally designed using Squarespace, featuring clear navigation and mobile optimization. However, it lacks critical privacy and cookie policies, which impacts its privacy compliance score. The technical infrastructure is modern and includes Google Analytics for user tracking, but security could be enhanced by enabling DNSSEC and HSTS. Overall, the security posture is good but could benefit from improved privacy compliance and security headers. The domain registration is privacy protected but legitimate, consistent with the business profile. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC and HSTS, and publishing security and incident response policies to enhance trust and compliance.

N

National Digital Inclusion Alliance

digitalinclusion.org

0

The National Digital Inclusion Alliance (NDIA) is a non-profit organization dedicated to advancing digital equity across the United States. Their website serves as a comprehensive resource hub, connecting organizations, supporting community programming, and equipping policymakers to act on digital inclusion issues. NDIA positions itself as a leading national voice in the digital inclusion space, offering key services such as program support, policy advocacy, research, and event organization. The site content is rich, professionally designed, and well-structured, targeting digital inclusion practitioners, advocates, and policymakers. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Google Analytics, and Google Tag Manager, ensuring good SEO and analytics capabilities. The site is mobile-optimized, fast-loading, and accessible, with no visible technical debt or vulnerabilities. Security posture is strong with HTTPS enforced and no exposed sensitive data, although explicit security headers and a vulnerability disclosure page are absent. Overall, the security posture is solid with room for improvement in cookie consent and security policy transparency. The WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. No suspicious patterns or vulnerabilities were detected. The website is trustworthy, professional, and serves its mission effectively. Strategic recommendations include implementing explicit security headers, adding a vulnerability disclosure or security.txt page, introducing a cookie consent mechanism to enhance privacy compliance, and regularly auditing third-party scripts for vulnerabilities.

S

Second Chance Hire

secondchancehire.com

0

Second Chance Hire operates a specialized employment and training platform focused on assisting formerly incarcerated individuals, veterans, and military spouses to find meaningful employment opportunities. The platform offers job matching, resume building, skills assessments, training courses, and mentorship connections, while also providing employers with tools to post jobs and search candidates. The business is positioned as a niche non-profit service with a growing market presence since its founding in 2021. Technically, the website is built on modern web technologies including Next.js, React, and integrates third-party services such as Stripe for payments and Google reCAPTCHA for security. The site demonstrates good performance and mobile optimization, though accessibility and SEO could be further enhanced. Security posture is solid with HTTPS and bot protection, but lacks some security headers and explicit incident response policies. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the domain registration data aligns well with the business profile, supporting legitimacy and trustworthiness.

S

Special Olympics Switzerland

specialolympics.ch

0

Special Olympics Switzerland is a prominent non-profit organization dedicated to providing sports opportunities and inclusion for people with intellectual disabilities in Switzerland. The organization holds a strong market position as the largest sports entity in this niche within the country, offering key services such as sports events, inclusion programs, and awareness campaigns. The website reflects a professional and consistent brand image aligned with its mission. Technically, the website is built on WordPress with multilingual support and integrates modern tools such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security and incident response policies are not published. Overall, the domain registration data aligns well with the organization's profile, supporting its legitimacy and trustworthiness.

C

CauseVox

causevox.com

0

CauseVox is a specialized SaaS platform providing a unified fundraising solution for nonprofits, integrating donation forms, events, peer-to-peer campaigns, and CRM functionalities. The company positions itself as a trusted partner for thousands of nonprofits, emphasizing ease of use, comprehensive features, and donor engagement. The website demonstrates a mature digital presence with modern technologies, strong SEO, and mobile optimization. Security posture is solid with HTTPS, security headers, and no evident vulnerabilities, though explicit security policies and incident response information are absent. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts transparency but does not detract from overall legitimacy. Strategic recommendations include publishing security and incident response policies and enhancing transparency.

I

IMPACT CLICK A.C.

impactclick.org

0

Impact Click is a Mexico-based non-profit organization founded in 2020 focused on promoting labor inclusion for people with motor disabilities through specialized online digital skills training and certification. The organization targets vulnerable groups and social projects, offering courses primarily in digital marketing and product design. The website is professionally designed with bilingual content, donation integration via PayPal, and active social media channels. Technically, the site uses modern frameworks like Bootstrap 5 and jQuery, with analytics and tracking via Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the organization.

Fonds du sport is a Geneva-based non-profit organization dedicated to supporting local sports clubs and athletes by providing news, event information, and resources. The website serves as a regional hub for sports-related activities and community engagement, targeting sports enthusiasts and organizations within the canton. Technically, the site is built on WordPress using the Avada theme, incorporating common web technologies such as jQuery and Google Tag Manager for analytics. The site demonstrates moderate performance and good mobile optimization, with a professional design and clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the website is trustworthy and professionally maintained, but could improve in privacy and security transparency.

C

Common Sense Media

commonsensemedia.org

0

Common Sense Media is a well-established nonprofit organization dedicated to providing trusted entertainment and technology recommendations for families. The website serves as a comprehensive platform offering age-based media reviews, parenting guides, and educational resources. It holds a strong market position as a leading independent source for family media advice, supported by a consistent brand presence and partnerships with major companies. The technical infrastructure is modern, leveraging Drupal CMS, PHP 8.3, and integrates Google Analytics and Tag Manager for analytics, alongside OneTrust for privacy compliance and mtcaptcha for form security. Security posture is robust with HTTPS enforcement, captcha protections, and cookie consent mechanisms, though there is room for improvement in security headers. Overall, the site is professional, accessible, and trustworthy, with no indications of adult or inappropriate content.

The Women's Society of Cyberjutsu (WSC) is a well-established 501(c)3 nonprofit organization dedicated to empowering women and girls in cybersecurity careers. Founded in 2012, WSC offers a comprehensive suite of services including networking events, technical training, mentoring, and career resources. The organization maintains a strong market position as a leading community for women in cybersecurity, supported by reputable sponsors and a professional online presence. Technically, the website leverages a mature technology stack including Bootstrap, jQuery, YUI, and YourMembership CMS, with integrations for analytics and bot protection such as Google Analytics, LinkedIn Insight Tag, New Relic, and DataDome. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and employs bot protection and monitoring tools. However, it lacks certain security headers and an explicit cookie consent mechanism, which are recommended for enhanced security and privacy compliance. The WHOIS data confirms domain legitimacy with consistent registration details and a domain age appropriate for the organization's history. Overall, the website is professional, trustworthy, and functional, serving its target audience effectively. Strategic improvements in privacy compliance and security headers would further strengthen its posture.

J

JobPaths

jobpaths.com

0

JobPaths is a specialized platform founded in 2013 that provides technology solutions to nonprofits and government agencies focused on workforce development for diverse populations including veterans, military spouses, people with disabilities, and second chance candidates. The platform offers a comprehensive suite of services such as skills assessments, online training, resume generation, mentorship, and personalized dashboards. It also supports employers with job posting and candidate sourcing capabilities. The company maintains strong partnerships with reputable organizations and operates multiple microsites tailored to specific user groups, enhancing its market niche in veteran and diversity employment support. Technically, JobPaths employs a modern technology stack centered around React and Next.js, hosted likely on AWS infrastructure with media assets served via S3. The site integrates Stripe for payment processing and Google reCAPTCHA v3 for bot mitigation, alongside Google Tag Manager for analytics. The website demonstrates excellent design quality, mobile optimization, and SEO practices, providing a professional and user-friendly experience. From a security perspective, the site enforces HTTPS, uses domain status locks to prevent unauthorized domain changes, and employs bot protection mechanisms. However, DNSSEC is not enabled, and explicit security headers such as Content-Security-Policy are not detected. Privacy compliance is supported by a comprehensive privacy policy and terms of service, though a cookie consent mechanism is absent. No incident response or security policy pages were found, indicating room for improvement in transparency and readiness. Overall, JobPaths presents a trustworthy and mature online presence with a strong focus on social impact and workforce development. Strategic recommendations include enabling DNSSEC, implementing additional security headers, publishing a security policy and incident response contacts, and adding a cookie consent mechanism to enhance GDPR compliance and user trust.

R

R Street Institute

rstreet.org

0

The R Street Institute is a well-established non-profit think tank founded in 2012, focused on classical liberalism and pragmatic policy solutions across sectors such as energy, government affairs, criminal justice, and technology. The organization operates nationally with multiple offices and a distributed staff. The website reflects a mature digital presence with comprehensive research, commentary, outreach, and event content targeting policymakers, academics, and the informed public. Technically, the site is built on WordPress with modern analytics and marketing integrations, including Google Analytics, HubSpot, and social media embeds. Security posture is good with HTTPS and reCAPTCHA protections, though explicit security headers could be improved. Privacy compliance is evident with privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness, with no signs of malicious activity or content safety concerns.

N

NPower

npower.org

0

NPower is a non-profit organization dedicated to creating pathways to economic prosperity by launching digital careers for military veterans and young adults from underserved communities. The website presents a professional and well-structured digital presence, leveraging WordPress with Elementor and JupiterX theme, and integrates multiple marketing and analytics tools such as Google Tag Manager, TikTok Pixel, Facebook Pixel, and Hotjar. The organization appears to have a strong market position in the non-profit sector focused on workforce development and digital skills training. Security posture is generally good with HTTPS enabled and secure external link handling, but lacks some security headers and publicly available security policies. Privacy compliance is limited due to absence of explicit privacy and cookie policies in the provided content. Overall, the website is trustworthy and professionally maintained, though improvements in transparency and security documentation are recommended.

N

NGO-ISAC

ngoisac.org

0

NGO-ISAC is a nonprofit organization dedicated to improving cybersecurity for US-based nonprofits by fostering a large community of professionals and partners. The website serves as a hub for information sharing and community building in the nonprofit cybersecurity space. The organization positions itself as a key defender of important NGOs in the United States. Technically, the website is built on the Wix platform, leveraging modern JavaScript polyfills and standard web technologies. The site is mobile optimized and uses HTTPS with a valid SSL certificate, ensuring secure communications. However, the absence of privacy and cookie policies, as well as lack of explicit contact information, limits its privacy compliance and user trust. Security posture is decent with HTTPS but lacks advanced security headers and vulnerability disclosure mechanisms. Overall, the site is professional and trustworthy but could improve transparency and compliance aspects.

N

National Cybersecurity Alliance

staysafeonline.org

0

The National Cybersecurity Alliance is a recognized non-profit organization dedicated to promoting cybersecurity awareness and education. Their website serves as a resource hub offering online safety articles and connecting users with industry experts and educators. The organization targets a general audience interested in improving cybersecurity practices. Technically, the website is built using Framer, employs Google Fonts and Google Analytics, and is served over HTTPS, indicating a modern and secure infrastructure. However, the absence of explicit privacy and cookie policies, security headers, and contact information suggests areas for improvement in compliance and transparency. Overall, the site presents a professional and trustworthy front consistent with its non-profit mission.