warchild.org.uk

HTML metadata

Title: War Child UK - A safe future for every child living through war
Description: War Child protects, educates, and stands up for the rights of children in war. Donate, fundraise, join us - ensure a safe future for every child living through war.
Language: en
Generator: Drupal 10 (https://www.drupal.org)
Canonical: https://warchild.org.uk/

Open Graph

url: https://warchild.org.uk/
title: War Child UK - A safe future for every child living through war
site name: War Child
description: War Child protects, educates, and stands up for the rights of children in war. Donate, fundraise, join us - ensure a safe future for every child living through war.

Technology

CDN: Cloudflare
CMS: Drupal

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (8)

services.postcodeanywhere.co.uk×2
cdn-ukwest.onetrust.com×1
cdn.jsdelivr.net×1
dev.visualwebsiteoptimizer.com×1
placeimg.com×1
r1-t.trackedlink.net×1
www.fundraisingregulator.org.uk×1
www.googletagmanager.com×1

Social

Registration

Registrar

Safenames Ltd

Created

1998-12-23

Expires

2026-12-23 218 days left

Updated

2024-12-16

Name servers

hunts.ns.cloudflare.com.
monika.ns.cloudflare.com.

DNS records live

NS

hunts.ns.cloudflare.com
monika.ns.cloudflare.com

MX

0 warchild-org-uk.mail.protection.outlook.com

TXT

Show 7 TXT records

google-site-verification=0KxmBxlTnR3wUT5w3A5u8pthITjFx4MDaxjji81n8-o
MS=ms15048359
SFMC-TBy7U4YKW9L38NkgnNfInS4P7ZAiFjPwivPOCOqy
_owcxuf6eulh4lck6ofqb96casd80fxq
_qjztw3d7u8ztc4skhlhi9m9tdyi1fna
ciscocidomainverification=104533b1bacab76ca94a0e72846443fb0f71b125af75423c723d578ec3cfa1b6
cm3gjv8pckw4f3kd7zvfnwr8hc7jj1xx

Email authentication strong

SPF

v=spf1 ip4:79.173.182.22 include:spf.protection.outlook.com include:eu._netblocks.mimecast.com include:spf.mandrillapp.com include:spf1.service.formassembly.com include:outmail-do2.hireserve.com include:_spf.salesforce.com include:spf.mandrillapp.com include:amazonses.com include:_spf.e-activist.com ~all

softfail (~all)

DMARC

v=DMARC1;p=none;

policy: none (monitoring only)

DKIM

k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

WE1

from 2026-05-01 to 2026-07-30

Expires in 72 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://warchild.org.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), fullscreen=self, geolocation=self, microphone=()
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.youtube.com *.googleapis.com *.typekit.net *.googletagmanager.com *.hotjar.com *.google-analytics.com *.ssl.google-analytics.com *.ads-twitter.com *.licdn.com *.googleadservices.com *.facebook.net *.twitter.com *.doubleclick.net *.cloudflare.com www.gstatic.com polyfill.io *.tagmanager.google.com googleads.g.doubleclick.net *.in.hotjar.com *.linkedin.com *.msgfocus.com *.ytimg.com static.doubleclick.net connect.facebook.net *.ads-twitter.com *.google.co.uk cc.cdn.civiccomputing.com *.formstack.com js.stripe.com *.postcodeanywhere.co.uk cdn-ukwest.onetrust.com *.visualwebsiteoptimizer.com c5.adalyser.com r1-t.trackedlink.net cdn.jsdelivr.net analytics.tiktok.com pixel.byspotify.com warchild.tfaforms.net *.instagram.com bat.bing.com event.getblue.io *.googlesyndication.com https://tags.srv.stackadapt.com https://srv.stackadapt.com https://ap.srv.stackadapt.com https://east.srv.stackadapt.com https://uw.srv.stackadapt.com h
strict-transport-security: max-age=15552000