worldwish.org

HTML metadata

Title: Home - Make-A-Wish
Description: Make-A-Wish International helps to grant life-changing wishes to children facing critical illnesses in nearly 50 countries around the world.
Language: en-GB
Generator: WordPress 6.9.4
Canonical: https://worldwish.org/

Open Graph

url: https://worldwish.org/
title: Home
locale: en_GB
site name: Make-A-Wish
description: Make-A-Wish International helps to grant life-changing wishes to children facing critical illnesses in nearly 50 countries around the world.

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.googleapis.com×2
www.googletagmanager.com×2
fonts.gstatic.com×1
gmpg.org×1
www.google.com×1

Social

Contact

Phone

+1 602 834 3135

Address

Frits Spitsstraat 1, 1217 WC, Hilversum, the Netherlands

Registration

Registrar

GoDaddy.com, LLC

Created

2001-05-22

Expires

2026-05-22 3 days left

Updated

2025-12-29

Name servers

pdns13.domaincontrol.com
pdns14.domaincontrol.com

DNS records live

NS

pdns13.domaincontrol.com
pdns14.domaincontrol.com

MX

5 worldwish-org.mail.protection.outlook.com

TXT

Show 7 TXT records

google-site-verification=iFuoYBqc3VKMT_hsgkDz4JwG9URkKGt4J2YHZ5aAUdo
prowly-verification=163395a324c8f292fcd0c8d23004514c3698b74c9338a8a79c264644618dea31
google-site-verification=XZGK_eVoUd2klH0BSU9k8RJr2yLICSUVh8B_O-6K4KE
v=verifydomain MS=2596467
linkedin-site-verification=54de4f4c-9916-4dd9-a6e6-db9d7a56edee
brevo-code:f59667b724d3f7df4d69c62f06ae86c9
rippling-domain-verification=30c69a86ad3df827

Email authentication strong

SPF

v=spf1 a mx include:spf.protection.outlook.com include:_spf.createsend.com include:_spf.salesforce.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarc@worldwish.org,mailto:rua@dmarc.brevo.com; ruf=mailto:technicalsupport@worldwish.org

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrl54N+RsI8xIoIcvHBAec8V7/HzZRfcFd7yjvQQUuCpRbBi8Y1nEWyP5e5XEbKnmwx+zC+7bDbVFYmeUZTP…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqWMd/czKFOxjbCr226sCBSANLGWm6nxgHXvzAkl4Kc/ZCtBxNJyO0HFzaUaIWV/I+UkEJD0v4Hucx…

selectors probed

Certificate (current)

E8

from 2026-04-23 to 2026-07-22

Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://worldwish.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: connect-src *.google-analytics.com www.google-analytics.com *.analytics.google.com *.worldwish.org *.cloudflare.com *.doubleclick.net *.hotjar.com *.hotjar.io wss://ws.hotjar.com fndrsp.net activity.wisepops.com worldwish.org wisepops.net px.ads.linkedin.com tracking.wisepops.com analytics.google.com conversions-config.reddit.com facebook.com *.facebook.com *.google.co.uk *.redditstatic.com fndrsp.net fndrsp-checkout.net *.fundraiseup.com *.stripe.com *.paypal.com *.paypalobjects.com *.plaid.com *.mastercard.com *.checkout.visa.com pay.google.com https://google.com/pay api.addressy.com fundraiseupobjects.com translate.googleapis.com px4.ads.linkedin.com translate-pa.googleapis.com pagead2.googlesyndication.com https://www.google.com upload.uploadcare.com q.clarity.ms donorbox.org p.clarity.ms w.clarity.ms r.clarity.ms i.clarity.ms b.clarity.ms *.google.com *.googleadservices.com t.clarity.ms v.clarity.ms z.clarity.ms *.visualwebsiteoptimizer.com app.vwo.com *.clarity.ms google.com
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (8)

Linked from (1)

esamarathon.com×2