urlscan.io logo urlscan.io
SecurityTrails logo

secure1.wwf.ca Open in urlscan Pro
20.48.202.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?target=%7B%22TargetU...
Effective URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Submission: On August 01 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 39 HTTP transactions. The main IP is 20.48.202.166, located in Toronto, Canada and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is secure1.wwf.ca.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on June 15th 2024. Valid for: 6 months.
This is the only time secure1.wwf.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20.48.201.128 8075 (MICROSOFT...)
1 20.150.31.4 8075 (MICROSOFT...)
12 20.48.202.166 8075 (MICROSOFT...)
3 172.253.115.97 15169 (GOOGLE)
2 157.240.229.1 32934 (FACEBOOK)
2 172.253.122.113 15169 (GOOGLE)
1 142.251.167.155 15169 (GOOGLE)
2 142.251.16.94 15169 (GOOGLE)
2 157.240.229.35 32934 (FACEBOOK)
1 3.162.114.192 16509 (AMAZON-02)
2 13.107.246.40 8075 (MICROSOFT...)
2 20.150.31.228 8075 (MICROSOFT...)
1 2 52.46.143.56 16509 (AMAZON-02)
1 142.251.111.155 15169 (GOOGLE)
1 172.253.115.147 15169 (GOOGLE)
3 20.10.16.51 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 204.79.197.237 8068 (MICROSOFT...)
39 18
2    20.48.201.128 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public-can.mkt.dynamics.com
1    20.150.31.4 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cxppcan1rdrect01sa02cdn.blob.core.windows.net
12    20.48.202.166 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
secure1.wwf.ca
3    172.253.115.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f97.1e100.net
www.googletagmanager.com
2    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
2    172.253.122.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f113.1e100.net
analytics.google.com
1    142.251.167.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net
stats.g.doubleclick.net
2    142.251.16.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
www.google.ca
2    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
1    3.162.114.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-114-192.iad61.r.cloudfront.net
c.amazon-adsystem.com
2    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    20.150.31.228 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wwwfcstorageprod.blob.core.windows.net
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
googleads.g.doubleclick.net
1    172.253.115.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f147.1e100.net
www.google.com
3    20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
z.clarity.ms
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
12 wwf.ca
secure1.wwf.ca
1 MB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
z.clarity.ms — Cisco Umbrella Rank: 8883
c.clarity.ms — Cisco Umbrella Rank: 1838
29 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 399
6 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
64 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
286 KB
3 windows.net
cxppcan1rdrect01sa02cdn.blob.core.windows.net
wwwfcstorageprod.blob.core.windows.net
398 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
127 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
2 dynamics.com
public-can.mkt.dynamics.com
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
775 B
39 12
Domain Requested by
12 secure1.wwf.ca cxppcan1rdrect01sa02cdn.blob.core.windows.net
secure1.wwf.ca
3 z.clarity.ms www.clarity.ms
3 www.googletagmanager.com secure1.wwf.ca
public-can.mkt.dynamics.com
www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 s.amazon-adsystem.com 1 redirects secure1.wwf.ca
2 wwwfcstorageprod.blob.core.windows.net secure1.wwf.ca
2 www.clarity.ms public-can.mkt.dynamics.com
www.clarity.ms
2 www.facebook.com secure1.wwf.ca
2 www.google.ca secure1.wwf.ca
2 analytics.google.com www.googletagmanager.com
2 connect.facebook.net secure1.wwf.ca
connect.facebook.net
2 public-can.mkt.dynamics.com cxppcan1rdrect01sa02cdn.blob.core.windows.net
1 c.bing.com 1 redirects
1 www.google.com secure1.wwf.ca
1 googleads.g.doubleclick.net www.googletagmanager.com
1 c.amazon-adsystem.com public-can.mkt.dynamics.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cxppcan1rdrect01sa02cdn.blob.core.windows.net public-can.mkt.dynamics.com
39 18

This site contains links to these domains. Also see Links.

Domain
wwf.ca
Subject Issuer Validity Valid
prdia888cca0aks.mkt.dynamics.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-07-08 -
2025-07-03		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-17 -
2025-06-12		 a year crt.sh
secure1.wwf.ca
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-06-15 -
2024-12-15		 6 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-11 -
2024-08-09		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.ca
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Frame ID: FB149C2EE402A0667D0AFE71230A2292
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HELP WILDLIFE THRIVE

Page URL History Show full URLs

  1. https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?... Page URL
  2. https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

95 %
HTTPS

0 %
IPv6

12
Domains

18
Subdomains

18
IPs

2
Countries

1991 kB
Transfer

5062 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fsecure1.wwf.ca%252FDonation%252F3472-en%252F%253F%2526pck%253DFN62%22%2C%22RedirectOptions%22%3A%7B%221%22%3Anull%2C%222%22%3A%7B%22utm_medium%22%3A%22email Page URL
  2. https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://s.amazon-adsystem.com/iu3?pid=d900fcdd-3466-4c9a-8254-80df65210542&event=PageView&ts=1722538787054 HTTP 302
  • https://s.amazon-adsystem.com/iu3?pid=d900fcdd-3466-4c9a-8254-80df65210542&event=PageView&ts=1722538787054&dcc=t
Request Chain 34
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=26007114D1DA4125BE1DF3A0B8307AA5&RedC=c.clarity.ms&MXFR=2BA0A0FFC0C764A013EDB431C4C76ACE HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26007114D1DA4125BE1DF3A0B8307AA5&MUID=1B102F79E96D66AB02803BB7E8C767DA

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
q6RUPBc5YkC9I7xKxtXlBgwAAAA
public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/ 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fsecure1.wwf.ca%252FDonation%252F3472-en%252F%253F%2526pck%253DFN62%22%2C%22RedirectOptions%22%3A%7B%221%22%3Anull%2C%222%22%3A%7B%22utm_medium%22%3A%22email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.48.201.128 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
f25dd9ac3a0d73d09a4fae7ba532b98084fe44ed2cb29ab7920ab4a19e94e6ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
951
Content-Type
text/html
Date
Thu, 01 Aug 2024 18:59:44 GMT
Server
nginx
Strict-Transport-Security
max-age=2592000; preload
x-content-type-options
nosniff
x-ms-trace-id
86eec666a0d386278d0f98e3915bdbf0
BotDetection.bundle.js
cxppcan1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cxppcan1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js
Requested by
Host: public-can.mkt.dynamics.com
URL: https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fsecure1.wwf.ca%252FDonation%252F3472-en%252F%253F%2526pck%253DFN62%22%2C%22RedirectOptions%22%3A%7B%221%22%3Anull%2C%222%22%3A%7B%22utm_medium%22%3A%22email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.31.4 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e9c05b187c2fc087941c89378813b7c179df17d5ef2ec3e22316b98b08a48e9b

Request headers

Referer
https://public-can.mkt.dynamics.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 01 Aug 2024 18:59:43 GMT
Last-Modified
Mon, 08 Jul 2024 06:42:25 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
2Gf+JwfY1OVHdaK9ZYWxDw==
ETag
0x8DC9F19212CA7B5
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
f6c9fc49-e01e-0032-4d44-e41825000000
x-ms-version
2009-09-19
Content-Length
32500
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
q6RUPBc5YkC9I7xKxtXlBiS-YXdvEFtKugsul9odGpw
public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/cp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/cp/q6RUPBc5YkC9I7xKxtXlBiS-YXdvEFtKugsul9odGpw
Requested by
Host: cxppcan1rdrect01sa02cdn.blob.core.windows.net
URL: https://cxppcan1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.48.201.128 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

Referer
https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fsecure1.wwf.ca%252FDonation%252F3472-en%252F%253F%2526pck%253DFN62%22%2C%22RedirectOptions%22%3A%7B%221%22%3Anull%2C%222%22%3A%7B%22utm_medium%22%3A%22email
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 01 Aug 2024 18:59:44 GMT
Strict-Transport-Security
max-age=2592000; preload
Server
nginx
Connection
keep-alive
x-ms-trace-id
41e4a242a56a0bddb6f50903741ac73a
Content-Length
0
Primary Request /
secure1.wwf.ca/Donation/3472-en/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Requested by
Host: cxppcan1rdrect01sa02cdn.blob.core.windows.net
URL: https://cxppcan1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
18aeb33ae55d09c9cf4c479a523ccb49a07163d42ec6a12e9b890efbef91fd13
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://public-can.mkt.dynamics.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Aug 2024 18:59:44 GMT
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=2592000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
ASP.NET
js
www.googletagmanager.com/gtag/ 		325 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V0KTJYJVKD
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
b270fe4a9713f7e80929517e3c8cc93ce68a5b794ae21d814bb71eddd072648e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 18:59:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
108609
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Aug 2024 18:59:45 GMT
styles.css
secure1.wwf.ca/build/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/assets/css/styles.css
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0cabb436af3318f77d6b0b0952e550587952f740f43a201994c313fcb8028b1a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:36:28 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe44e8bd3b4"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache
Accept-Ranges
bytes
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
bootstrap.min.css
secure1.wwf.ca/build/assets/css/ 		157 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/assets/css/bootstrap.min.css
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:36:28 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe44e89ac88"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache
Accept-Ranges
bytes
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
12.a04e6bba.chunk.css
secure1.wwf.ca/build/static/css/ 		90 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/static/css/12.a04e6bba.chunk.css
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
23c546d82404096aa39836095ac4f55e1892d3df65fff06cacee639c2a5e4620
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:38:50 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe4a32e3fc7"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache
Accept-Ranges
bytes
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
12.b109d480.chunk.js
secure1.wwf.ca/build/static/js/ 		2 MB
819 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/static/js/12.b109d480.chunk.js
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1550576e4ff2a7344deb4bb1e4b1bee332672d732923952510fea68173b60b4e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:38:50 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe4a30ccea5"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
main.54768c43.chunk.js
secure1.wwf.ca/build/static/js/ 		835 KB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/static/js/main.54768c43.chunk.js
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c3577d4ec5291e6246e6257781c60ca08ca910a67af41e8e9c44a4c5bb044f4c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:44 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:38:50 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe4a32253cf"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Aug 2024 18:59:45 GMT
document-policy
force-load-at-top
x-fb-server-load
24
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1316, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
bYXb+7LkznS+tKw/La6aWulfKGJH8umcdFSItM+89uJFftXdgMQSgy0ILmigA0L5onbWKNjah30GEFUutKAkSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-V0KTJYJVKD&gtm=45je47v0v9177428087za200&_p=1722538785450&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=86285778.1722538786&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722538785&sct=1&seg=0&dl=https%3A%2F%2Fsecure1.wwf.ca%2FDonation%2F3472-en%2F%3F%26pck%3DFN62%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_source%3DD365%26utm_campaign%3DFN62&dr=https%3A%2F%2Fpublic-can.mkt.dynamics.com%2F&dt=HELP%20WILDLIFE%20THRIVE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=768
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V0KTJYJVKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f113.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure1.wwf.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V0KTJYJVKD&cid=86285778.1722538786&gtm=45je47v0v9177428087za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V0KTJYJVKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure1.wwf.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V0KTJYJVKD&cid=86285778.1722538786&gtm=45je47v0v9177428087za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=361295469
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
411882879530682
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/411882879530682?v=2.9.162&r=stable&domain=secure1.wwf.ca&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
70238340a520bcc4d3602c2da3e7c6cea6924ef2d1cc574c6de792f9e8e8f3ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Aug 2024 18:59:46 GMT
document-policy
force-load-at-top
x-fb-server-load
51
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=47, rtx=1, c=48, mss=1316, tbw=64184, tp=-1, tpl=-1, uplat=119, ullat=0
pragma
public
x-fb-debug
f/X3yN681t/NkB8QccH+ZhmYOz8IhziVTqFDacom+jbn3q6xGFA3b8PSXFYO3quA4FbZRH+F7HPxfy5prLzQHA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=411882879530682&ev=PageView&dl=https%3A%2F%2Fsecure1.wwf.ca%2FDonation%2F3472-en%2F%3F%26pck%3DFN62%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_source%3DD365%26utm_campaign%3DFN62%23msdynmkt_trackingcontext%3D3c54a4ab-3917-4062-bd23-bc4ac6d5e506&rl=https%3A%2F%2Fpublic-can.mkt.dynamics.com%2F&if=false&ts=1722538786141&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722538786140.607714091384484987&ler=other&cdl=API_unavailable&it=1722538785945&coo=false&rqm=GET
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2827, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Aug 2024 18:59:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=411882879530682&ev=PageView&dl=https%3A%2F%2Fsecure1.wwf.ca%2FDonation%2F3472-en%2F%3F%26pck%3DFN62%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_source%3DD365%26utm_campaign%3DFN62%23msdynmkt_trackingcontext%3D3c54a4ab-3917-4062-bd23-bc4ac6d5e506&rl=https%3A%2F%2Fpublic-can.mkt.dynamics.com%2F&if=false&ts=1722538786141&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722538786140.607714091384484987&ler=other&cdl=API_unavailable&it=1722538785945&coo=false&rqm=FGET
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 01 Aug 2024 18:59:46 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398247752644398297", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=15, mss=1316, tbw=3145, tp=-1, tpl=-1, uplat=91, ullat=0
pragma
no-cache
x-fb-debug
MRHK1o8dyOW7AOcNUIHHAkUoErekE49syL9Vb59y7TlJ8LmbNISQWHYwlKGRVehpVZ5AAeR33Dp25JD3628n2g==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398247752644398297"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		282 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W2L6FFCP&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: public-can.mkt.dynamics.com
URL: https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fsecure1.wwf.ca%252FDonation%252F3472-en%252F%253F%2526pck%253DFN62%22%2C%22RedirectOptions%22%3A%7B%221%22%3Anull%2C%222%22%3A%7B%22utm_medium%22%3A%22email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
938339cc73724eb775c9cf5caee3de5c26994a16a4d35190e369bab8a0661ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 18:59:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98189
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 18:59:46 GMT
3472-en
secure1.wwf.ca/donation/getDonation/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/donation/getDonation/3472-en
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/build/static/js/12.b109d480.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
49ebe0a9ca6575b3fb8849d8efbda50c64da679ea7d796cc12715ba6f652a987
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:46 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
amzn.js
c.amazon-adsystem.com/aat/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aat/amzn.js
Requested by
Host: public-can.mkt.dynamics.com
URL: https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fsecure1.wwf.ca%252FDonation%252F3472-en%252F%253F%2526pck%253DFN62%22%2C%22RedirectOptions%22%3A%7B%221%22%3Anull%2C%222%22%3A%7B%22utm_medium%22%3A%22email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.114.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-114-192.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
931b0f440c206392e00791afe9e625a8d1540e78f66d725663ca431d8c36f14d

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
KuRVgCPoCuzf74SAKKbr4C_V_.WpQwdp
content-encoding
gzip
via
1.1 7c325f2607fc0c1ae15500b51b245812.cloudfront.net (CloudFront), 1.1 bbdd9119a4551c40158761d607b7997a.cloudfront.net (CloudFront)
date
Thu, 01 Aug 2024 17:55:24 GMT
last-modified
Wed, 31 Jul 2024 19:09:31 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P5, IAD61-P2
x-amz-server-side-encryption
AES256
etag
W/"0ab8eccbf6ca1f3672e2b59dde60f689"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
umBbK1kOnKhPU_X6xpv2kVQyXCqmdeo1blky65prXMwoaxI72QCI8g==
destination
www.googletagmanager.com/gtag/ 		232 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10870065463&l=MCRMDataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2L6FFCP&l=MCRMDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
511650511a2b77fce01ae9f09a284fdcf4838a7b737473c57a6b43cf8f802188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 18:59:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85117
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Aug 2024 18:59:47 GMT
lcisl9b47t
www.clarity.ms/tag/ 		637 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/lcisl9b47t?ref=gtm2
Requested by
Host: public-can.mkt.dynamics.com
URL: https://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/q6RUPBc5YkC9I7xKxtXlBgwAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fsecure1.wwf.ca%252FDonation%252F3472-en%252F%253F%2526pck%253DFN62%22%2C%22RedirectOptions%22%3A%7B%221%22%3Anull%2C%222%22%3A%7B%22utm_medium%22%3A%22email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
98efdf0907a005a0fd324fdd345ff17bb2e9508c272d74610a013bec7f6b0aea

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
date
Thu, 01 Aug 2024 18:59:47 GMT
x-azure-ref
20240801T185947Z-17fd6bb7c96f2mcrazt3zxgsgw0000000b3g00000000fz0w
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
expires
-1
7.ac979bb8.chunk.js
secure1.wwf.ca/build/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/static/js/7.ac979bb8.chunk.js
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
97d44f7da63125a3d945ae938e3a425c1539a0493419e0efc7e4c0903946753a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:46 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:38:50 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe4a32f5458"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
open-sans-latin-400-normal.a1535f45.woff2
secure1.wwf.ca/build/static/media/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/static/media/open-sans-latin-400-normal.a1535f45.woff2
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/build/static/css/12.a04e6bba.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/build/static/css/12.a04e6bba.chunk.css
Origin
https://secure1.wwf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:46 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:38:50 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe4a32f1864"
X-Powered-By
ASP.NET
Content-Type
font/woff2
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
16740
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
MissionCRM_Label.fa23e274.svg
secure1.wwf.ca/build/static/media/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure1.wwf.ca/build/static/media/MissionCRM_Label.fa23e274.svg
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f47d565ab6a6d0343981da572d1403cff2d08405f28e3a8b3ab6c02519bd8b68
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:46 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:38:50 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe4a32f42c0"
X-Powered-By
ASP.NET
Content-Type
image/svg+xml
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
7104
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
wwf.woff
secure1.wwf.ca/build/assets/fonts/wwfc/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/assets/fonts/wwfc/wwf.woff
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7140e8b7245a2ce8104ea5830a5c0d8248a056c2827811b199d05c893c2f6b3c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Origin
https://secure1.wwf.ca
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:46 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:36:28 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe44e8b59ec"
X-Powered-By
ASP.NET
Content-Type
application/font-woff
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
34796
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
WW1353289-1200x960_2.jpg
wwwfcstorageprod.blob.core.windows.net/imagecontainer/original/ 		359 KB
359 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwfcstorageprod.blob.core.windows.net/imagecontainer/original/WW1353289-1200x960_2.jpg
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.31.228 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0509a46fa970b21b8ab8efd61c88b079e18ec4ebad37c5da727f52ba948af6b6

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 01 Aug 2024 18:59:47 GMT
Last-Modified
Tue, 09 Jul 2024 15:39:14 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ecj8c0zxTPccUqvX36ViNQ==
ETag
0x8DCA02D492DAD4C
Content-Type
application/octet-stream
x-ms-request-id
afd1372a-801e-0068-0c44-e4ac21000000
x-ms-version
2009-09-19
Content-Length
367626
iu3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?pid=d900fcdd-3466-4c9a-8254-80df65210542&event=PageView&ts=1722538787054
  • https://s.amazon-adsystem.com/iu3?pid=d900fcdd-3466-4c9a-8254-80df65210542&event=PageView&ts=1722538787054&dcc=t
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?pid=d900fcdd-3466-4c9a-8254-80df65210542&event=PageView&ts=1722538787054&dcc=t
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 01 Aug 2024 18:59:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YBX375PN6T765WAV1EST
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?pid=d900fcdd-3466-4c9a-8254-80df65210542&event=PageView&ts=1722538787054&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
001Logo.png
wwwfcstorageprod.blob.core.windows.net/imagecontainer/original/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwfcstorageprod.blob.core.windows.net/imagecontainer/original/001Logo.png
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.31.228 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
167f34d1d098ae69b4a5cb27f1ce7d36406d83f13243f533a35a7546c5c63866

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 01 Aug 2024 18:59:46 GMT
Last-Modified
Tue, 27 Feb 2024 06:20:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
j+9ar6bwmUXxkSFxWQr4cg==
ETag
0x8DC375C21D35E10
Content-Type
application/octet-stream
x-ms-request-id
04f6e359-b01e-005c-5044-e49fe9000000
x-ms-version
2009-09-19
Content-Length
5813
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10870065463/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10870065463/?random=1722538787264&cv=11&fst=1722538787264&bg=ffffff&guid=ON&async=1&gtm=45be47v0v887483333z89182516494za201zb9182516494&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure1.wwf.ca%2FDonation%2F3472-en%2F%3F%26pck%3DFN62%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_source%3DD365%26utm_campaign%3DFN62&ref=https%3A%2F%2Fpublic-can.mkt.dynamics.com%2F&hn=www.googleadservices.com&frm=0&tiba=HELP%20WILDLIFE%20THRIVE&npa=0&pscdl=noapi&auid=478618593.1722538787&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10870065463&l=MCRMDataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
e072f91bef6d9b798611127b21b0d3aeef64f28fef08dea923e68cf92fc97157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1480
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lcisl9b47t?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 18:59:47 GMT
content-encoding
br
last-modified
Wed, 31 Jul 2024 18:02:07 GMT
etag
W/"0x8DCB18AE4A3A82B"
vary
Accept-Encoding
x-azure-ref
20240801T185947Z-17fd6bb7c96f2mcrazt3zxgsgw0000000b3g00000000fz11
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
f7af0a9f-501e-0064-6ca7-e3df43000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
/
www.google.com/pagead/1p-user-list/10870065463/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10870065463/?random=1722538787264&cv=11&fst=1722535200000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v887483333z89182516494za201zb9182516494&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure1.wwf.ca%2FDonation%2F3472-en%2F%3F%26pck%3DFN62%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_source%3DD365%26utm_campaign%3DFN62&ref=https%3A%2F%2Fpublic-can.mkt.dynamics.com%2F&hn=www.googleadservices.com&frm=0&tiba=HELP%20WILDLIFE%20THRIVE&npa=0&pscdl=noapi&auid=478618593.1722538787&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL9_fUbcU1Y41j0ZAhlMHVxJ_t-GBfFg&random=3924647316&rmt_tld=0&ipr=y
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/10870065463/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/10870065463/?random=1722538787264&cv=11&fst=1722535200000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v887483333z89182516494za201zb9182516494&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure1.wwf.ca%2FDonation%2F3472-en%2F%3F%26pck%3DFN62%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_source%3DD365%26utm_campaign%3DFN62&ref=https%3A%2F%2Fpublic-can.mkt.dynamics.com%2F&hn=www.googleadservices.com&frm=0&tiba=HELP%20WILDLIFE%20THRIVE&npa=0&pscdl=noapi&auid=478618593.1722538787&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL9_fUbcU1Y41j0ZAhlMHVxJ_t-GBfFg&random=3924647316&rmt_tld=1&ipr=y
Requested by
Host: secure1.wwf.ca
URL: https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
z.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://secure1.wwf.ca
Date
Thu, 01 Aug 2024 18:59:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=26007114D1DA4125BE1DF3A0B8307AA5&RedC=c.clarity.ms&MXFR=2BA0A0FFC0C764A013EDB431C4C76ACE
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26007114D1DA4125BE1DF3A0B8307AA5&MUID=1B102F79E96D66AB02803BB7E8C767DA
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26007114D1DA4125BE1DF3A0B8307AA5&MUID=1B102F79E96D66AB02803BB7E8C767DA
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:47 GMT
last-modified
Tue, 25 Jun 2024 19:54:30 GMT
server
Microsoft-IIS/10.0
etag
"df9747e39c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3B00D5E269EE4AFCBF57F95DB065D180 Ref B: YTO01EDGE0721 Ref C: 2024-08-01T18:59:48Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=26007114D1DA4125BE1DF3A0B8307AA5&MUID=1B102F79E96D66AB02803BB7E8C767DA
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
secure1.wwf.ca/build/favicon/wwfc/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure1.wwf.ca/build/favicon/wwfc/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.48.202.166 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
12ff72b1d9fc6c9a09deb111448d656de241f669ed861d0e4ccaf482ea4db185
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://secure1.wwf.ca/Donation/3472-en/?&pck=FN62&utm_medium=email&utm_term=N%2FA&utm_source=D365&utm_campaign=FN62
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 18:59:46 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Mon, 06 May 2024 18:36:28 GMT
Server
Microsoft-IIS/10.0
ETag
"1da9fe44e8be4ee"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
15086
Request-Context
appId=cid-v1:9f353173-fdb0-45f1-a954-47c6c4b22d5a
collect
z.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://secure1.wwf.ca
Date
Thu, 01 Aug 2024 18:59:48 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
collect
z.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://secure1.wwf.ca
Date
Thu, 01 Aug 2024 18:59:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-V0KTJYJVKD&gtm=45je47v0v9177428087za200&_p=1722538785450&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=86285778.1722538786&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722538785&sct=1&seg=0&dl=https%3A%2F%2Fsecure1.wwf.ca%2FDonation%2F3472-en%2F%3F%26pck%3DFN62%26utm_medium%3Demail%26utm_term%3DN%252FA%26utm_source%3DD365%26utm_campaign%3DFN62&dr=https%3A%2F%2Fpublic-can.mkt.dynamics.com%2F&dt=HELP%20WILDLIFE%20THRIVE&en=scroll&epn.percent_scrolled=90&_et=6&tfd=5778
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V0KTJYJVKD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f113.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://secure1.wwf.ca/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Aug 2024 18:59:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure1.wwf.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| fbq function| _fbq object| webpackJsonpmission-ui object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| MCRMDataLayer number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SENTRY__ function| amzn function| clarity object| WWF_Checkout function| renewToken function| updateToken function| deleteToken object| GooglebQhCsO

17 Cookies

Domain/Path Name / Value
.wwf.ca/ Name: _ga
Value: GA1.1.86285778.1722538786
.wwf.ca/ Name: _ga_V0KTJYJVKD
Value: GS1.1.1722538785.1.0.1722538785.60.0.0
.wwf.ca/ Name: _fbp
Value: fb.1.1722538786140.607714091384484987
.wwf.ca/ Name: _gcl_au
Value: 1.1.478618593.1722538787
www.clarity.ms/ Name: CLID
Value: 3a10fba77e0a4cf5886359676f8ebc7d.20240801.20250801
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.amazon-adsystem.com/ Name: ad-id
Value: A58rYd78G0D4hAiBuNHDbcM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.wwf.ca/ Name: _clck
Value: rkrfq1%7C2%7Cfny%7C0%7C1674
.bing.com/ Name: MUID
Value: 1B102F79E96D66AB02803BB7E8C767DA
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1B102F79E96D66AB02803BB7E8C767DA
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1B102F79E96D66AB02803BB7E8C767DA
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.wwf.ca/ Name: _clsk
Value: raarc%7C1722538788412%7C1%7C1%7Cz.clarity.ms%2Fcollect

1 Console Messages

Source Level URL
Text
network error URL: https://cxppcan1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js(Line 1)
Message:
WebSocket connection to 'wss://public-can.mkt.dynamics.com/api/orgs/b193768c-c1ff-ed11-a66e-0022486dbef7/r/test' failed: Error during WebSocket handshake: Unexpected response code: 404

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
connect.facebook.net
cxppcan1rdrect01sa02cdn.blob.core.windows.net
googleads.g.doubleclick.net
public-can.mkt.dynamics.com
s.amazon-adsystem.com
secure1.wwf.ca
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
wwwfcstorageprod.blob.core.windows.net
z.clarity.ms
13.107.246.40
142.251.111.155
142.251.16.94
142.251.167.155
157.240.229.1
157.240.229.35
172.253.115.147
172.253.115.97
172.253.122.113
20.10.16.51
20.110.205.119
20.150.31.228
20.150.31.4
20.48.201.128
20.48.202.166
204.79.197.237
3.162.114.192
52.46.143.56
0509a46fa970b21b8ab8efd61c88b079e18ec4ebad37c5da727f52ba948af6b6
0cabb436af3318f77d6b0b0952e550587952f740f43a201994c313fcb8028b1a
12ff72b1d9fc6c9a09deb111448d656de241f669ed861d0e4ccaf482ea4db185
1550576e4ff2a7344deb4bb1e4b1bee332672d732923952510fea68173b60b4e
167f34d1d098ae69b4a5cb27f1ce7d36406d83f13243f533a35a7546c5c63866
18aeb33ae55d09c9cf4c479a523ccb49a07163d42ec6a12e9b890efbef91fd13
23c546d82404096aa39836095ac4f55e1892d3df65fff06cacee639c2a5e4620
49ebe0a9ca6575b3fb8849d8efbda50c64da679ea7d796cc12715ba6f652a987
511650511a2b77fce01ae9f09a284fdcf4838a7b737473c57a6b43cf8f802188
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
70238340a520bcc4d3602c2da3e7c6cea6924ef2d1cc574c6de792f9e8e8f3ec
7140e8b7245a2ce8104ea5830a5c0d8248a056c2827811b199d05c893c2f6b3c
931b0f440c206392e00791afe9e625a8d1540e78f66d725663ca431d8c36f14d
938339cc73724eb775c9cf5caee3de5c26994a16a4d35190e369bab8a0661ac9
97d44f7da63125a3d945ae938e3a425c1539a0493419e0efc7e4c0903946753a
98efdf0907a005a0fd324fdd345ff17bb2e9508c272d74610a013bec7f6b0aea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b270fe4a9713f7e80929517e3c8cc93ce68a5b794ae21d814bb71eddd072648e
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
c3577d4ec5291e6246e6257781c60ca08ca910a67af41e8e9c44a4c5bb044f4c
e072f91bef6d9b798611127b21b0d3aeef64f28fef08dea923e68cf92fc97157
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c05b187c2fc087941c89378813b7c179df17d5ef2ec3e22316b98b08a48e9b
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25dd9ac3a0d73d09a4fae7ba532b98084fe44ed2cb29ab7920ab4a19e94e6ac
f47d565ab6a6d0343981da572d1403cff2d08405f28e3a8b3ab6c02519bd8b68
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194