urlscan.io logo urlscan.io
SecurityTrails logo

dawnofmars.com Open in urlscan Pro
162.241.30.119  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dawnofmars.com/
Effective URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Submission: On March 06 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 37 HTTP transactions. The main IP is 162.241.30.119, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is dawnofmars.com.
This is the only time dawnofmars.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 162.241.30.119 46606 (UNIFIEDLA...)
5 107.162.138.125 55002 (DEFENSE-NET)
1 2a04:4e42:200... 54113 (FASTLY)
1 2 52.222.206.72 16509 (AMAZON-02)
5 18.66.248.19 16509 (AMAZON-02)
3 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
13 2600:9000:224... 16509 (AMAZON-02)
1 3 34.240.134.29 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 92.123.224.33 20940 (AKAMAI-ASN1)
1 15.236.176.210 16509 (AMAZON-02)
2 2 52.51.88.158 16509 (AMAZON-02)
1 18.203.63.125 16509 (AMAZON-02)
37 12
2    162.241.30.119 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5925.bluehost.com
dawnofmars.com
5    107.162.138.125 (United States)

ASN55002 (DEFENSE-NET, US)
www.telus.com
1    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
2    52.222.206.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-72.fra56.r.cloudfront.net
d3gdddol7ipjoy.cloudfront.net
5    18.66.248.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-19.dus51.r.cloudfront.net
cdn.telus.digital
3    2a02:26f0:fb:5a8::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
13    2600:9000:224a:6400:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
3    34.240.134.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-134-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    92.123.224.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-224-33.deploy.static.akamaitechnologies.com
fast.telus.demdex.net
1    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
a.telus.com
2    52.51.88.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-88-158.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    18.203.63.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-63-125.eu-west-1.compute.amazonaws.com
telus.tt.omtrdc.net
Apex Domain
Subdomains		 Transfer
13 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 4327
21 KB
6 telus.com
www.telus.com — Cisco Umbrella Rank: 229186
a.telus.com
493 KB
5 telus.digital
cdn.telus.digital — Cisco Umbrella Rank: 297570
114 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
fast.telus.demdex.net
7 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 515
111 KB
2 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 878
772 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
115 KB
2 cloudfront.net
d3gdddol7ipjoy.cloudfront.net
788 KB
2 dawnofmars.com
dawnofmars.com
38 KB
1 omtrdc.net
telus.tt.omtrdc.net — Cisco Umbrella Rank: 407580
536 B
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2002
651 B
37 11
Domain Requested by
13 images.ctfassets.net dawnofmars.com
5 cdn.telus.digital dawnofmars.com
5 www.telus.com dawnofmars.com
3 dpm.demdex.net 1 redirects assets.adobedtm.com
dawnofmars.com
3 assets.adobedtm.com dawnofmars.com
assets.adobedtm.com
2 cm.everesttech.net 2 redirects
2 connect.facebook.net assets.adobedtm.com
connect.facebook.net
2 d3gdddol7ipjoy.cloudfront.net 1 redirects dawnofmars.com
2 dawnofmars.com dawnofmars.com
1 telus.tt.omtrdc.net assets.adobedtm.com
1 a.telus.com assets.adobedtm.com
1 fast.telus.demdex.net assets.adobedtm.com
1 cdn.polyfill.io dawnofmars.com
37 13
Subject Issuer Validity Valid
www.telus.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-13 -
2022-12-12		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
cdn.telus.digital
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-15 -
2022-06-20		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
images.ctfassets.net
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-13 -
2022-03-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Frame ID: 6CB57C43F0E2EACE24DF8B16B0D08CFF
Requests: 36 HTTP requests in this frame

Frame: http://fast.telus.demdex.net/dest5.html?d_nsid=0
Frame ID: 94A60DBAA45186EFE25242D15F781D5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My TELUS - Log in to manage your TELUS account | TELUSSupportFind a store Contact usSupportFind a store Contact us

Page URL History Show full URLs

  1. http://dawnofmars.com/ Page URL
  2. http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

37
Requests

59 %
HTTPS

31 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

1687 kB
Transfer

5612 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dawnofmars.com/ Page URL
  2. http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js HTTP 301
  • https://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js
Request Chain 32
  • http://cm.everesttech.net/cm/dd?d_uuid=60417716811143748954043807637462521031 HTTP 301
  • https://cm.everesttech.net/cm/dd?d_uuid=60417716811143748954043807637462521031 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiRXCwAAAF6u5AP7 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiRXCwAAAF6u5AP7

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dawnofmars.com/ 		134 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dawnofmars.com/
Protocol
HTTP/1.1
Server
162.241.30.119 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5925.bluehost.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 06 Mar 2022 06:39:06 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length
135
Keep-Alive
timeout=5, max=75
Content-Type
text/html; charset=UTF-8
Primary Request indexx.php
dawnofmars.com/ 		114 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/
Protocol
HTTP/1.1
Server
162.241.30.119 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5925.bluehost.com
Software
Apache /
Resource Hash
ad992343effac3f561ea1ff167aa2cce3d152dca2e884377d68de0f4081242a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/

Response headers

Date
Sun, 06 Mar 2022 06:39:06 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
styles_03d9f66a4b4cbc9c12d2.css
www.telus.com/telus-login/static/ 		69 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.telus.com/telus-login/static/styles_03d9f66a4b4cbc9c12d2.css
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
5a6c0623bd497827f7939c0527ab371d852336c10b599de0e5a7b2558238dff9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:39:07 GMT
Via
1.1 google, 1.1 fra1-bit10021
x-content-type-options
nosniff
x-dns-prefetch-control
off
Connection
Keep-Alive
Content-Encoding
gzip
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jan 2022 15:36:06 GMT
Server
nginx
x-frame-options
SAMEORIGIN
etag
W/"11577-17e5414f270"
x-download-options
noopen
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
Transfer-Encoding
chunked
accept-ranges
bytes
vendor_7943e3c78ff77357d85a.js
www.telus.com/telus-login/static/ 		394 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telus.com/telus-login/static/vendor_7943e3c78ff77357d85a.js
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
05df6749b40aa1b53f7df9192666e1cc8fefc41b4e4fac0d0a60272e0ca4c67b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:39:07 GMT
Via
1.1 google, 1.1 fra1-bit10021
x-content-type-options
nosniff
x-dns-prefetch-control
off
Content-Encoding
gzip
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jan 2022 15:36:06 GMT
Server
nginx
x-frame-options
SAMEORIGIN
etag
W/"628fd-17e5414f270"
x-download-options
noopen
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
Transfer-Encoding
chunked
accept-ranges
bytes
bundle_2ed4f7d5ed764d7ce5da.js
www.telus.com/telus-login/static/ 		581 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telus.com/telus-login/static/bundle_2ed4f7d5ed764d7ce5da.js
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
de6a5ec49457a455533ff3086c3ee8b3c994c5988044fbd148e86f1d51a3b3c8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:39:07 GMT
Via
1.1 google, 1.1 fra1-bit10021
x-content-type-options
nosniff
x-dns-prefetch-control
off
Content-Encoding
gzip
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jan 2022 15:36:06 GMT
Server
nginx
x-frame-options
SAMEORIGIN
etag
W/"9156c-17e5414f270"
x-download-options
noopen
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
Transfer-Encoding
chunked
accept-ranges
bytes
polyfill.js
cdn.polyfill.io/v3/ 		306 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.js?features=es6,es5,Set,Array.prototype.includes,Object.entries,Array.prototype.entries
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d6493b314efed0bbb50a1c152735904e998bc7e6dd0d693d0faef11825b07d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
585921
detected-user-agent
Chrome/99.0.4844
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=21, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
156
referrer-policy
origin-when-cross-origin
last-modified
Sat, 26 Feb 2022 13:17:44 GMT
date
Sun, 06 Mar 2022 06:39:07 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/99.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
chat_widget_component.js
d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/
Redirect Chain
  • http://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js
  • https://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js
3 MB
788 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
52.222.206.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfa5287428dea9f2a7b12e3130dd1848e5a9711d4ac92e600394b2c07f8769db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 02:23:50 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 22 Feb 2022 16:05:04 GMT
Server
AmazonS3
Age
15859
ETag
W/"6c9c015298c009e6e14996d5ff557f7c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P3
X-Amz-Cf-Id
Co45U3qGzaV6FxKN4C7LH63pA6hXnVNUzz35wNYWpD2dUSj_TpoZ5A==

Redirect headers

Date
Sun, 06 Mar 2022 06:39:07 GMT
Via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
s5NLfDyFGN0ifWv706QF96l4Pv_3yAmE58DzPREdaoRFHARg3zmSpA==
aff68211-86bb-476d-882e-f7a3face144c.woff2
cdn.telus.digital/thorium/core/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.telus.digital/thorium/core/fonts/aff68211-86bb-476d-882e-f7a3face144c.woff2
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c

Request headers

Referer
http://dawnofmars.com/
Origin
http://dawnofmars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 03:37:06 GMT
Via
1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
10922
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
50428
Last-Modified
Thu, 20 Feb 2020 23:41:56 GMT
Server
AmazonS3
ETag
"929eac69416d11a543cee859bd33f1bc"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
JguyN89efDCyO_4Ya1T2JrQEi3c-eq2VuQxQVT-7Zm6QpoljM3Hw9w==
b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2
cdn.telus.digital/thorium/core/fonts/etext/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.telus.digital/thorium/core/fonts/etext/b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1

Request headers

Referer
http://dawnofmars.com/
Origin
http://dawnofmars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 01:47:01 GMT
Via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
17527
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19848
Last-Modified
Thu, 20 Feb 2020 23:49:39 GMT
Server
AmazonS3
ETag
"ad426bec3984966214cc48ece827907e"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
1PLzpG9WHokmq9NoIO1gzzLXdbBlXfOfJT8Q4wN8XOdLOIyoc-VFhw==
dc50c02f-3f77-4e75-b89c-e3f9bb4752e6.woff2
cdn.telus.digital/thorium/core/fonts/etext/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.telus.digital/thorium/core/fonts/etext/dc50c02f-3f77-4e75-b89c-e3f9bb4752e6.woff2
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7adbc085f4ca58718317d3c12bafe06e65bffc31b1310d5ef3a005f18155e554

Request headers

Referer
http://dawnofmars.com/
Origin
http://dawnofmars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 03:37:06 GMT
Via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
10922
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19472
Last-Modified
Thu, 20 Feb 2020 23:49:31 GMT
Server
AmazonS3
ETag
"0111190ff5e5c0d280dba5cb62688adc"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
NIicGzmKKzui0sAWZ_Rsfe6ObE1fT7q6XmMSioJELoza5140h2kk4w==
3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2
cdn.telus.digital/thorium/core/fonts/etext/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.telus.digital/thorium/core/fonts/etext/3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58

Request headers

Referer
http://dawnofmars.com/
Origin
http://dawnofmars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 03:18:30 GMT
Via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
12038
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19304
Last-Modified
Thu, 20 Feb 2020 23:49:48 GMT
Server
AmazonS3
ETag
"42691fb7a4691282f7e00bbdcc87c467"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
font/woff2
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
5TWMCTnUU0l1cWmIJmDzsU-KwM7pgplnQwL-33gHOSGKHyg2ttyP_Q==
core-icons.woff2
cdn.telus.digital/thorium/core/v0.4.0/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.telus.digital/thorium/core/v0.4.0/core-icons.woff2
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-19.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4

Request headers

Referer
http://dawnofmars.com/
Origin
http://dawnofmars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 01 Mar 2022 20:01:02 GMT
Via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
383886
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4036
Last-Modified
Mon, 08 Jan 2018 20:08:10 GMT
Server
AmazonS3
ETag
"6a61e48747de876a912bcaa556dacd23"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
VHjurs1OB_slMYYGv413T2MOsC-PE2g40h99mLLgs0yoTzqU6-2zQw==
launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
assets.adobedtm.com/ 		308 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5a8::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ffe4337649e5c901cc03b21952f66fc1b38b8226aad7d70d13830ee15777765f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 06:39:07 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 19:45:47 GMT
server
AkamaiNetStorage
etag
"406e6125d5c38dcfbf7a16e5cc2af1e9:1645472747.853875"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
http://dawnofmars.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
90748
expires
Sun, 06 Mar 2022 07:39:07 GMT
Logo_TELUS.svg
images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/Logo_TELUS.svg
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 07:17:22 GMT
content-encoding
gzip
last-modified
Fri, 29 Jun 2018 18:30:42 GMT
server
Contentful Images API
age
84105
etag
W/"e9c94438527401f924b1e32cbd9fdea9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
RzyOcL_XCNwgnjsDF06Y-bDyOvWVXh39qNr1bqOzoTlR1skAbuGOpw==
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
grass.png
www.telus.com/telus-login/static/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telus.com/telus-login/static/grass.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
3ad77ff4c28dc4a08c6cd1becd3d22dceab81d6b34e2401255f759b5f6bf3662
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:39:07 GMT
Via
1.1 google, 1.1 fra1-bit10021
x-content-type-options
nosniff
x-dns-prefetch-control
off
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
34580
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jan 2022 15:36:06 GMT
Server
nginx
x-frame-options
SAMEORIGIN
etag
W/"8714-17e5414f270"
x-download-options
noopen
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
phone.png
www.telus.com/telus-login/static/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telus.com/telus-login/static/phone.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
a616b9791d131303600202aadd912ea7971fa0bd0b4bb581619638212eb13d1e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:39:07 GMT
Via
1.1 google, 1.1 fra1-bit10021
x-content-type-options
nosniff
x-dns-prefetch-control
off
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
87361
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jan 2022 15:36:06 GMT
Server
nginx
x-frame-options
SAMEORIGIN
etag
W/"15541-17e5414f270"
x-download-options
noopen
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
Download_on_the_App_Store_Badge-2.svg
images.ctfassets.net/fikanzmkdlqn/63wh5ooIuS1xgB8xAHwvQz/d1a390b7c4b88e14941c305e0b2b80ab/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.ctfassets.net/fikanzmkdlqn/63wh5ooIuS1xgB8xAHwvQz/d1a390b7c4b88e14941c305e0b2b80ab/Download_on_the_App_Store_Badge-2.svg
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5bb3ee539bf3f0c7583a4228ab4594dc2f7cb3ba57baa83082a6ac82b2e70f7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 05 Mar 2022 16:32:25 GMT
Content-Encoding
gzip
Age
50803
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 08 Dec 2021 15:57:40 GMT
Server
Contentful Images API
ETag
W/"3ce2bff094273a977907d5a9df0ed4b2"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
vLqaScX98VWPEfTq6TBoSFuIsFVOMsxlXrtUaUjqB2hSCtO1GCKvQw==
google-play-badge.svg
images.ctfassets.net/fikanzmkdlqn/0oRZngdLGyvTYwGZPBxFD/e19a15c77ae3604400033a24c60d4336/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.ctfassets.net/fikanzmkdlqn/0oRZngdLGyvTYwGZPBxFD/e19a15c77ae3604400033a24c60d4336/google-play-badge.svg
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
089357ed2af64609f30dfdeaf6ad88944a3f1e9e80b25f29935e7c4c209e8596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:20:32 GMT
Content-Encoding
gzip
Age
4233
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 08 Dec 2021 15:58:27 GMT
Server
Contentful Images API
ETag
W/"bc52f260f66d68036155b48cf4c8993e"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Via
1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
TlkksL-DPQkzczz6NQXrCWqv-2oTBaIwOMp10BbWCJ4C7ZTdZnE6qg==
youtube_grey.png
images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/9b3533f1f427f80a1d0d94b88a46838a/ 		575 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/9b3533f1f427f80a1d0d94b88a46838a/youtube_grey.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
bfa4124bc3a91dbcecc3fa1034666ac5e3b773c453b6383a3f37ce1ebbbe723d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 06:20:33 GMT
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 20:22:40 GMT
server
Contentful Images API
age
6828
etag
"278d5abd33651b9466e47188b856802d"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
content-length
575
x-amz-cf-id
34qJmUQvf4bbBI6ZZpgHYWthQZMCAleNhVQA422Ilu78wcWUSLX2CA==
linkedin_black.png
images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/4142a65944018d05ea97a32330a87cce/ 		485 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/4142a65944018d05ea97a32330a87cce/linkedin_black.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
8ee0779d3b4df5a0acc07553641f93bfe71627178d72df4f523e1be58cfccceb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 06:20:33 GMT
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 18:59:51 GMT
server
Contentful Images API
age
6829
etag
"0d6356da69ab2c0cdc17a70509d3fd20"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
content-length
485
x-amz-cf-id
PQSgkBKKfK8JRu2dC9obDf0SQykWVJIUVvf7cNprP_7ncK_tB5Hb8w==
instagram_black.png
images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/a3bd363759a87b4547b77763c0795ee6/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/a3bd363759a87b4547b77763c0795ee6/instagram_black.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5a729421e7c4f8f3f34978287eea2dd6c287a0a21c683f217f08b2962a084147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 07:57:23 GMT
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 20:21:30 GMT
server
Contentful Images API
age
81705
etag
"3139cc14d1fd8d2aee760db078eff232"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
content-length
1112
x-amz-cf-id
M6ycQeAGM94ae-ECu0zGPSMCHGwUI77AP75Uu1ZBIvLJfcHMUnje4Q==
logo_twitter.png
images.ctfassets.net/fikanzmkdlqn/hkD1lmVshb1MQ0edzfRwT/aaa832db728d65c28f59745787e15711/ 		899 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/hkD1lmVshb1MQ0edzfRwT/aaa832db728d65c28f59745787e15711/logo_twitter.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
92aa7cd51cb613f9cc5d189ba2347703ac1cad37115ae545672ca7d5a5162e82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 06:20:33 GMT
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 20:20:35 GMT
server
Contentful Images API
age
6829
etag
"d9c6d3560c87dd21c6aa67b2bead3f3e"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
content-length
899
x-amz-cf-id
H8_T9McizuiZw3i97oWywdLhQnSfdtNxNCw734eOE1xPN2HapnWiZw==
logo-facebook.png
images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/f7d6573ddf1fdff72aaa8dfadacb52fc/ 		666 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/f7d6573ddf1fdff72aaa8dfadacb52fc/logo-facebook.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
4e8ca1b1af11367b1fd07e792d1917d86cd675e4ffe55e5b8fe6c0a81be33783

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 06:20:32 GMT
via
1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 18:58:10 GMT
server
Contentful Images API
age
3211
etag
"727d2c566ff8cf8a8cffe137dc6bcc72"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
content-length
666
x-amz-cf-id
7E7xBbvNRRQ5tmONalI3y2umCNf3kPUcP4dq8ccgPLZrWTcPHvokbA==
youtube_grey.png
images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/9b3533f1f427f80a1d0d94b88a46838a/ 		575 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/9b3533f1f427f80a1d0d94b88a46838a/youtube_grey.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
bfa4124bc3a91dbcecc3fa1034666ac5e3b773c453b6383a3f37ce1ebbbe723d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:20:33 GMT
Via
1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 16 Nov 2021 20:22:40 GMT
Server
Contentful Images API
Age
6828
ETag
"278d5abd33651b9466e47188b856802d"
X-Cache
Hit from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
Content-Length
575
X-Amz-Cf-Id
fMFp6Ah4Osy31BaBJ3wvBT2ib81DDa4FmNO9zs1iSiDijEs0F3PIGw==
linkedin_black.png
images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/4142a65944018d05ea97a32330a87cce/ 		485 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/4142a65944018d05ea97a32330a87cce/linkedin_black.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
8ee0779d3b4df5a0acc07553641f93bfe71627178d72df4f523e1be58cfccceb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:20:33 GMT
Via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 16 Nov 2021 18:59:51 GMT
Server
Contentful Images API
Age
6829
ETag
"0d6356da69ab2c0cdc17a70509d3fd20"
X-Cache
Hit from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
Content-Length
485
X-Amz-Cf-Id
DdmLB9mHq1LcqrQx7u91Ubn5mLGKDOIhtGX1vQiUcxZT6oaGMmv8gg==
instagram_black.png
images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/a3bd363759a87b4547b77763c0795ee6/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/a3bd363759a87b4547b77763c0795ee6/instagram_black.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5a729421e7c4f8f3f34978287eea2dd6c287a0a21c683f217f08b2962a084147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 05 Mar 2022 07:57:23 GMT
Via
1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 16 Nov 2021 20:21:30 GMT
Server
Contentful Images API
Age
81705
ETag
"3139cc14d1fd8d2aee760db078eff232"
X-Cache
Hit from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
Content-Length
1112
X-Amz-Cf-Id
pvXJQLi8fib6C-y7U60aFaKNuPNcfm4wmtyJ3A6el8I6GPjM5QGAzQ==
logo_twitter.png
images.ctfassets.net/fikanzmkdlqn/hkD1lmVshb1MQ0edzfRwT/aaa832db728d65c28f59745787e15711/ 		899 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.ctfassets.net/fikanzmkdlqn/hkD1lmVshb1MQ0edzfRwT/aaa832db728d65c28f59745787e15711/logo_twitter.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
92aa7cd51cb613f9cc5d189ba2347703ac1cad37115ae545672ca7d5a5162e82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:20:33 GMT
Via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 16 Nov 2021 20:20:35 GMT
Server
Contentful Images API
Age
6829
ETag
"d9c6d3560c87dd21c6aa67b2bead3f3e"
X-Cache
Hit from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
Content-Length
899
X-Amz-Cf-Id
4AyaqicdyTO24DFaTHhkdG4v0V6DG_chYFVAtKwi1jFlSzTyCbEkmA==
logo-facebook.png
images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/f7d6573ddf1fdff72aaa8dfadacb52fc/ 		666 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/f7d6573ddf1fdff72aaa8dfadacb52fc/logo-facebook.png
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
2600:9000:224a:6400:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
4e8ca1b1af11367b1fd07e792d1917d86cd675e4ffe55e5b8fe6c0a81be33783

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 06 Mar 2022 06:20:32 GMT
Via
1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 16 Nov 2021 18:58:10 GMT
Server
Contentful Images API
Age
3211
ETag
"727d2c566ff8cf8a8cffe137dc6bcc72"
X-Cache
Hit from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
DUS51-P1
Content-Length
666
X-Amz-Cf-Id
hM4rHVBPMgxghxl9lITUAgLL0wS06Hg3oRjDfyBYP8lCnynfhqTmIw==
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&d_nsid=0&ts=1646548747422
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
Protocol
HTTP/1.1
Server
34.240.134.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-134-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3ba064b9a10566a4882fb0c2bb4d12eed16cf6b11dbf1f2a93442d94f5d6e7e3

Request headers

Referer
http://dawnofmars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v029-0f2bb0d91.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
content-encoding
gzip
X-TID
wakA7ZpgT5A=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://dawnofmars.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1224
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5a8::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1fe69a53b80d3d6812605112439dfc8f3f18961b5500e4be894c008d90f36eb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 06:39:07 GMT
content-encoding
gzip
last-modified
Tue, 10 Jul 2018 17:57:56 GMT
server
AkamaiNetStorage
etag
"f7d0998b199955517abe171a2bd0d88b:1531245476"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
http://dawnofmars.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12569
expires
Sun, 06 Mar 2022 07:39:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26291
x-xss-protection
0
pragma
public
x-fb-debug
0s/wG5B6fMLJdEUre1QattFyjf7A4c49fXzZl1Orv3MZGjJkzQD3/ANjHJg6Eyk4lQz1Oarw7KGsSKQLNr6CQw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sun, 06 Mar 2022 06:39:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dest5.html
fast.telus.demdex.net/ Frame 94A6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://fast.telus.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
Protocol
HTTP/1.1
Server
92.123.224.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-33.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified
Mon, 03 Feb 2020 17:27:06 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=21600
Date
Sun, 06 Mar 2022 06:39:07 GMT
Content-Length
2785
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
id
a.telus.com/ 		48 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.telus.com/id?d_visid_ver=4.3.0&d_fieldgroup=A&mcorgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&mid=60394239385442434574041570378895246633&ts=1646548747543
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
Protocol
HTTP/1.1
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e62c49550b407a614966c0422ee69c480eb3d003bb5a6d59b23266e5f60542fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://dawnofmars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 06 Mar 2022 06:39:08 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-zqv2q
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://dawnofmars.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • http://cm.everesttech.net/cm/dd?d_uuid=60417716811143748954043807637462521031
  • https://cm.everesttech.net/cm/dd?d_uuid=60417716811143748954043807637462521031
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiRXCwAAAF6u5AP7
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiRXCwAAAF6u5AP7
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiRXCwAAAF6u5AP7
Requested by
Host: dawnofmars.com
URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Protocol
HTTP/1.1
Server
34.240.134.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-134-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v029-06ede186b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KGr0cGjuQH8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v029-05cbdefa2.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fdPxN8KPS9M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiRXCwAAAF6u5AP7
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
1415433098759990
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1415433098759990?v=2.9.55&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fa315d056cab89dec4a4c898279f0c0aae933c21b3010a41640578fd44f23dc
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
mVnEpQdPENwr7ereH6zPkOLJyCYCPCgxsRyYPAE3QUGcKn1TsBZwVbm9SBT+Vg3YoiPYaML3ApzTT5dSJx7tSg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 06 Mar 2022 06:39:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
telus.tt.omtrdc.net/m2/telus/mbox/ 		96 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://telus.tt.omtrdc.net/m2/telus/mbox/json?mbox=target-global-mbox&mboxSession=19d4a698894c41bb96938b019bb50122&mboxPC=&mboxPage=5a3d5c1dd2f04bedba87c7a9ef5cf2d2&mboxRid=047476077b014647a68c804940200d70&mboxVersion=1.5.0&mboxCount=1&mboxTime=1646548747476&mboxHost=dawnofmars.com&mboxURL=http%3A%2F%2Fdawnofmars.com%2Findexx.php%3Fclient_id%3Dfe9c55ad-8a94-46b2-a3c3-816799478139&mboxReferrer=http%3A%2F%2Fdawnofmars.com%2F&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&language=&pageName=&province=&at_property=3bf04b3b-07e9-f142-6998-31dac9d5073e&mboxMCSDID=652AB0F2446A614F-7B15772FE3ECD269&vst.trk=a.telus.com&vst.trks=b.telus.com&mboxMCGVID=60394239385442434574041570378895246633&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
Protocol
HTTP/1.1
Server
18.203.63.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-63-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3dba0ea0dbe0423d526c949d1d309d024b4a13571409a4f80db1f81946e4fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 06 Mar 2022 06:39:08 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://dawnofmars.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
96
X-Request-ID
047476077b014647a68c804940200d70
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5a8::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e74b4b79aabd526c2419166103be05e4685bd5a557bae7315b058aeb0d213e74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://dawnofmars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 06:39:08 GMT
content-encoding
gzip
last-modified
Tue, 10 Jul 2018 17:57:56 GMT
server
AkamaiNetStorage
etag
"1b04a95be7e78c2ddb583160431516aa:1531245476"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
http://dawnofmars.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
9793
expires
Sun, 06 Mar 2022 07:39:08 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| visitor object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s string| hasFired function| AppMeasurement_Module_AudienceManagement function| DIL

8 Cookies

Domain/Path Name / Value
dawnofmars.com/ Name: mboxResponses
Value: %5B%5D
.dawnofmars.com/ Name: check
Value: true
dawnofmars.com/ Name: AMCVS_67A50FC0539F0BBD0A490D45%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YiRXCwAAAF6u5AP7
.demdex.net/ Name: demdex
Value: 27924399742525958420312857486974494395
.dpm.demdex.net/ Name: dpm
Value: 27924399742525958420312857486974494395
dawnofmars.com/ Name: AMCV_67A50FC0539F0BBD0A490D45%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C19058%7CMCMID%7C60394239385442434574041570378895246633%7CMCAAMLH-1647153547%7C6%7CMCAAMB-1647153547%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646555948s%7CNONE%7CMCSYNCSOP%7C411-19065%7CMCAID%7CNONE%7CvVersion%7C4.3.0
.dawnofmars.com/ Name: mbox
Value: session#19d4a698894c41bb96938b019bb50122#1646550609|PC#19d4a698894c41bb96938b019bb50122.37_0#1709793549

4 Console Messages

Source Level URL
Text
javascript warning URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Message:
The resource https://cdn.polyfill.io/v3/polyfill.js?features=es6,es5,Set,Array.prototype.includes,Object.entries,Array.prototype.entries was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Message:
The resource http://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Message:
The resource https://www.telus.com/telus-login/static/vendor_7943e3c78ff77357d85a.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139
Message:
The resource https://www.telus.com/telus-login/static/bundle_2ed4f7d5ed764d7ce5da.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.telus.com
assets.adobedtm.com
cdn.polyfill.io
cdn.telus.digital
cm.everesttech.net
connect.facebook.net
d3gdddol7ipjoy.cloudfront.net
dawnofmars.com
dpm.demdex.net
fast.telus.demdex.net
images.ctfassets.net
telus.tt.omtrdc.net
www.telus.com
107.162.138.125
15.236.176.210
162.241.30.119
18.203.63.125
18.66.248.19
2600:9000:224a:6400:12:94b3:c380:93a1
2a02:26f0:fb:5a8::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:200::282
34.240.134.29
52.222.206.72
52.51.88.158
92.123.224.33
05df6749b40aa1b53f7df9192666e1cc8fefc41b4e4fac0d0a60272e0ca4c67b
089357ed2af64609f30dfdeaf6ad88944a3f1e9e80b25f29935e7c4c209e8596
0fa315d056cab89dec4a4c898279f0c0aae933c21b3010a41640578fd44f23dc
1fe69a53b80d3d6812605112439dfc8f3f18961b5500e4be894c008d90f36eb8
3ad77ff4c28dc4a08c6cd1becd3d22dceab81d6b34e2401255f759b5f6bf3662
3ba064b9a10566a4882fb0c2bb4d12eed16cf6b11dbf1f2a93442d94f5d6e7e3
4e8ca1b1af11367b1fd07e792d1917d86cd675e4ffe55e5b8fe6c0a81be33783
56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58
5a6c0623bd497827f7939c0527ab371d852336c10b599de0e5a7b2558238dff9
5a729421e7c4f8f3f34978287eea2dd6c287a0a21c683f217f08b2962a084147
5bb3ee539bf3f0c7583a4228ab4594dc2f7cb3ba57baa83082a6ac82b2e70f7b
726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1
7adbc085f4ca58718317d3c12bafe06e65bffc31b1310d5ef3a005f18155e554
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8ee0779d3b4df5a0acc07553641f93bfe71627178d72df4f523e1be58cfccceb
92aa7cd51cb613f9cc5d189ba2347703ac1cad37115ae545672ca7d5a5162e82
a616b9791d131303600202aadd912ea7971fa0bd0b4bb581619638212eb13d1e
ad992343effac3f561ea1ff167aa2cce3d152dca2e884377d68de0f4081242a5
bfa4124bc3a91dbcecc3fa1034666ac5e3b773c453b6383a3f37ce1ebbbe723d
bfa5287428dea9f2a7b12e3130dd1848e5a9711d4ac92e600394b2c07f8769db
cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4
d6493b314efed0bbb50a1c152735904e998bc7e6dd0d693d0faef11825b07d0b
d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4
de6a5ec49457a455533ff3086c3ee8b3c994c5988044fbd148e86f1d51a3b3c8
e3dba0ea0dbe0423d526c949d1d309d024b4a13571409a4f80db1f81946e4fcf
e62c49550b407a614966c0422ee69c480eb3d003bb5a6d59b23266e5f60542fa
e74b4b79aabd526c2419166103be05e4685bd5a557bae7315b058aeb0d213e74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c
ffe4337649e5c901cc03b21952f66fc1b38b8226aad7d70d13830ee15777765f