dawnofmars.com Open in urlscan Pro
162.241.30.119  Malicious Activity! Public Scan

38 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://cm.everesttech.net/cm/dd?d_uuid=83835664744277125321186145037828579919 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiIWHwAAAIbEpAQf

Request Chain 28

• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODM4MzU2NjQ3NDQyNzcxMjUzMjExODYxNDUwMzc4Mjg1Nzk5MTk= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODM4MzU2NjQ3NDQyNzcxMjUzMjExODYxNDUwMzc4Mjg1Nzk5MTk=&google_tc= HTTP 302
• https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEC-_FJaWTNdk7j5uWIqpGUs&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 32

• https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329520608677614

Request Chain 34

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
• https://dpm.demdex.net/ibs:dpid=903&dpuuid=426107aa-aa5c-448b-9d03-90cf406b8f95

Request Chain 35

• https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=83835664744277125321186145037828579919&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-o.cBcBNE2pEDBMdwylPfoP4ot1IEfGHcZIE-~A

Request Chain 37

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlJV0h3QUFBSWJFcEFRZg==

Request Chain 38

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiIWHwAAAIbEpAQf&expires=90

Request Chain 39

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiIWHwAAAIbEpAQf HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiIWHwAAAIbEpAQf&C=1

Request Chain 40

• https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
• https://ib.adnxs.com/setuid?entity=158&code=YiIWHwAAAIbEpAQf HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYiIWHwAAAIbEpAQf

Request Chain 41

• https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537148856&val=YiIWHwAAAIbEpAQf

Request Chain 42

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiIWHwAAAIbEpAQf

Request Chain 43

• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiIWHwAAAIbEpAQf&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiIWHwAAAIbEpAQf&img=1&__user_check__=1&sync_id=41452150-9bc0-11ec-891c-13ae17dc0306

Request Chain 44

• https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
• https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiIWHwAAAIbEpAQf&t=2592000&o=0

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request indexx.php Show response dawnofmars.com/	114 KB 38 KB	799ms 438ms	Document text/html	162.241.30.119 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.30.119 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box5925.bluehost.com Software Apache / Resource Hash ad992343effac3f561ea1ff167aa2cce3d152dca2e884377d68de0f4081242a5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers vary Accept-Encoding content-encoding gzip host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-type text/html; charset=UTF-8 date Fri, 04 Mar 2022 13:37:35 GMT server Apache
GET H/1.1	200 OK	styles_03d9f66a4b4cbc9c12d2.css www.telus.com/telus-login/static/	69 KB 16 KB	208ms 178ms	Stylesheet text/css	107.162.138.125 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.telus.com/telus-login/static/styles_03d9f66a4b4cbc9c12d2.css Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software nginx / Resource Hash 5a6c0623bd497827f7939c0527ab371d852336c10b599de0e5a7b2558238dff9 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 13:37:35 GMT Via 1.1 google, 1.1 fra1-bit9021 x-content-type-options nosniff x-dns-prefetch-control off Connection Keep-Alive Content-Encoding gzip Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block last-modified Thu, 13 Jan 2022 15:36:06 GMT Server nginx x-frame-options SAMEORIGIN etag W/"11577-17e5414f270" x-download-options noopen Strict-Transport-Security max-age=0; includeSubDomains Content-Type text/css; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 Transfer-Encoding chunked accept-ranges bytes
GET H/1.1	200 OK	vendor_7943e3c78ff77357d85a.js Show response www.telus.com/telus-login/static/	394 KB 158 KB	407ms 360ms	Script application/javascript	107.162.138.125 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.telus.com/telus-login/static/vendor_7943e3c78ff77357d85a.js Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software nginx / Resource Hash 05df6749b40aa1b53f7df9192666e1cc8fefc41b4e4fac0d0a60272e0ca4c67b Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 13:37:35 GMT Via 1.1 google, 1.1 fra1-bit9021 x-content-type-options nosniff x-dns-prefetch-control off Content-Encoding gzip Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block last-modified Thu, 13 Jan 2022 15:36:06 GMT Server nginx x-frame-options SAMEORIGIN etag W/"628fd-17e5414f270" x-download-options noopen Strict-Transport-Security max-age=0; includeSubDomains Content-Type application/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 Transfer-Encoding chunked accept-ranges bytes
GET H/1.1	200 OK	bundle_2ed4f7d5ed764d7ce5da.js Show response www.telus.com/telus-login/static/	581 KB 198 KB	499ms 439ms	Script application/javascript	107.162.138.125 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.telus.com/telus-login/static/bundle_2ed4f7d5ed764d7ce5da.js Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software nginx / Resource Hash de6a5ec49457a455533ff3086c3ee8b3c994c5988044fbd148e86f1d51a3b3c8 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 13:37:35 GMT Via 1.1 google, 1.1 fra1-bit9021 x-content-type-options nosniff x-dns-prefetch-control off Content-Encoding gzip Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block last-modified Thu, 13 Jan 2022 15:36:06 GMT Server nginx x-frame-options SAMEORIGIN etag W/"9156c-17e5414f270" x-download-options noopen Strict-Transport-Security max-age=0; includeSubDomains Content-Type application/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 Transfer-Encoding chunked accept-ranges bytes
GET H2	200	polyfill.js Show response cdn.polyfill.io/v3/	306 B 650 B	31ms 8ms	Script text/javascript	2a04:4e42:200::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v3/polyfill.js?features=es6,es5,Set,Array.prototype.includes,Object.entries,Array.prototype.entries Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d6493b314efed0bbb50a1c152735904e998bc7e6dd0d693d0faef11825b07d0b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding br x-content-type-options nosniff content-type text/javascript; charset=utf-8 age 438230 detected-user-agent Chrome/99.0.4844 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2 content-length 156 referrer-policy origin-when-cross-origin last-modified Sat, 26 Feb 2022 13:17:44 GMT date Fri, 04 Mar 2022 13:37:35 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS normalized-user-agent chrome/99.0.0 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	chat_widget_component.js Show response d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/	3 MB 788 KB	52ms 8ms	Script application/javascript	52.222.206.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3gdddol7ipjoy.cloudfront.net/lib/chat/latest/js/chat_widget_component.js Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.206.169 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-206-169.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash bfa5287428dea9f2a7b12e3130dd1848e5a9711d4ac92e600394b2c07f8769db Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 01:27:56 GMT Content-Encoding gzip Connection keep-alive Last-Modified Tue, 22 Feb 2022 16:05:04 GMT Server AmazonS3 Age 43780 ETag W/"6c9c015298c009e6e14996d5ff557f7c" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront) Cache-Control public, max-age=86400 Transfer-Encoding chunked X-Amz-Cf-Pop FRA56-P3 X-Amz-Cf-Id 5xb_amcUz0I_YilIA2aY3p1ICN0MNBSw6EmT1VPIVFjCLspn2oAlqA==
GET H/1.1	200 OK	aff68211-86bb-476d-882e-f7a3face144c.woff2 cdn.telus.digital/thorium/core/fonts/	49 KB 50 KB	33ms 7ms	Font font/woff2	52.222.236.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/aff68211-86bb-476d-882e-f7a3face144c.woff2 Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.236.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f776d0dfb485629c7351534355429068fd43071b7613e3d2042986fd5b5bf46c Request headers Referer https://dawnofmars.com/ Origin https://dawnofmars.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 03 Mar 2022 17:12:22 GMT Via 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront) Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Age 73514 X-Cache Hit from cloudfront Connection keep-alive Content-Length 50428 Last-Modified Thu, 20 Feb 2020 23:41:56 GMT Server AmazonS3 ETag "929eac69416d11a543cee859bd33f1bc" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type font/woff2 Access-Control-Allow-Origin * X-Amz-Cf-Pop FRA56-P4 Accept-Ranges bytes X-Amz-Cf-Id FTSNgmsfLM_rvVK5rJy2yuvBr8ZqvFbiqURmHXuVceON8ZUBVoi64Q==
GET H/1.1	200 OK	b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2 cdn.telus.digital/thorium/core/fonts/etext/	19 KB 20 KB	33ms 7ms	Font font/woff2	52.222.236.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/etext/b8765d4b-d9a3-48b9-ac65-560e7517cf0e.woff2 Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.236.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 726b4339c7bca67dbba88d1f121857e2130d7ac194df7a512461ae621cfc2ff1 Request headers Referer https://dawnofmars.com/ Origin https://dawnofmars.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 03 Mar 2022 17:12:22 GMT Via 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront) Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Age 73514 X-Cache Hit from cloudfront Connection keep-alive Content-Length 19848 Last-Modified Thu, 20 Feb 2020 23:49:39 GMT Server AmazonS3 ETag "ad426bec3984966214cc48ece827907e" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type font/woff2 Access-Control-Allow-Origin * X-Amz-Cf-Pop FRA56-P4 Accept-Ranges bytes X-Amz-Cf-Id q6-z8HUYkEsGSzTIXusw8sa-Q4ZSsbjMzYE-ktSMeq7XMZ75OGmJuA==
GET H/1.1	200 OK	dc50c02f-3f77-4e75-b89c-e3f9bb4752e6.woff2 cdn.telus.digital/thorium/core/fonts/etext/	19 KB 20 KB	39ms 14ms	Font font/woff2	52.222.236.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/etext/dc50c02f-3f77-4e75-b89c-e3f9bb4752e6.woff2 Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.236.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7adbc085f4ca58718317d3c12bafe06e65bffc31b1310d5ef3a005f18155e554 Request headers Referer https://dawnofmars.com/ Origin https://dawnofmars.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 03 Mar 2022 17:12:22 GMT Via 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront) Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Age 73514 X-Cache Hit from cloudfront Connection keep-alive Content-Length 19472 Last-Modified Thu, 20 Feb 2020 23:49:31 GMT Server AmazonS3 ETag "0111190ff5e5c0d280dba5cb62688adc" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type font/woff2 Access-Control-Allow-Origin * X-Amz-Cf-Pop FRA56-P4 Accept-Ranges bytes X-Amz-Cf-Id _8jQJYpvdwiIf5DW7K8o5qWcODIPjocAwV7MumHRhIQ6GHsEoUNSRA==
GET H/1.1	200 OK	3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2 cdn.telus.digital/thorium/core/fonts/etext/	19 KB 19 KB	33ms 7ms	Font font/woff2	52.222.236.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/fonts/etext/3e8a8b56-3cb0-4347-b670-eaaf06b76e9b.woff2 Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.236.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 56b0625243f403285df4a6ec2b3bb68b17501a6a95ba30252a917c06d4395f58 Request headers Referer https://dawnofmars.com/ Origin https://dawnofmars.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 03 Mar 2022 17:12:22 GMT Via 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront) Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Age 73514 X-Cache Hit from cloudfront Connection keep-alive Content-Length 19304 Last-Modified Thu, 20 Feb 2020 23:49:48 GMT Server AmazonS3 ETag "42691fb7a4691282f7e00bbdcc87c467" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type font/woff2 Access-Control-Allow-Origin * X-Amz-Cf-Pop FRA56-P4 Accept-Ranges bytes X-Amz-Cf-Id zs1UzydAoao3yEeqezozW5dpdz3txfVUx4U9c1_HL7Vs7lxBSGmQPw==
GET H/1.1	200 OK	core-icons.woff2 cdn.telus.digital/thorium/core/v0.4.0/	4 KB 5 KB	38ms 13ms	Font binary/octet-stream	52.222.236.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.telus.digital/thorium/core/v0.4.0/core-icons.woff2 Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.222.236.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d8985cae9eda7ce2bb937053b26c94a391b53c4e2563ed77c6527db0e41a16e4 Request headers Referer https://dawnofmars.com/ Origin https://dawnofmars.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 01 Mar 2022 20:01:27 GMT Via 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront) Vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method Age 236168 X-Cache Hit from cloudfront Connection keep-alive Content-Length 4036 Last-Modified Mon, 08 Jan 2018 20:08:10 GMT Server AmazonS3 ETag "6a61e48747de876a912bcaa556dacd23" Access-Control-Max-Age 3600 Access-Control-Allow-Methods GET Content-Type binary/octet-stream Access-Control-Allow-Origin * Cache-Control max-age=315360000 X-Amz-Cf-Pop FRA56-P4 Accept-Ranges bytes X-Amz-Cf-Id SywxuUf6uirU00E5FPUIbefxkFD4z-ysLfEuEiKtqWcSdckpaNB_EA==
GET H2	200	launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Show response assets.adobedtm.com/	308 KB 89 KB	86ms 25ms	Script application/x-javascript	2a02:26f0:6c00:299::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash ffe4337649e5c901cc03b21952f66fc1b38b8226aad7d70d13830ee15777765f Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 13:37:35 GMT content-encoding gzip last-modified Mon, 21 Feb 2022 19:45:47 GMT server AkamaiNetStorage etag "406e6125d5c38dcfbf7a16e5cc2af1e9:1645472747.853875" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://dawnofmars.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 90748 expires Fri, 04 Mar 2022 14:37:35 GMT
GET H2	200	Logo_TELUS.svg images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/	2 KB 1 KB	44ms 18ms	Image image/svg+xml	2600:9000:225e:de00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/3yUnySNpS8IS4CeyUeWgeg/5bcfa9c592acfe591f26d85f6820fa5f/Logo_TELUS.svg Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:de00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash cbe1b0f1185a0b862a1e9ed248098ff59f79de8c00cd0ea2dd873023e704d3f4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 09:20:35 GMT content-encoding gzip last-modified Fri, 29 Jun 2018 18:30:42 GMT server Contentful Images API age 15421 etag W/"e9c94438527401f924b1e32cbd9fdea9" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 x-amz-cf-id k6tylieenuVBpOBSemTlVfTFk3HfQRAFNrDudqVk3MY-Fz4vgP5EgA== via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
GET H/1.1	200 OK	grass.png www.telus.com/telus-login/static/	34 KB 34 KB	182ms 167ms	Image image/png	107.162.138.125 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telus.com/telus-login/static/grass.png Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software nginx / Resource Hash 3ad77ff4c28dc4a08c6cd1becd3d22dceab81d6b34e2401255f759b5f6bf3662 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 13:37:35 GMT Via 1.1 google, 1.1 fra1-bit9021 x-content-type-options nosniff x-dns-prefetch-control off Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Content-Length 34580 x-xss-protection 1; mode=block last-modified Thu, 13 Jan 2022 15:36:06 GMT Server nginx x-frame-options SAMEORIGIN etag W/"8714-17e5414f270" x-download-options noopen Strict-Transport-Security max-age=0; includeSubDomains Content-Type image/png cache-control public, max-age=31536000 accept-ranges bytes
GET H/1.1	200 OK	phone.png www.telus.com/telus-login/static/	85 KB 86 KB	149ms 107ms	Image image/png	107.162.138.125 DEFENSE-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.telus.com/telus-login/static/phone.png Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.138.125 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software nginx / Resource Hash a616b9791d131303600202aadd912ea7971fa0bd0b4bb581619638212eb13d1e Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 13:37:35 GMT Via 1.1 google, 1.1 fra1-bit9021 x-content-type-options nosniff x-dns-prefetch-control off Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Content-Length 87361 x-xss-protection 1; mode=block last-modified Thu, 13 Jan 2022 15:36:06 GMT Server nginx x-frame-options SAMEORIGIN etag W/"15541-17e5414f270" x-download-options noopen Strict-Transport-Security max-age=0; includeSubDomains Content-Type image/png cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	Download_on_the_App_Store_Badge-2.svg images.ctfassets.net/fikanzmkdlqn/63wh5ooIuS1xgB8xAHwvQz/d1a390b7c4b88e14941c305e0b2b80ab/	12 KB 5 KB	7ms 7ms	Image image/svg+xml	2600:9000:225e:de00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/63wh5ooIuS1xgB8xAHwvQz/d1a390b7c4b88e14941c305e0b2b80ab/Download_on_the_App_Store_Badge-2.svg Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:de00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 5bb3ee539bf3f0c7583a4228ab4594dc2f7cb3ba57baa83082a6ac82b2e70f7b Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 05:40:20 GMT content-encoding gzip last-modified Wed, 08 Dec 2021 15:57:40 GMT server Contentful Images API age 68734 etag W/"3ce2bff094273a977907d5a9df0ed4b2" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 x-amz-cf-id QFm3ubliXInFeKgUm73QfRP2P7KTKSF0JRhw82CxiSSA8ZVcZTAnbw== via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
GET H2	200	google-play-badge.svg images.ctfassets.net/fikanzmkdlqn/0oRZngdLGyvTYwGZPBxFD/e19a15c77ae3604400033a24c60d4336/	7 KB 3 KB	8ms 8ms	Image image/svg+xml	2600:9000:225e:de00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/0oRZngdLGyvTYwGZPBxFD/e19a15c77ae3604400033a24c60d4336/google-play-badge.svg Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:de00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 089357ed2af64609f30dfdeaf6ad88944a3f1e9e80b25f29935e7c4c209e8596 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 02:40:27 GMT content-encoding gzip last-modified Wed, 08 Dec 2021 15:58:27 GMT server Contentful Images API age 69284 etag W/"bc52f260f66d68036155b48cf4c8993e" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 x-amz-cf-id 1GKxJwyVk7ZMABI6YvaUdjlyRK2VnB5z3QB_LgE7lR3co7QDrH_gWQ== via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
GET H2	200	youtube_grey.png images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/9b3533f1f427f80a1d0d94b88a46838a/	575 B 932 B	8ms 7ms	Image image/png	2600:9000:225e:de00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/3UT98RTJqlPOosADIS0zvT/9b3533f1f427f80a1d0d94b88a46838a/youtube_grey.png Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:de00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash bfa4124bc3a91dbcecc3fa1034666ac5e3b773c453b6383a3f37ce1ebbbe723d Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 06:16:21 GMT via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) last-modified Tue, 16 Nov 2021 20:22:40 GMT server Contentful Images API age 32028 etag "278d5abd33651b9466e47188b856802d" x-cache Hit from cloudfront content-type image/png access-control-allow-origin * cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 content-length 575 x-amz-cf-id I3bmsd9iuu1hdm33otS2uJtCWU6TqOTu-J1jGR94KwFFE-wHH-0IJQ==
GET H2	200	linkedin_black.png images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/4142a65944018d05ea97a32330a87cce/	485 B 842 B	8ms 7ms	Image image/png	2600:9000:225e:de00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/1P6VE6ZOJAU3W1ULhZGHg9/4142a65944018d05ea97a32330a87cce/linkedin_black.png Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:de00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 8ee0779d3b4df5a0acc07553641f93bfe71627178d72df4f523e1be58cfccceb Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 06:16:21 GMT via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) last-modified Tue, 16 Nov 2021 18:59:51 GMT server Contentful Images API age 32029 etag "0d6356da69ab2c0cdc17a70509d3fd20" x-cache Hit from cloudfront content-type image/png access-control-allow-origin * cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 content-length 485 x-amz-cf-id dG_GbcrtqT7QRezWVnGGj0eGDxnwWAzcbuggTjBWoxrA01DaRGjudA==
GET H2	200	instagram_black.png images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/a3bd363759a87b4547b77763c0795ee6/	1 KB 1 KB	8ms 8ms	Image image/png	2600:9000:225e:de00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/YBVTvLZlG6HIyhZDqq2Lg/a3bd363759a87b4547b77763c0795ee6/instagram_black.png Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:de00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 5a729421e7c4f8f3f34978287eea2dd6c287a0a21c683f217f08b2962a084147 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 08:02:18 GMT via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) last-modified Tue, 16 Nov 2021 20:21:30 GMT server Contentful Images API age 20373 etag "3139cc14d1fd8d2aee760db078eff232" x-cache Hit from cloudfront content-type image/png access-control-allow-origin * cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 content-length 1112 x-amz-cf-id QYNb94pe5W-_2eg8DXwcEN__zq7fCp-WElG2eEam8SbaIpRq7FAAJg==
GET H2	200	logo_twitter.png images.ctfassets.net/fikanzmkdlqn/hkD1lmVshb1MQ0edzfRwT/aaa832db728d65c28f59745787e15711/	899 B 1 KB	9ms 8ms	Image image/png	2600:9000:225e:de00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/hkD1lmVshb1MQ0edzfRwT/aaa832db728d65c28f59745787e15711/logo_twitter.png Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:de00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 92aa7cd51cb613f9cc5d189ba2347703ac1cad37115ae545672ca7d5a5162e82 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 06:16:21 GMT via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) last-modified Tue, 16 Nov 2021 20:20:35 GMT server Contentful Images API age 32029 etag "d9c6d3560c87dd21c6aa67b2bead3f3e" x-cache Hit from cloudfront content-type image/png access-control-allow-origin * cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 content-length 899 x-amz-cf-id LrUtNCpTqyklTQ1gC9gnVU8DdGqx4afdfAxh7T3Yt_po_LCyJHABZQ==
GET H2	200	logo-facebook.png images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/f7d6573ddf1fdff72aaa8dfadacb52fc/	666 B 1023 B	9ms 9ms	Image image/png	2600:9000:225e:de00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/fikanzmkdlqn/7oy6SUxAHZmOiicDcj7xd0/f7d6573ddf1fdff72aaa8dfadacb52fc/logo-facebook.png Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:de00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 4e8ca1b1af11367b1fd07e792d1917d86cd675e4ffe55e5b8fe6c0a81be33783 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 05:20:04 GMT via 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront) last-modified Tue, 16 Nov 2021 18:58:10 GMT server Contentful Images API age 30850 etag "727d2c566ff8cf8a8cffe137dc6bcc72" x-cache Hit from cloudfront content-type image/png access-control-allow-origin * cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 content-length 666 x-amz-cf-id Ho1k6oAkM0FSCoOtdK8CjaQCOR3LetmOMq06-kTyIB-zur-DwLwOSA==
GET H/1.1	200 OK	id Show response dpm.demdex.net/	3 KB 2 KB	137ms 33ms	XHR application/json	34.253.74.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&d_nsid=0&ts=1646401055553 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-74-200.eu-west-1.compute.amazonaws.com Software / Resource Hash 1ced0a270ffe4f69d3c9032f4020177d72ed26351b4d5568801b65adc9dcf9cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://dawnofmars.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-1-v028-0f60f1ee2.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID wqnzBTCuShg= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://dawnofmars.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 1229 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/	33 KB 13 KB	14ms 14ms	Script application/x-javascript	2a02:26f0:6c00:299::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/AppMeasurement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 1fe69a53b80d3d6812605112439dfc8f3f18961b5500e4be894c008d90f36eb8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 13:37:35 GMT content-encoding gzip last-modified Tue, 10 Jul 2018 17:57:56 GMT server AkamaiNetStorage etag "f7d0998b199955517abe171a2bd0d88b:1531245476" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://dawnofmars.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12569 expires Fri, 04 Mar 2022 14:37:35 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	28ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26291 x-xss-protection 0 pragma public x-fb-debug IlcGBNPcuPWCcxCBPdGFOw6OGuuwlVKGrQAajcCV+wPNEwI1Z+HRZTWuDQyFRDCArWeWWLCP2zQ2mjOUjjKdZg== x-fb-trip-id 686109401 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Fri, 04 Mar 2022 13:37:35 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	1415433098759990 Show response connect.facebook.net/signals/config/	308 KB 88 KB	132ms 132ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1415433098759990?v=2.9.55&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aacf6e91b9d976dcd307fd5e98cefd024c7619dad2581b1e2b34c1269d3445b7 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug Y0CgQPwQEPYl4Om8VMNBS/M8/+DhU5/OpnzeaNIdtixTDNloeRom0vSoVmR4V7QcmRUpvrYGPp6CWwsehMwlHw== x-fb-trip-id 686109401 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Fri, 04 Mar 2022 13:37:35 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	dest5.html Show response telus.demdex.net/ Frame 9F6A	7 KB 3 KB	128ms 30ms	Document text/html	52.49.22.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://telus.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.22.22 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-22-22.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip Content-Type text/html;charset=UTF-8 date Fri, 4 Mar 2022 13:37:35 GMT DCS dcs-prod-irl1-1-v028-0fab1bb0b.edge-irl1.demdex.com UNKNOWN Expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Mon, 14 Feb 2022 15:44:39 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains vary accept-encoding X-TID CS9pukcEQlQ= Content-Length 2791 Connection keep-alive
GET H2	200	id Show response b.telus.com/	48 B 505 B	418ms 17ms	XHR application/x-javascript	13.36.218.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://b.telus.com/id?d_visid_ver=4.3.0&d_fieldgroup=A&mcorgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&mid=83813726889851345861188668719910400929&ts=1646401055750 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-36-218-177.eu-west-3.compute.amazonaws.com Software jag / Resource Hash fa042c16e0b6e7ce2ad791f28f6d0bdf92bee2fa9e4f53ab2fa8eeda562cd9de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://dawnofmars.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 04 Mar 2022 13:37:36 GMT x-content-type-options nosniff server jag xserver anedge-cdfbd77b-cljtm vary Origin x-c main-1585.I7afc85.M0-540 p3p CP="This is not a P3P policy" access-control-allow-origin https://dawnofmars.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains content-type application/x-javascript;charset=utf-8 content-length 48 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=YiIWHwAAAIbEpAQf dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=83835664744277125321186145037828579919 https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiIWHwAAAIbEpAQf	42 B 945 B	32ms 32ms	Image image/gif	34.253.74.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiIWHwAAAIbEpAQf Requested by Host: dawnofmars.com URL: https://dawnofmars.com/indexx.php?client_id=fe9c55ad-8a94-46b2-a3c3-816799478139 Protocol HTTP/1.1 Server 34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-74-200.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v028-0b1fd8c60.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID BpRVRNuOShY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiIWHwAAAIbEpAQf Date Fri, 04 Mar 2022 13:37:35 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H/1.1	200 OK	ibs:dpid=771&dpuuid=CAESEC-_FJaWTNdk7j5uWIqpGUs&google_cver=1 dpm.demdex.net/ Frame 9F6A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODM4MzU2NjQ3NDQyNzcxMjUzMjExODYxNDUwMzc4Mjg1Nzk5MTk= https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODM4MzU2NjQ3NDQyNzcxMjUzMjExODYxNDUwMzc4Mjg1Nzk5MTk=&google_tc= https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEC-_FJaWTNdk7j5uWIqpGUs&google_cver=1?gdpr=0&gdpr_consent=	42 B 945 B	32ms 32ms	Image image/gif	34.253.74.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEC-_FJaWTNdk7j5uWIqpGUs&google_cver=1?gdpr=0&gdpr_consent= Protocol HTTP/1.1 Server 34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-74-200.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v028-03a420de1.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID jTIJtrwiTiE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Fri, 04 Mar 2022 13:37:35 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEC-_FJaWTNdk7j5uWIqpGUs&google_cver=1?gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adsct analytics.twitter.com/i/ Frame 9F6A	43 B 354 B	152ms 123ms	Image image/gif	104.244.42.3 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?p_user_id=83835664744277125321186145037828579919&p_id=38594 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.3 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-response-time 116 date Fri, 04 Mar 2022 13:37:35 GMT server tsa_o strict-transport-security max-age=631138519 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash c19adea8c1ed5d553ea376b924e9356d110b5198a430a7542837887c7a3b72a3 content-length 43
GET		p50 rp.gwallet.com/r1/cm/ Frame 9F6A	0 0
GET H2	200	json Show response telus.tt.omtrdc.net/m2/telus/mbox/	96 B 396 B	117ms 37ms	XHR application/json	54.154.249.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://telus.tt.omtrdc.net/m2/telus/mbox/json?mbox=target-global-mbox&mboxSession=023b08d43f62403d80d77e202c322ced&mboxPC=&mboxPage=bd49625c471e40d8b4e775342a4955cb&mboxRid=26d6cbdb78904daba5b44e3d69110e6f&mboxVersion=1.5.0&mboxCount=1&mboxTime=1646401055592&mboxHost=dawnofmars.com&mboxURL=https%3A%2F%2Fdawnofmars.com%2Findexx.php%3Fclient_id%3Dfe9c55ad-8a94-46b2-a3c3-816799478139&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&language=&pageName=&province=&at_property=3bf04b3b-07e9-f142-6998-31dac9d5073e&mboxMCSDID=03D7B322FF55DDE8-6B61B16FB7BD04F4&vst.trk=a.telus.com&vst.trks=b.telus.com&mboxMCGVID=83813726889851345861188668719910400929&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.154.249.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-249-228.eu-west-1.compute.amazonaws.com Software / Resource Hash ae19a59095b7f77f0447de209dfa69ab9252e89ce6a89a0884eeea44c357d99e Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Fri, 04 Mar 2022 13:37:36 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/json;charset=UTF-8 access-control-allow-origin https://dawnofmars.com cache-control no-cache access-control-allow-credentials true timing-allow-origin * content-length 96 x-request-id 26d6cbdb78904daba5b44e3d69110e6f
GET H/1.1	200 OK	ibs:dpid=1121&dpuuid=5133329520608677614 dpm.demdex.net/ Frame 9F6A Redirect Chain https://p.rfihub.com/cm?in=1&pub=7085 https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329520608677614	42 B 945 B	32ms 32ms	Image image/gif	34.253.74.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329520608677614 Protocol HTTP/1.1 Server 34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-74-200.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v028-03c8e435b.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID nm9i/Y8+R+Q= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329520608677614 Date Fri, 04 Mar 2022 13:37:36 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	AppMeasurement_Module_AudienceManagement.min.js Show response assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/	27 KB 10 KB	15ms 15ms	Script application/x-javascript	2a02:26f0:6c00:299::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP143333dab9bb4582a773c81f3a840074/AppMeasurement_Module_AudienceManagement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/launch-EN65f579f00cb04596bfa8bad1911ad8fa.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash e74b4b79aabd526c2419166103be05e4685bd5a557bae7315b058aeb0d213e74 Request headers Accept-Language de-DE,de;q=0.9 Referer https://dawnofmars.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 13:37:36 GMT content-encoding gzip last-modified Tue, 10 Jul 2018 17:57:56 GMT server AkamaiNetStorage etag "1b04a95be7e78c2ddb583160431516aa:1531245476" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://dawnofmars.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 9793 expires Fri, 04 Mar 2022 14:37:36 GMT
GET H/1.1	200 OK	ibs:dpid=903&dpuuid=426107aa-aa5c-448b-9d03-90cf406b8f95 dpm.demdex.net/ Frame 9F6A Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 https://dpm.demdex.net/ibs:dpid=903&dpuuid=426107aa-aa5c-448b-9d03-90cf406b8f95	42 B 945 B	32ms 32ms	Image image/gif	34.253.74.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=903&dpuuid=426107aa-aa5c-448b-9d03-90cf406b8f95 Protocol HTTP/1.1 Server 34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-74-200.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v028-06a3e8a5c.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID ZRQdOXMGTOo= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Fri, 04 Mar 2022 13:37:36 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://dpm.demdex.net/ibs:dpid=903&dpuuid=426107aa-aa5c-448b-9d03-90cf406b8f95 cache-control private,no-cache, must-revalidate content-type text/html content-length 189
GET H/1.1	200 OK	ibs:dpid=30646 dpm.demdex.net/ Frame 9F6A Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=83835664744277125321186145037828579919&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-o.cBcBNE2pEDBMdwylPfoP4ot1IEfGHcZIE-~A	42 B 945 B	42ms 42ms	Image image/gif	34.253.74.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-o.cBcBNE2pEDBMdwylPfoP4ot1IEfGHcZIE-~A Protocol HTTP/1.1 Server 34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-74-200.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v028-04067149c.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID BUqTuZhJTVQ= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers date Fri, 04 Mar 2022 13:37:36 GMT via http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer) server ATS age 0 strict-transport-security max-age=31536000 content-type text/html;charset=utf-8 location https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-o.cBcBNE2pEDBMdwylPfoP4ot1IEfGHcZIE-~A content-length 0
GET H/1.1	200 OK	bridge cm.adgrx.com/ Frame 9F6A	43 B 408 B	73ms 23ms	Image image/gif	173.231.181.122 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adgrx.com/bridge?AG_PID=adobe_aam&AG_SETCOOKIE Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software Cowboy / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Mar 2022 13:37:36 GMT server Cowboy P3P CP="NOI OTC OTP OUR NOR" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate Connection keep-alive Content-Type image/gif X-RealServer-NX ams-delivery-3 Content-Length 43 Expires Thu, 23 Sep 2004 17:42:04 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9F6A Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlJV0h3QUFBSWJFcEFRZg==	170 B 188 B	19ms 18ms	Image image/png	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlJV0h3QUFBSWJFcEFRZg== Protocol H3 Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Fri, 04 Mar 2022 13:37:36 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 04 Mar 2022 13:37:36 GMT via 1.1 varnish server Varnish x-timer S1646401057.639056,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlJV0h3QUFBSWJFcEFRZg== cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 9F6A Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiIWHwAAAIbEpAQf&expires=90	0 239 B	39ms 9ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiIWHwAAAIbEpAQf&expires=90 Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 6f9fd0201ed801884e5299d5aabca094 Content-Type image/gif Redirect headers pragma no-cache date Fri, 04 Mar 2022 13:37:36 GMT via 1.1 varnish server Varnish x-timer S1646401057.712208,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiIWHwAAAIbEpAQf&expires=90 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 9F6A Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiIWHwAAAIbEpAQf https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiIWHwAAAIbEpAQf&C=1	43 B 1003 B	29ms 28ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiIWHwAAAIbEpAQf&C=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Mar 2022 13:37:36 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Mar 2022 13:37:36 GMT Redirect headers Pragma no-cache Date Fri, 04 Mar 2022 13:37:36 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiIWHwAAAIbEpAQf&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 279 Expires Fri, 04 Mar 2022 13:37:36 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 9F6A Redirect Chain https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D https://ib.adnxs.com/setuid?entity=158&code=YiIWHwAAAIbEpAQf https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYiIWHwAAAIbEpAQf	43 B 1 KB	18ms 18ms	Image image/gif	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYiIWHwAAAIbEpAQf Protocol HTTP/1.1 Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Mar 2022 13:37:36 GMT X-Proxy-Origin 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 92f675f2-4a93-41bc-a3ea-fb32c3e639a5 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 04 Mar 2022 13:37:36 GMT X-Proxy-Origin 193.27.14.36; 193.27.14.36; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 4a30e329-a63e-46a0-bd7e-25940a284f6d Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYiIWHwAAAIbEpAQf Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 9F6A Redirect Chain https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D https://us-u.openx.net/w/1.0/sd?id=537148856&val=YiIWHwAAAIbEpAQf	43 B 274 B	37ms 17ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537148856&val=YiIWHwAAAIbEpAQf Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/17.2.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Fri, 04 Mar 2022 13:37:37 GMT via 1.1 google server OXGW/17.2.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Fri, 04 Mar 2022 13:37:37 GMT via 1.1 varnish server Varnish x-timer S1646401057.015255,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://us-u.openx.net/w/1.0/sd?id=537148856&val=YiIWHwAAAIbEpAQf cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 9F6A Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiIWHwAAAIbEpAQf	1 B 547 B	62ms 15ms	Image text/html	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiIWHwAAAIbEpAQf Protocol H2 Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 13:37:35 GMT cache-control no-store, no-cache, private x-lat amspug016:0:559 server nginx content-type text/html; charset=utf-8 content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 04 Mar 2022 13:37:37 GMT via 1.1 varnish server Varnish x-timer S1646401057.115145,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiIWHwAAAIbEpAQf cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 9F6A Redirect Chain https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiIWHwAAAIbEpAQf&img=1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiIWHwAAAIbEpAQf&img=1&__user_check__=1&sync_id=41452150-9bc0-11ec-891c-13ae17dc0306	43 B 548 B	20ms 20ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiIWHwAAAIbEpAQf&img=1&__user_check__=1&sync_id=41452150-9bc0-11ec-891c-13ae17dc0306 Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Fri, 04 Mar 2022 13:37:37 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 46 Connection keep-alive Content-Length 43 Redirect headers Date Fri, 04 Mar 2022 13:37:37 GMT Server nginx Location /partner?adv_id=6409&uid=YiIWHwAAAIbEpAQf&img=1&__user_check__=1&sync_id=41452150-9bc0-11ec-891c-13ae17dc0306 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 43 Connection keep-alive Content-Length 0
GET H2	200	b.php www.facebook.com/fr/ Frame 9F6A Redirect Chain https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiIWHwAAAIbEpAQf&t=2592000&o=0	43 B 2 KB	68ms 37ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiIWHwAAAIbEpAQf&t=2592000&o=0 Protocol H2 Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://telus.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 05:37:37 PST content-encoding br x-content-type-options nosniff document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-fb-rlafr 0 pragma public x-fb-debug 9dkSOSEvB2zHI7fG4E6MZr8iDFXQSQLVuwHybwlEBt4pc+QaU3Z44QTUZ+Y19ok7bc2+OjgiCkCjG9vb8yQv7g== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups strict-transport-security max-age=15552000; preload report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type image/gif vary Accept-Encoding cache-control public, max-age=0 priority u=3,i expires Fri, 04 Mar 2022 05:37:37 PST Redirect headers pragma no-cache date Fri, 04 Mar 2022 13:37:37 GMT via 1.1 varnish server Varnish x-timer S1646401057.317791,VS0,VE0 x-served-by cache-hhn4055-HHN x-cache HIT location https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiIWHwAAAIbEpAQf&t=2592000&o=0 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

rp.gwallet.com

URL

https://rp.gwallet.com/r1/cm/p50