premier.ticketek.com.au Open in urlscan Pro
45.60.198.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.disney.com.au/?qs=48c791c34d6a209df28f7bbd98ed8501b77539a5004ffd74d70a8928ca9d0869a3f9216afe529ab3e2a4c703ec17...
Effective URL:
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Submission: On November 08 via manual (November 8th 2021, 4:06:27 pm UTC) from ES — Scanned from DE

Summary HTTP 204 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 43 domains to perform 204 HTTP transactions. The main IP is 45.60.198.230, located in United States and belongs to INCAPSULA, US. The main domain is premier.ticketek.com.au.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on October 21st 2021. Valid for: 6 months.

This is the only time premier.ticketek.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.159.139 13.111.159.139	22606 (EXACT-7) (EXACT-7)
2 69	45.60.198.230 45.60.198.230	19551 (INCAPSULA) (INCAPSULA)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:a00... 2a04:4e42:a00::282	54113 (FASTLY) (FASTLY)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.92.103.28 104.92.103.28	16625 (AKAMAI-AS) (AKAMAI-AS)
4	13.32.118.82 13.32.118.82	16509 (AMAZON-02) (AMAZON-02)
19	18.66.112.65 18.66.112.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:7e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.236.73 52.222.236.73	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	151.101.1.208 151.101.1.208	54113 (FASTLY) (FASTLY)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	18.66.112.126 18.66.112.126	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	143.204.215.95 143.204.215.95	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.208 151.101.65.208	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:a872	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	52.18.85.49 52.18.85.49	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:ab72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.128.101.122 108.128.101.122	16509 (AMAZON-02) (AMAZON-02)
8 8	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.182.242 18.185.182.242	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2a05:d018:24:... 2a05:d018:24:b002:2591:850:d183:b9b4	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
7 8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6 12	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	52.44.110.4 52.44.110.4	14618 (AMAZON-AES) (AMAZON-AES)
1	52.17.176.161 52.17.176.161	16509 (AMAZON-02) (AMAZON-02)
2 2	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
204	48

1 13.111.159.139 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email.disney.com.au

click.email.disney.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 45.60.198.230 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

premier.ticketek.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ticketek.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.103.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-103-28.deploy.static.akamaitechnologies.com

sadmin.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.118.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-82.fra60.r.cloudfront.net

d35kvm5iuwjt9t.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.66.112.65 (United States)

ASN16509 (AMAZON-02, US)

components.ticketek.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:7e2 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-73.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.208 (United States)

ASN54113 (FASTLY, US)

sdk.iad-06.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

5164505.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.126 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.208 (United States)

ASN54113 (FASTLY, US)

braze-images.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

ticketek.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:a872 (United States)

ASN13335 (CLOUDFLARENET, US)

ticketekau.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.18.85.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:ab72 (United States)

ASN13335 (CLOUDFLARENET, US)

segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.101.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-101-122.eu-west-1.compute.amazonaws.com

tega.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.194.191.134 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.182.242 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-182-242.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:2591:850:d183:b9b4 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.18.11.109 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.110.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-110-4.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.176.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-176-161.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.226.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	ticketek.com.au 2 redirects premier.ticketek.com.au www.ticketek.com.au components.ticketek.com.au	816 KB
28	everesttech.net 22 redirects cm.everesttech.net pixel.everesttech.net sync-tm.everesttech.net	10 KB
17	doubleclick.net 8 redirects securepubads.g.doubleclick.net 5164505.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	122 KB
13	demdex.net dpm.demdex.net tega.demdex.net	16 KB
10	google-analytics.com www.google-analytics.com	57 KB
7	zdassets.com static.zdassets.com ekr.zdassets.com	327 KB
5	useinsider.com ticketekau.api.useinsider.com location.api.useinsider.com segment.api.useinsider.com hit.api.useinsider.com	60 KB
5	zendesk.com ticketek.zendesk.com	2 KB
5	facebook.com www.facebook.com	1 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	google.de adservice.google.de www.google.de	2 KB
4	google.com adservice.google.com www.google.com	2 KB
4	braze.com sdk.iad-06.braze.com	1 KB
4	facebook.net connect.facebook.net	192 KB
4	cloudfront.net d35kvm5iuwjt9t.cloudfront.net	932 KB
4	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	109 KB
3	casalemedia.com 2 redirects ssum.casalemedia.com dsum-sec.casalemedia.com	3 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	fontawesome.com use.fontawesome.com	84 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	gstatic.com fonts.gstatic.com	194 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	382 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	529 B
2	eyeota.net 2 redirects ps.eyeota.net	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	935 B
2	tidaltv.com 2 redirects sync.tidaltv.com	686 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	brightcove.com sadmin.brightcove.com	18 KB
2	polyfill.io polyfill.io	761 B
1	pubmatic.com image2.pubmatic.com	547 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com ads.yahoo.com	443 B
1	turn.com 1 redirects d.turn.com	402 B
1	googleadservices.com www.googleadservices.com	14 KB
1	braze-images.com braze-images.com	488 KB
1	appboycdn.com js.appboycdn.com	49 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googletagmanager.com www.googletagmanager.com	112 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	googleoptimize.com www.googleoptimize.com	34 KB
1	disney.com.au 1 redirects click.email.disney.com.au	234 B
204	43

	Domain	Requested by
68	premier.ticketek.com.au	1 redirects premier.ticketek.com.au components.ticketek.com.au
19	components.ticketek.com.au	premier.ticketek.com.au components.ticketek.com.au
12	pixel.everesttech.net	6 redirects
11	dpm.demdex.net	premier.ticketek.com.au
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com premier.ticketek.com.au
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
6	static.zdassets.com	premier.ticketek.com.au static.zdassets.com
5	ticketek.zendesk.com	static.zdassets.com
5	www.facebook.com	connect.facebook.net premier.ticketek.com.au
5	fonts.googleapis.com	premier.ticketek.com.au
4	stats.g.doubleclick.net	www.google-analytics.com
4	sdk.iad-06.braze.com	js.appboycdn.com
4	connect.facebook.net	premier.ticketek.com.au connect.facebook.net
4	d35kvm5iuwjt9t.cloudfront.net	premier.ticketek.com.au
3	ib.adnxs.com	2 redirects
3	www.google.de
3	www.google.com
3	use.fontawesome.com	js.appboycdn.com use.fontawesome.com
3	fonts.gstatic.com	fonts.googleapis.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	ps.eyeota.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.tidaltv.com	2 redirects
2	pm.w55c.net	2 redirects
2	tega.demdex.net	premier.ticketek.com.au
2	ticketekau.api.useinsider.com	www.googletagmanager.com ticketekau.api.useinsider.com
2	5164505.fls.doubleclick.net	1 redirects premier.ticketek.com.au
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	sadmin.brightcove.com	premier.ticketek.com.au
2	maxcdn.bootstrapcdn.com	premier.ticketek.com.au maxcdn.bootstrapcdn.com
2	polyfill.io	premier.ticketek.com.au
2	stackpath.bootstrapcdn.com	premier.ticketek.com.au
1	image2.pubmatic.com
1	dsum-sec.casalemedia.com
1	pixel.rubiconproject.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	ads.yahoo.com
1	d.turn.com	1 redirects
1	hit.api.useinsider.com	ticketekau.api.useinsider.com
1	segment.api.useinsider.com	ticketekau.api.useinsider.com
1	location.api.useinsider.com	ticketekau.api.useinsider.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	5164505.fls.doubleclick.net
1	braze-images.com	premier.ticketek.com.au
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	premier.ticketek.com.au
1	ekr.zdassets.com	static.zdassets.com
1	js.appboycdn.com	premier.ticketek.com.au
1	www.googletagservices.com	premier.ticketek.com.au
1	www.googletagmanager.com	premier.ticketek.com.au
1	cdnjs.cloudflare.com	premier.ticketek.com.au
1	www.googleoptimize.com	premier.ticketek.com.au
1	www.ticketek.com.au	1 redirects
1	click.email.disney.com.au	1 redirects
204	63

This site contains links to these domains. Also see Links.

Domain
help.ticketek.com.au
d35kvm5iuwjt9t.cloudfront.net
www.hmt.com.au
frozenthemusical.com.au
www.facebook.com
www.twitter.com
www.instagram.com
play.google.com
apps.apple.com
www.teg.com.au
premier.ticketek.co.nz
premier.ticketek.co.uk
premier.ticketek.com.sg
premier.ticketek.com.my
premier.ticketek.com.ph

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-21` - `2022-04-21`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
sadmin.brightcove.com DigiCert SHA2 Secure Server CA	`2021-02-18` - `2022-02-22`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.ticketek.com.au Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.iad-06.braze.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
braze-images.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
ticketek.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2021-09-20` - `2022-09-19`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Frame ID: 8F47EBFAAA2A8207FDE6C9B98A085CCA
Requests: 162 HTTP requests in this frame

Frame: https://5164505.fls.doubleclick.net/activityi;dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166
Frame ID: FDC8A04497D4C8B7B73CE0EB6A9EA14F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 6FFA53241ED97C92190C005FC30BCE39
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js
Frame ID: 7D9DE2643D053667BCE3F9152657C232
Requests: 10 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166;~oref=https://premier.ticketek.com.au/
Frame ID: 44C236B8986347196E168A2658CDAD45
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166;~oref=https://premier.ticketek.com.au/
Frame ID: 6FC53F304125F87682CA7A6AC86C73AE
Requests: 1 HTTP requests in this frame

Frame: https://ticketekau.api.useinsider.com/worker-new.html
Frame ID: 80ED684EE973317420F3A2996B35E4D6
Requests: 1 HTTP requests in this frame

Frame: https://tega.demdex.net/dest5.html?d_nsid=0
Frame ID: B48AB8CBF7ED411565A8A9515DBF27C6
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Frozen the Musical tickets | Her Majesty's Theatre | Ticketek Australia

Page URL History Show full URLs

https://click.email.disney.com.au/?qs=48c791c34d6a209df28f7bbd98ed8501b77539a5004ffd74d70a8928ca9d0869a3f9216a... HTTP 302
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21 Page URL
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21 HTTP 302
http://www.ticketek.com.au/detection.aspx?rt=https%3a%2f%2fpremier.ticketek.com.au%2fshows%2fshow.aspx%... HTTP 302
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21 Page URL

Page Statistics

204
Requests

87 %
HTTPS

44 %
IPv6

43
Domains

63
Subdomains

48
IPs

7
Countries

3736 kB
Transfer

8188 kB
Size

75
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://help.ticketek.com.au/hc/en-us/articles/360026360114-Ticketek-Agencies
Title: Agencies

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/articles/360001880427-How-do-I-book-an-accessible-seat
Title: Accessible Seating

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: http://d35kvm5iuwjt9t.cloudfront.net/pdf/HMJ_accessibleseating.pdf
Title: View More Info

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/requests/new?ticket_form_id=360000134807
Title: Ticketek Accessible form

Search URL Search Domain Scan URL

URL: https://www.hmt.com.au/
Title: www.hmt.com.au

Search URL Search Domain Scan URL

URL: https://frozenthemusical.com.au/
Title: frozenthemusical.com.au

Search URL Search Domain Scan URL

URL: https://d35kvm5iuwjt9t.cloudfront.net/pdf/FROZENUM21_TCs.pdf
Title: Click here for full terms and conditions

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/articles/360063452173-FROZEN-THE-MUSICAL
Title: here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TicketekAustralia

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Ticketek_AU

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ticketekaustralia/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=au.com.ticketek&hl=en_AU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/ticketek/id454379421

Search URL Search Domain Scan URL

URL: https://www.teg.com.au/
Title: Corporate & Media Inquiries

Search URL Search Domain Scan URL

URL: https://www.teg.com.au/teg-careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://premier.ticketek.co.nz/
Title: Ticketek New Zealand

Search URL Search Domain Scan URL

URL: https://premier.ticketek.co.uk/
Title: Ticketek UK

Search URL Search Domain Scan URL

URL: https://premier.ticketek.com.sg/
Title: Ticketek Singapore

Search URL Search Domain Scan URL

URL: https://premier.ticketek.com.my/
Title: Ticketek Malaysia

Search URL Search Domain Scan URL

URL: https://premier.ticketek.com.ph/
Title: Ticketek Philippines

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/categories/360000150768-Frequently-Asked-Questions
Title: Frequently asked questions

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us?_ga=2.128894281.430885618.1607322929-817718009.1607322929
Title: Contact us

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/categories/360000153707-Events-Cancellation-Changes
Title: Cancelled & postponed events

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.disney.com.au/?qs=48c791c34d6a209df28f7bbd98ed8501b77539a5004ffd74d70a8928ca9d0869a3f9216afe529ab3e2a4c703ec17df03be9cb1e6ff48d090281764bbb560195e HTTP 302
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21 Page URL
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21 HTTP 302
http://www.ticketek.com.au/detection.aspx?rt=https%3a%2f%2fpremier.ticketek.com.au%2fshows%2fshow.aspx%3fsh%3dFROZEN21 HTTP 302
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://click.email.disney.com.au/?qs=48c791c34d6a209df28f7bbd98ed8501b77539a5004ffd74d70a8928ca9d0869a3f9216afe529ab3e2a4c703ec17df03be9cb1e6ff48d090281764bbb560195e HTTP 302
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Request Chain 109

https://5164505.fls.doubleclick.net/activityi;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166 HTTP 302
https://5164505.fls.doubleclick.net/activityi;dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166

Request Chain 150

https://cm.everesttech.net/cm/dd?d_uuid=30454969894971832284106595988907376067 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYlK-gAAAHTofwQD

Request Chain 154

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=OVmyDts41MK7a65

Request Chain 164

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1303121740232379231

Request Chain 172

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=38noredirect HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=38noredirect&s_h=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=0c121a66-b2c6-4f10-8d52-e3bcfbbcc608?gdpr=1&gdpr_consent=

Request Chain 178

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4223899392939032060

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzA0NTQ5Njk4OTQ5NzE4MzIyODQxMDY1OTU5ODg5MDczNzYwNjc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA0tctIIDwHL_rkeUZcoHHk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 184

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEPJxpcoSdnu88-_GIIZi4HU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 185

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEPJxpcoSdnu88-_GIIZi4HU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 186

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEPJxpcoSdnu88-_GIIZi4HU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 187

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEPJxpcoSdnu88-_GIIZi4HU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 188

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEPJxpcoSdnu88-_GIIZi4HU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 189

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=732a9589-bac8-49a6-ad61-57665c3e050a

Request Chain 190

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEPJxpcoSdnu88-_GIIZi4HU&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 191

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YYlK-1uE4Djd3g120nTR-QAA%261148

Request Chain 192

https://ps.eyeota.net/match?bid=6j5b2cv&uid=30454969894971832284106595988907376067&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=30454969894971832284106595988907376067&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 193

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YYlK-gAAAHTofwQD&sigv=1&esig=1~4305df3226603828d44974c4b51331d7675461b5

Request Chain 194

https://usermatch.krxd.net/um/v2?partner=adobe&id=30454969894971832284106595988907376067 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=30454969894971832284106595988907376067

Request Chain 195

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=30454969894971832284106595988907376067?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=30454969894971832284106595988907376067?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9f8d0ea265b6be7ee87f374de49c011c

Request Chain 196

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVlsSy1nQUFBSFRvZndRRA==

Request Chain 197

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYlK-gAAAHTofwQD&expires=90

Request Chain 198

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYlK-gAAAHTofwQD

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YYlK-gAAAHTofwQD

Request Chain 200

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYlK-gAAAHTofwQD HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYlK-gAAAHTofwQD

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYlK-gAAAHTofwQD

Request Chain 202

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYlK-gAAAHTofwQD&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYlK-gAAAHTofwQD&img=1&__user_check__=1&sync_id=d29828b4-40ad-11ec-909e-1e1d47870106

Request Chain 203

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYlK-gAAAHTofwQD&t=2592000&o=0

204 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

show.aspx Show response
premier.ticketek.com.au/shows/
Redirect Chain

https://click.email.disney.com.au/?qs=48c791c34d6a209df28f7bbd98ed8501b77539a5004ffd74d70a8928ca9d0869a3f9216afe529ab3e2a4c703ec17df03be9cb1e6ff48d090281764bbb560195e
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

212 B
549 B

81ms
17ms

Document
text/html

45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
cache-control: no-cache, no-store
content-length: 212
x-iinfo: 3-38752168-0 0NNN RT(1636387575444 0) q(0 -1 -1 0) r(0 -1) B10(4,314,0) U18

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Date: Mon, 08 Nov 2021 16:06:15 GMT
Connection: close
Content-Length: 176

GET
H2 200 _Incapsula_Resource Show response
premier.ticketek.com.au/ 174 KB
25 KB 31ms
30ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: bceb67719489d29fb2e4c74fe9d9956120fc98d7d7aba7c225e47bc77c7b91dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 25388
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
premier.ticketek.com.au/ 29 B
56 B 16ms
16ms XHR
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/_Incapsula_Resource?SWHANEDL=225148898989779426,16677099482766826640,17953984203872889592,544052
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 29
content-type: application/javascript

GET
H2

200

Primary Request show.aspx Show response
premier.ticketek.com.au/shows/
Redirect Chain

https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
http://www.ticketek.com.au/detection.aspx?rt=https%3a%2f%2fpremier.ticketek.com.au%2fshows%2fshow.aspx%3fsh%3dFROZEN21
https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

107 KB
20 KB

839ms
837ms

Document
text/html

45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.230 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

931143bad19f42bec041d52ce026f1d8c039d82bc08c4ee5f3d3f27377cd2412

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-type: text/html; charset=utf-8
cache-control: private, no-store
pragma: no-cache
content-encoding: gzip
expires: Sun, 08 Nov 2020 16:06:19 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
x-cdn: Imperva
x-iinfo: 3-38752440-38752192 PNNN RT(1636387577979 0) q(0 0 0 -1) r(6 8) U12

Redirect headers

Date: Mon, 08 Nov 2021 16:06:18 GMT
Content-Type: text/html; charset=us-ascii
Content-Length: 176
Connection: keep-alive
Cache-Control: private
Location: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-FRAME-OPTIONS: SAMEORIGIN
X-CDN: Imperva
X-Iinfo: 1-40836926-40836927 NNNN CT(288 -1 0) RT(1636387577070 0) q(0 0 3 0) r(7 7) U5

GET
H2 200 _Incapsula_Resource
premier.ticketek.com.au/ 1 B
35 B 16ms
15ms Image
text/plain 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/_Incapsula_Resource?SWKMTFSR=1&e=0.27583184869014366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET _Incapsula_Resource
premier.ticketek.com.au/ 0
0

GET
H2 200 u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra Show response
premier.ticketek.com.au/ 127 KB
40 KB 40ms
37ms Script
text/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: 6709758a7991132539e45c72e3c6ed7241e8937f1d19217d89e0df6e76046f40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
server: connector
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 3-38752508-38752509 NNNN CT(4 7 0) RT(1636387578835 0) q(0 0 0 -1) r(0 0) U18
cache-control: public, max-age=60
server-timing: bon, total;dur=6.549888
content-length: 41014
x-cdn: Imperva

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/ 150 KB
24 KB 54ms
27ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 17232382
cdn-cachedat: 2021-04-23 06:44:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 23e19f371e59fd6d1b6cafea2edeee0d
cf-ray: 6ab00c455af705b7-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 16 KB
992 B 47ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8bc7150519c3bec8751de818bca8136134aff71a27cd65551e9a488f12e9340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 15:11:58 GMT
server: ESF
date: Mon, 08 Nov 2021 16:06:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 08 Nov 2021 16:06:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
781 B 47ms
19ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700;800&display=swap

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0095244614533bd39720fdef1abdd163dd6899570a58c5910085968ef106f127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:06:19 GMT
server: ESF
date: Mon, 08 Nov 2021 16:06:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 08 Nov 2021 16:06:19 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
440 B 46ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

908d52256ccbc2c28bef26bd8521f974122f169aeaadf42cc48193735ca9b6cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:06:19 GMT
server: ESF
date: Mon, 08 Nov 2021 16:06:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 08 Nov 2021 16:06:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 44ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway&display=swap

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3ec09caf051a4a00d410aceb3fdc24e14bf2ac99f68999d9371bae49f79f914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 14:56:53 GMT
server: ESF
date: Mon, 08 Nov 2021 16:06:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 08 Nov 2021 16:06:19 GMT

GET
H2 200 main.css
premier.ticketek.com.au/assets/css/ 387 KB
73 KB 916ms
908ms Stylesheet
text/css 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/assets/css/main.css?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: defae6aed9e3489a9996fc363db0b8d356cc25ccfa5e061719a5f1bd344b3a23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 03:37:04 GMT
x-cdn: Imperva
etag: "07096e551d4d71:0"
content-type: text/css
x-iinfo: 3-38752511-38748966 3CNN RT(1636387578840 0) q(0 0 0 -1) r(9 9) U18
cache-control: max-age=274, public
content-length: 74232
expires: Mon, 08 Nov 2021 16:10:53 GMT

GET
H2 200 conflictX.css
premier.ticketek.com.au/css/ 529 B
488 B 35ms
28ms Stylesheet
text/css 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/css/conflictX.css?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6324f69233f73f119979b489f5d32a2250b3bfeb7d24d8b2908b92bb6c1e2e09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: text/css
x-iinfo: 3-38752512-38748910 2CNN RT(1636387578843 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=3853, public
content-length: 314
expires: Mon, 08 Nov 2021 17:10:32 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 86 KB
34 KB 47ms
20ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PHMCZX3

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d02537a86ac0059d784dbe19d4b20b9f38144a9a2da5686b1e0dda5f27e86c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34667
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Nov 2021 16:06:19 GMT

GET
H2 200 messages_en.js Show response
premier.ticketek.com.au/js/ 17 KB
5 KB 37ms
29ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/messages_en.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 54977bd28e95c5d7f9aa476648978d4805fb1fbc7e56b4e3d8a4055d225919f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:40 GMT
x-cdn: Imperva
etag: "0c4ae3f53d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752513-38751408 2CNN RT(1636387578845 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5210, public
content-length: 4855
expires: Mon, 08 Nov 2021 17:33:08 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
559 B 81ms
23ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=es6%2Ces7?features=es6%2Ces7

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 780048
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 30 Oct 2021 02:49:55 GMT
date: Mon, 08 Nov 2021 16:06:19 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-latest.min.js Show response
premier.ticketek.com.au/js/jquery/ 87 KB
30 KB 39ms
31ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery/jquery-latest.min.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752515-38734237 2CNN RT(1636387578849 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 30851
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 jquery.greybox.js Show response
premier.ticketek.com.au/js/ 8 KB
3 KB 41ms
34ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.greybox.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d9925c1bef157e46012e2fb2dca5ac809e0c2ac2f15c28928974a495a48ee74f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752516-38750971 2CNN RT(1636387578852 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 2735
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 jquery.cookie.js Show response
premier.ticketek.com.au/js/ 2 KB
942 B 47ms
37ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.cookie.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e30a48a7615ba27b3d0f38babb6462da2e80f208d98b2baf8f6764b00f2a4066

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752517-38751407 2CNN RT(1636387578855 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 814
expires: Mon, 08 Nov 2021 16:56:03 GMT

GET
H2 200 jquery.session.js Show response
premier.ticketek.com.au/js/ 2 KB
875 B 48ms
38ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.session.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: adc9f82fae77ea36e1f5ce4eae85110c306819e19cac85b12ab0f19130e87a85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752518-38748910 2CNN RT(1636387578856 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 771
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 jquery-ui.js Show response
premier.ticketek.com.au/js/ 317 KB
77 KB 48ms
38ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery-ui.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 83b58afaf830ba51130ea7072344887fba421f8e0518686a49a89837f010c559

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752519-38750973 2CNN RT(1636387578858 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2986, public
content-length: 77998
expires: Mon, 08 Nov 2021 16:56:05 GMT

GET
H2 200 jquery.formatCurrency-1.3.0.pack.js Show response
premier.ticketek.com.au/js/ 3 KB
1 KB 47ms
38ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.formatCurrency-1.3.0.pack.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2d3e82a60eaa972e5fafba6741ac1357f01fa898f24fbe822058d19af621e16d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752520-38751407 2CNN RT(1636387578860 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2986, public
content-length: 1186
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 Modernizr.js Show response
premier.ticketek.com.au/js/ 9 KB
4 KB 48ms
38ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/Modernizr.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 705ff70b643e209c697f93f0c42c84ea6dd64e35e9fead0caa1bc91bb60065d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752521-38752469 2CNN RT(1636387578861 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 4197
expires: Mon, 08 Nov 2021 16:56:03 GMT

GET
H2 200 Softix.Resources.js Show response
premier.ticketek.com.au/js/ 842 B
441 B 49ms
40ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/Softix.Resources.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6dcacfbeaa0e51a7ebd11eb147f18bf2263185e8620662020bafa6b9833ac895

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752522-38748910 2CNN RT(1636387578863 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 337
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 softixCommon.js Show response
premier.ticketek.com.au/js/ 83 KB
18 KB 69ms
60ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softixCommon.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda-20210406
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c469f91bb3f5547f5e8f8feb99fe3d2c98c68f7d7ddcb2c4a4aab7447d588c53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752523-38750971 2CNN RT(1636387578864 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 18075
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 softix.crypto.js Show response
premier.ticketek.com.au/js/ 7 KB
3 KB 52ms
43ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softix.crypto.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ddc90c6bde8cd1e78fa0c373dbf664b3ed4becf7e1224fe5510d96c46b17874a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752524-38751407 2CNN RT(1636387578866 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 3158
expires: Mon, 08 Nov 2021 16:56:03 GMT

GET
H2 200 softix.analytics.js Show response
premier.ticketek.com.au/js/ 68 KB
14 KB 56ms
46ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softix.analytics.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c716b112c1f0deb92f52c52b6dc7502e4ac57a304c49a23609c39781a7e586f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752525-38751408 2CNN RT(1636387578867 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2986, public
content-length: 13956
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 accessibleseating.js Show response
premier.ticketek.com.au/js/ 1 KB
681 B 65ms
55ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/accessibleseating.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 93ab49bc6238f0f6212d5942e6c52be7eae398e84bd9d748803836199d0746e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752526-38748910 2CNN RT(1636387578869 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2985, public
content-length: 577
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 addmorebutton.js Show response
premier.ticketek.com.au/js/ 914 B
588 B 69ms
59ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/addmorebutton.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8b4a3652a32257df76398a8a4ab832a050423b7825fa33ab97366e0d83dd4862

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752527-38751407 2CNN RT(1636387578870 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2986, public
content-length: 484
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 facevaluefee.js Show response
premier.ticketek.com.au/js/ 283 B
343 B 70ms
61ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/facevaluefee.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 34fe739dc619a4c6ba22e594e4d52f330b964918a25f59f145b9fcfb387998e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752528-38752469 2CNN RT(1636387578872 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2986, public
content-length: 218
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 paymentfixes.js Show response
premier.ticketek.com.au/js/ 3 KB
661 B 74ms
65ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/paymentfixes.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f9c39680773790fb7a554a7f9a70238e4a521cc3d8d8c82641d37c69cc740630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752529-38752469 2CNN RT(1636387578874 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=2986, public
content-length: 557
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 socialdistancing.js Show response
premier.ticketek.com.au/js/ 3 KB
1 KB 79ms
70ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/socialdistancing.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d86885dfb06ed30648930452190eb91c85fe8a86c863c348078b1a8d48b81426

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752530-38752469 2CNN RT(1636387578876 0) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=2985, public
content-length: 1293
expires: Mon, 08 Nov 2021 16:56:03 GMT

GET
H2 200 softix.analytics.adobewebtracking.js Show response
premier.ticketek.com.au/js/ 468 B
425 B 86ms
77ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softix.analytics.adobewebtracking.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e618c75852d3d3774a9ed489de8390b61fefa3730385d1fd71a3ae9718797b69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752531-38751408 2CNN RT(1636387578877 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=2986, public
content-length: 322
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 jsencrypt.min.js Show response
premier.ticketek.com.au/js/ 56 KB
17 KB 86ms
77ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jsencrypt.min.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6f2f152b570d71ee4cbbe1274bfee67a7cb5193c7ab311ace97034ecfb947624

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752532-38751407 2CNN RT(1636387578879 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=2986, public
content-length: 17207
expires: Mon, 08 Nov 2021 16:56:04 GMT

GET
H2 200 affiliate.js Show response
premier.ticketek.com.au/js/ 561 B
433 B 89ms
80ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/affiliate.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 94f301476f6e3bad1a2ac0c21895e078c1dbecf29d2a50dfad998c493b6eda0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752533-38752469 2CNN RT(1636387578881 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=2985, public
content-length: 316
expires: Mon, 08 Nov 2021 16:56:03 GMT

GET
H2 200 messages_en.js Show response
premier.ticketek.com.au/js/ 17 KB
5 KB 89ms
81ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/messages_en.js?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 54977bd28e95c5d7f9aa476648978d4805fb1fbc7e56b4e3d8a4055d225919f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:40 GMT
x-cdn: Imperva
etag: "0c4ae3f53d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752534-38751408 2CNN RT(1636387578883 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=15584, public
content-length: 4855
expires: Mon, 08 Nov 2021 20:26:02 GMT

GET
H2 200 louderAdUnits.js Show response
premier.ticketek.com.au/themes/anz-1/js/ 18 KB
3 KB 97ms
78ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/themes/anz-1/js/louderAdUnits.js?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d0195a5a14c496c88b66f39b4bc500d41da7d1678814868f3671a52801645b9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:40 GMT
x-cdn: Imperva
etag: "0c4ae3f53d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752535-38752469 2CNN RT(1636387578886 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=15584, public
content-length: 2833
expires: Mon, 08 Nov 2021 20:26:02 GMT

GET
H2 200 ecal-widget.js Show response
premier.ticketek.com.au/js/custom/ 7 KB
2 KB 118ms
99ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/custom/ecal-widget.js?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 09ca096b5dcefed31369c823f65ebb9b2836844fa0d5a6b9b4f97cb6625b0675

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752536-38752469 2CNN RT(1636387578888 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=15584, public
content-length: 2041
expires: Mon, 08 Nov 2021 20:26:02 GMT

GET
H2 200 main.js Show response
premier.ticketek.com.au/assets/scripts/ 4 KB
1 KB 118ms
99ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/assets/scripts/main.js?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c991e57593efb95800ba1166ed6469e36146fcb1859566c8134964b3dde2eda1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752538-38727714 2CNN RT(1636387578892 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=15584, public
content-length: 1107
expires: Mon, 08 Nov 2021 20:26:02 GMT

GET
H2 200 stay22-map-widget.js Show response
premier.ticketek.com.au/js/custom/ 4 KB
2 KB 118ms
99ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/custom/stay22-map-widget.js?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: aaba6ddd7b3595332d3ba69f3b1ec88f6229d7277d0a71108f76c189c19614eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752539-38751408 2CNN RT(1636387578894 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=15584, public
content-length: 1874
expires: Mon, 08 Nov 2021 20:26:02 GMT

GET
H2 200 zendesk.js Show response
premier.ticketek.com.au/js/custom/ 578 B
434 B 118ms
100ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/custom/zendesk.js?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 55d44cd61ee84c79e7d910fc9c7c498fef7a6231efc1f343dba333d2246559d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752540-38752469 2CNN RT(1636387578896 0) q(0 1 1 -1) r(1 1) U18
cache-control: max-age=15584, public
content-length: 330
expires: Mon, 08 Nov 2021 20:26:02 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 100ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=b5f04b59-a9b6-433a-9db0-27be35227c83

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 5MSK7F8NQ060TST2
x-amz-id-2: pH2ZqG9sa2d7K4b0opVKs7NiM7vGVyAUD+ozIzoi9tndEM+AMaIJgd6EHRmwBRQeC9eyCEv8xGk=
last-modified: Wed, 09 Jun 2021 00:08:59 GMT
server: cloudflare
etag: W/"cc904f41324148b571599b3b02fdec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21jWmT8VSi%2FEPa1cPZIwxH6rwnLD96NqDDAsBMj8wW1r20lGDMZW4gLo6%2BU9p3kTZG7Y%2FonRu3JyE4SLbCEp0ckOvxWYlPUaMakMK3F1XGXe%2FjbMrPCvN9Mxpecn9DNoLvLNyzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray: 6ab00c45aea33622-MAN

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/ 54 KB
15 KB 36ms
17ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 6618294
cdn-cachedat: 2021-07-24 16:49:46
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ea0e59c64b36fd25e890a73758a118a4
cf-ray: 6ab00c455af805b7-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 custom-scripts.js Show response
premier.ticketek.com.au/js/ 6 KB
2 KB 121ms
103ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/custom-scripts.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: dc896af2c2c6ce8a2aa36619e5327e4e4e13830ad8670724d0a6e35687f2aa33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752541-38751408 2CNN RT(1636387578899 0) q(0 1 1 -1) r(1 1)
cache-control: max-age=2005, public
content-length: 1907
expires: Mon, 08 Nov 2021 16:39:43 GMT

GET
H2 200 jquery-calendar.js Show response
premier.ticketek.com.au/js/ 21 KB
6 KB 117ms
100ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery-calendar.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c1d384b1facfbbc3813492b60aa7fff6447b6db9253abe821043bd204ad5bc5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752542-38750971 2CNN RT(1636387578901 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5223, public
content-length: 5680
expires: Mon, 08 Nov 2021 17:33:21 GMT

GET
H2 200 ios7ipad.js Show response
premier.ticketek.com.au/js/ 239 B
304 B 120ms
104ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/ios7ipad.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f36407993e16efb421a47f0915c29eb0c3171c99051ab7bb0810ba5869b315f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752543-38748679 2CNN RT(1636387578903 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5229, public
content-length: 163
expires: Mon, 08 Nov 2021 17:33:27 GMT

GET
H2 200 AC_RunActiveContent.js Show response
premier.ticketek.com.au/js/ 2 KB
1 KB 123ms
106ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/AC_RunActiveContent.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 363da08842b371b115aed72a5eb403e1bea447df77d1a1f3892bab6cc4f759fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752544-38752469 2CNN RT(1636387578905 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5226, public
content-length: 906
expires: Mon, 08 Nov 2021 17:33:24 GMT

GET
H2 200 jquery.transit.min.js Show response
premier.ticketek.com.au/js/ 8 KB
3 KB 123ms
107ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.transit.min.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752545-38727714 2CNN RT(1636387578907 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5226, public
content-length: 2753
expires: Mon, 08 Nov 2021 17:33:24 GMT

GET
H2 200 JCalendar.css
premier.ticketek.com.au/css/ 3 KB
1 KB 114ms
98ms Stylesheet
text/css 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/css/JCalendar.css?060819
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1dc7dc002e2016f0628dc8262d8a803a5d7a0db57055a3e8cecdf7b1c948ba9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: text/css
x-iinfo: 3-38752546-38727714 2CNN RT(1636387578909 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5234, public
content-length: 959
expires: Mon, 08 Nov 2021 17:33:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 416 B
382 B 44ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Waiting+for+the+Sunrise

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22be3b608d348c6fde6943128b3b85d447800263df2f30629026930384ae0b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 16:06:19 GMT
server: ESF
date: Mon, 08 Nov 2021 16:06:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 08 Nov 2021 16:06:19 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
6 KB 145ms
43ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718, 718
age: 17251160
cdn-cachedat: 2021-04-23 01:57:02
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: bc98edc0feb133441927eb4a27a7732a
cf-ray: 6ab00c45ec6cf91f-MXP
cdn-requestcountrycode: IT
cdn-requestpullsuccess: True

GET
H2 200 softix.braze.js Show response
premier.ticketek.com.au/js/ 8 KB
3 KB 128ms
112ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softix.braze.js?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 307b9dbbe788513d426415296a1a0651d4aeb628e81cfa2873f32e8766c296f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752549-38750971 2CNN RT(1636387578920 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=15584, public
content-length: 2431
expires: Mon, 08 Nov 2021 20:26:03 GMT

GET
H2 200 auOnly.css
premier.ticketek.com.au/css/ 96 B
248 B 113ms
97ms Stylesheet
text/css 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/css/auOnly.css?060819
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 249f06a35cb2786148c66d93b37f2173b54f6afc7e196d5e7500f2e1dba0ad79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: text/css
x-iinfo: 3-38752547-38750971 2CNN RT(1636387578911 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5259, public
content-length: 108
expires: Mon, 08 Nov 2021 17:33:57 GMT

GET
H2 200 presale.js Show response
premier.ticketek.com.au/js/ 4 KB
1 KB 134ms
118ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/presale.js?v=130809
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 39ac6d1ed483472b163f001f9d17806fc32db5066145fade59f7f5644c963fdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752551-38748679 2CNN RT(1636387578923 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5241, public
content-length: 940
expires: Mon, 08 Nov 2021 17:33:39 GMT

GET
H2 200 jquery.expander.js Show response
premier.ticketek.com.au/js/ 8 KB
3 KB 135ms
119ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.expander.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7d4a5ffa515caf0f5eae323a4d72c65f36c6de7ef722badcaaa832c7e2395572

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752552-38727714 2CNN RT(1636387578925 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5239, public
content-length: 2955
expires: Mon, 08 Nov 2021 17:33:37 GMT

GET
H2 200 jquery.session.js Show response
premier.ticketek.com.au/js/ 2 KB
872 B 135ms
120ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.session.js?150817
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: adc9f82fae77ea36e1f5ce4eae85110c306819e19cac85b12ab0f19130e87a85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752553-38734237 2CNN RT(1636387578926 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5239, public
content-length: 771
expires: Mon, 08 Nov 2021 17:33:37 GMT

GET
H2 200 accordion.js Show response
premier.ticketek.com.au/js/ 406 B
361 B 136ms
121ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/accordion.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ad4bbdb8bc104ad6e09cf76b9f9725eb9d74cef7d3d8e9d593bd60c5bfb46dee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752554-38750971 2CNN RT(1636387578928 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5236, public
content-length: 221
expires: Mon, 08 Nov 2021 17:33:34 GMT

GET
H2 200 swfobject.js Show response
premier.ticketek.com.au/js/ 6 KB
2 KB 135ms
120ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/swfobject.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f9d6eafcb51142ebbffdf3fdcd4643607b85b32c39987f1b6677396808cb9904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752555-38752469 2CNN RT(1636387578931 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5239, public
content-length: 1998
expires: Mon, 08 Nov 2021 17:33:37 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/1.5.1/ 2 KB
1 KB 118ms
69ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/1.5.1/js.cookie.min.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7037190c446071a76c7adb272153f34d1366a185c269c2c4d86b8c5f042564c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7071502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 729
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guLnfuqbO6sL1vF1t5iIJWmOGgrszwyXOtjy8hQLnFapuWda99TzHUPskyvrglR8znO0skoaM7ZQUQqy0v8W3ZKcVXgxsuNYWsVrM%2FEMGTS5lmypXTNVNzoJ5YENo1Qg2OIFembD%2F2U6uzVVvox%2BeHMV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab00c45bdae59d7-MXP
expires: Sat, 29 Oct 2022 16:06:19 GMT

GET
H2 200 WebResource.axd Show response
premier.ticketek.com.au/ 16 KB
4 KB 127ms
112ms Script
application/x-javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZB9yQQAH4aPm3RiCoAfdV4b7u5ZhZhVea3BiG1n5SpFKwAAVDA2&t=637322313357241717
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6924ff420cfd645667ff37d1b972f5a1412933427985f171eff1c011e06c3e9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 03:35:35 GMT
x-cdn: Imperva
content-type: application/x-javascript
x-iinfo: 3-38752556-0 0CNN RT(1636387578933 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=30295254, public
content-length: 4019
expires: Tue, 25 Oct 2022 07:27:12 GMT

GET
H2 200 ScriptResource.axd Show response
premier.ticketek.com.au/ 188 KB
40 KB 127ms
113ms Script
application/x-javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/ScriptResource.axd?d=yeSNAJTOPtPimTGCAo3LlUCn3jRAZse2oM66xWzIxAcji5d9C_LdDtq6B5LriTei2acIJl0gxT-6cUgzk3axgYD-GIx8SEt8Xj9frxf2FQTojZVo0&t=ffffffffec54f2d7
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a4904d50e40ada4976f45101cf460a93eb83a7e2feca91712e46ad622457e2e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 07:27:11 GMT
x-cdn: Imperva
content-type: application/x-javascript
x-iinfo: 3-38752557-0 0CNN RT(1636387578935 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=30295253, public
content-length: 40877
expires: Tue, 25 Oct 2022 07:27:11 GMT

GET
H2 200 ScriptResource.axd Show response
premier.ticketek.com.au/ 59 KB
12 KB 133ms
119ms Script
application/x-javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/ScriptResource.axd?d=DT3YJR8QaqV61-teuz0hglxhnid0W6BxGXYeDtIrFp6DOLbHXqrJwMlq_Ma5QqCtvGke5Xq0ToTh4S-opqGiw6Dpjj0DEE3yxO4UqMSCrP6wFymiZpje7DiHOYgzWtOKtZoCcg2&t=ffffffffec54f2d7
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 009c5e73bf6b01d1c8ed3dcb7da2ba322fa6edf5561c3b5eecbb339cea98ec60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 12:43:13 GMT
x-cdn: Imperva
content-type: application/x-javascript
x-iinfo: 3-38752558-0 0CNN RT(1636387578937 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=30314215, public
content-length: 11747
expires: Tue, 25 Oct 2022 12:43:13 GMT

GET
H2 200 jquery-ui.js Show response
premier.ticketek.com.au/js/ 317 KB
76 KB 135ms
121ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery-ui.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 83b58afaf830ba51130ea7072344887fba421f8e0518686a49a89837f010c559

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752559-38748679 2CNN RT(1636387578939 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5227, public
content-length: 77998
expires: Mon, 08 Nov 2021 17:33:25 GMT

GET
H/1.1 200
OK SmartPlayerAPI.js Show response
sadmin.brightcove.com/js/api/ 24 KB
6 KB 84ms
8ms Script
application/x-javascript 104.92.103.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sadmin.brightcove.com/js/api/SmartPlayerAPI.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.92.103.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-103-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

94942fad1063c2770548acc8fdc17cf8eaadc13738178d70dbd0d408d590e778

Security Headers

Name	Value
Strict-Transport-Security	max-age=3156000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jan 2014 21:32:56 GMT
Server: AkamaiNetStorage
ETag: "6066d423027073d6bc4740c234acb3f1:1390512780"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Strict-Transport-Security: max-age=3156000
Accept-Ranges: bytes
Content-Length: 5337

GET
H/1.1 200
OK BrightcoveExperiences.js Show response
sadmin.brightcove.com/js/ 48 KB
12 KB 85ms
10ms Script
application/x-javascript 104.92.103.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sadmin.brightcove.com/js/BrightcoveExperiences.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.92.103.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-103-28.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3156000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 15:36:45 GMT
Server: AkamaiNetStorage
ETag: "08117b928b93481e76c055da3748401b:1528299406"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: max-age=300
Strict-Transport-Security: max-age=3156000
Accept-Ranges: bytes
Content-Length: 12140

GET
H2 200 Video.js Show response
premier.ticketek.com.au/js/ 9 KB
2 KB 143ms
129ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/Video.js?d=030620
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7720981f81c85f561162dd8889c443a22fca70e71e8d828170b68bfc26661540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752560-38751408 2CNN RT(1636387578951 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5227, public
content-length: 2330
expires: Mon, 08 Nov 2021 17:33:25 GMT

GET
H/1.1 200
OK Ticketek-Logo-White.svg
d35kvm5iuwjt9t.cloudfront.net/images/ 2 KB
2 KB 35ms
7ms Image
image/svg+xml 13.32.118.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35kvm5iuwjt9t.cloudfront.net/images/Ticketek-Logo-White.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-82.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 273e6b9c3a93e545186527784a7ef95553b9e3c4f62a64e77638ca3d64b1d4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 20:41:04 GMT
Content-Encoding: gzip
Age: 7673117
Transfer-Encoding: chunked
x-amz-meta-sha256: 273e6b9c3a93e545186527784a7ef95553b9e3c4f62a64e77638ca3d64b1d4b4
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 07 Sep 2020 03:54:00 GMT
Server: AmazonS3
ETag: W/"cc24d34f951bd50165324b5086e032d2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: N3VTOwFKepHU2e6UHIHv5ktwoR8z12BHW__lwQ8EWmgqSeD0XYH0ow==
x-amz-meta-s3b-last-modified: 20200907T035304Z

GET
H2 200 sessionTimer.js Show response
premier.ticketek.com.au/js/ 5 KB
2 KB 21ms
21ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/sessionTimer.js?5.22.50.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e19c8dde41a783c0f2ee3e1dab10648155511602eae9ef896e3ab2ad9b244339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752565-38751408 2CNN RT(1636387579024 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=15584, public
content-length: 1620
expires: Mon, 08 Nov 2021 20:26:02 GMT

GET
H2 200 RegionSelector.js Show response
premier.ticketek.com.au/js/ 802 B
431 B 21ms
21ms Script
application/javascript 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/RegionSelector.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f3613a8d1372261cb74d2a8b53eb117e32f8fdd2e3d9d72141610f06f9292d15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-38752566-38751408 2CNN RT(1636387579048 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5211, public
content-length: 291
expires: Mon, 08 Nov 2021 17:33:10 GMT

GET
H/1.1 200
OK sfx255479.jpg
d35kvm5iuwjt9t.cloudfront.net/dbimages/ 822 KB
823 KB 18ms
18ms Image
image/jpeg 13.32.118.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35kvm5iuwjt9t.cloudfront.net/dbimages/sfx255479.jpg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-82.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e857e5990cf935c75f0a98a99d822f0d74c4edd21e4a467c02eab5239d99312d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 22:54:19 GMT
Via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
Last-Modified: Mon, 01 Mar 2021 05:35:25 GMT
Server: AmazonS3
Age: 1271522
ETag: "21e683919091eb95adbf890f68fe53a7"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 841862
X-Amz-Cf-Id: nZa6eF2hxwUFravSFfHxot32TWrSEHtKo0xSF6PNcK5Yf1zsMzVLdA==

GET
H/1.1 200
OK sfx255477.jpg
d35kvm5iuwjt9t.cloudfront.net/dbimages/ 95 KB
95 KB 16ms
16ms Image
image/jpeg 13.32.118.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35kvm5iuwjt9t.cloudfront.net/dbimages/sfx255477.jpg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-82.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3269b8735e94ac2d7913df38a851ed5a3925c0b2808fb25ffa36526d68791f17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 17 Oct 2021 22:41:29 GMT
Via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
Last-Modified: Mon, 08 Feb 2021 21:22:46 GMT
Server: AmazonS3
Age: 1877092
ETag: "ff0cceb72332a2eab95868427d37361e"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 96858
X-Amz-Cf-Id: epEV9R12I6xgRPYL3cX_N9N9q2lvNeFcBUAYBxuUCh_oPSjDXElLFw==

GET
H2 200 Triangle.svg
premier.ticketek.com.au/images/ 1 KB
787 B 23ms
23ms Image
image/svg+xml 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/images/Triangle.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ad3a75fcf3e9fad91021b54bec0d081dc617672ca740fa1c485ade6df4f7ef41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:44 GMT
x-cdn: Imperva
etag: "01e114253d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-38752585-38752469 2CNN RT(1636387579456 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5331, public
content-length: 612
expires: Mon, 08 Nov 2021 17:35:10 GMT

GET
H2 200 stx-components.css
components.ticketek.com.au/dist/stx-components/ 8 KB
8 KB 211ms
9ms Stylesheet
text/css 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/stx-components.css
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a673f6d6d082cbe9a25f0f773a2540d24e7427856d8338dfebd2968bbeddb7a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:45:25 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:53 GMT
server: AmazonS3
age: 12056
etag: "90e75576b078c485d20f08e369ed460b"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 8144
x-amz-cf-id: JPOOm5fg27VrTnlQ1bJ972wtneO4SKpznR1g6cSG5MioR1r_5bZXrw==

GET
H2 200 stx-components.esm.js Show response
components.ticketek.com.au/dist/stx-components/ 25 KB
25 KB 56ms
33ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/stx-components.esm.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dbe746ee74ad352b603929570ba5f52f3b048053e98962b7946690d0ec5b54c

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:42:50 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:53 GMT
server: AmazonS3
age: 12211
etag: "fabde277405880a3bf0a9415715d0474"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 25127
x-amz-cf-id: WA47c7hte3kM1jg-U-0JyAjCxJ6AeC7Kz4iTT31eBBZHUmY2AtvmBA==

GET
H/1.1 200
OK sfx22235.jpg
d35kvm5iuwjt9t.cloudfront.net/dbimages/ 12 KB
13 KB 14ms
14ms Image
image/jpeg 13.32.118.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35kvm5iuwjt9t.cloudfront.net/dbimages/sfx22235.jpg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-82.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e93ef3381389ca9f0d65bd91de800196f481f4be33725bef9005c3cccc18450

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 16 Oct 2021 19:11:22 GMT
Via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
Last-Modified: Wed, 03 Mar 2021 00:43:32 GMT
Server: AmazonS3
Age: 1976099
ETag: "ddcc51ea2cc70ce49468ed603dc65d40"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 12764
X-Amz-Cf-Id: RBgRVrtd7f4cRplW1rnbNWD1CK2MoVf8omFEGtI2vhMg5P4nP2GVtQ==

GET
H2 200 facebook.svg
premier.ticketek.com.au/assets/images/icons/ 973 B
674 B 24ms
24ms Image
image/svg+xml 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/icons/facebook.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 58c436fa205315b39757504b283fa3cc7565d9966c18b09cb62f4e8a427a8670

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-38752589-38750973 2CNN RT(1636387579497 0) q(0 1 1 -1) r(1 1)
cache-control: max-age=5225, public
content-length: 533
expires: Mon, 08 Nov 2021 17:33:24 GMT

GET
H2 200 twitter.svg
premier.ticketek.com.au/assets/images/icons/ 1 KB
841 B 20ms
20ms Image
image/svg+xml 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/icons/twitter.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: bee9c546f0500189dc24f61b2c3ed05df0d2d989bf1891daba2fd293ba2f9cbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-38752590-38748679 2CNN RT(1636387579526 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5225, public
content-length: 740
expires: Mon, 08 Nov 2021 17:33:24 GMT

GET
H2 200 youtube.svg
premier.ticketek.com.au/assets/images/icons/ 1 KB
745 B 22ms
22ms Image
image/svg+xml 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/icons/youtube.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ce0277a9b955f3751687dc240a6221d7e5ae38353974d790c06e6abb154357d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-38752596-38750973 2CNN RT(1636387579550 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5225, public
content-length: 621
expires: Mon, 08 Nov 2021 17:33:24 GMT

GET
H2 200 instagram.svg
premier.ticketek.com.au/assets/images/icons/ 1 KB
669 B 21ms
21ms Image
image/svg+xml 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/icons/instagram.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9400d1b122f8baa0c73c03abdc8007a2fe5780b64e33cc5faf3b5c2c15f6e020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-38752597-38752469 2CNN RT(1636387579572 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5226, public
content-length: 551
expires: Mon, 08 Nov 2021 17:33:25 GMT

GET
H2 200 google-play-badge.png
premier.ticketek.com.au/assets/images/badges/ 4 KB
4 KB 20ms
20ms Image
image/png 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/badges/google-play-badge.png
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 48d1bf407ff7c247b27eff6eb1e2550b626e688807d353cdeae95c526e33c4e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/png
x-iinfo: 3-38752601-38748679 2CNN RT(1636387579594 0) q(0 0 0 -1) r(1 1)
cache-control: max-age=5324, public
content-length: 3763
expires: Mon, 08 Nov 2021 17:35:03 GMT

GET
H2 200 app-store-badge.png
premier.ticketek.com.au/assets/images/badges/ 2 KB
3 KB 21ms
21ms Image
image/png 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/badges/app-store-badge.png
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f070276771bf2bdfac5e7eff25db4361eebd2f38167df4d1974dac562932be47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/png
x-iinfo: 3-38752604-38748679 2CNN RT(1636387579616 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5381, public
content-length: 2435
expires: Mon, 08 Nov 2021 17:36:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 390 KB
112 KB 72ms
49ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N79SLR

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b00e1d782b3fdbe3d81c3e9ba8649c1e77b625dc968b6e46e7a4e3213e0cacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114368
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Nov 2021 16:06:20 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/themes/anz-1/js/louderAdUnits.js?5.22.50.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ccf827ffd5452b891e6219a9d3be8222aea9ab9d2277bfb9cf06e745dc2159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1037 / 731 of 1000 / last-modified: 1636373146"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27113
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 08 Nov 2021 16:06:20 GMT

GET
H2 200 appboy.min.js Show response
js.appboycdn.com/web-sdk/3.1/ 183 KB
49 KB 144ms
58ms Script
application/javascript 2606:4700:10::ac43:7e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/3.1/appboy.min.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/js/softix.braze.js?5.22.50.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:7e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad2e6bb3ac10b4da6dd0f1985d87364af3aa1a0dba6e88b749e38f4207f6ec7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 00:22:35 GMT
server: cloudflare
age: 1687
etag: W/"1c3631b60e0fed888d7a4fcedb3e0448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6ab00c4c382ae8fb-MXP
x-amz-request-id: J9X26BAF89AC336E
x-amz-id-2: cW5yztcGSC4OyPygP5ExexIPAN9IP+o9CiI0LF6Jdt//h5tmQSPDhaAAFmBpvsHSEVdpHFzo+tQ=

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f85b96e840c95038b19f71bdd8ea63d99c5305b51b1a4b298353091893e61ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VE3tejMEt5HSg9bGeb+4NQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: whZH02+3Sh4V1zPs3xGONQpGM5CaNujSzTmYIs60ZnFQe+fd5MTYEd1kljySGJ2OhbC0jKVkqgd1y5So2V/Uow==
x-fb-trip-id: 686109401
x-fb-content-md5: c27d2cdc8bcca02d84f899e92fca6780
x-frame-options: DENY
date: Mon, 08 Nov 2021 16:06:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6e43d6a9dad2b0934fecfa841c1832cb"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 08 Nov 2021 16:22:23 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v114/ 114 KB
114 KB 45ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v114/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 00:16:28 GMT
x-content-type-options: nosniff
age: 575392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116484
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 00:08:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 00:16:28 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 36 KB
36 KB 63ms
28ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:53:07 GMT
x-content-type-options: nosniff
age: 378793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37056
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:48:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 06:53:07 GMT

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 101 B
202 B 35ms
35ms Other
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=es6%2Ces7?features=es6%2Ces7

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 780049
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sat, 30 Oct 2021 02:49:55 GMT
date: Mon, 08 Nov 2021 16:06:20 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 b5f04b59-a9b6-433a-9db0-27be35227c83 Show response
ekr.zdassets.com/compose/ 343 B
980 B 288ms
213ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/b5f04b59-a9b6-433a-9db0-27be35227c83

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b5f04b59-a9b6-433a-9db0-27be35227c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bdcfc8933f92c9784de32290b9b79e673c60c067c66cea86de0170f89130ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: af64fdcd-2ec4-49b3-9084-408da04b6b68
x-runtime: 0.002649
server: cloudflare
etag: W/"5bdcfc8933f92c9784de32290b9b79e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCCOe1yeit2SKIbY6jvHMDLojhXkFqo2%2FDuVg9ycg8ak%2FdAhyEVE24SEaGV1C%2FLqcwYJDEA%2F9Q3ydNnlKx2f8m9aUCraS7XcTymqX1ZaMCEW9NeFNQv%2F%2FxgGUY%2BqS%2BELbI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6ab00c4c9bd93607-MAN

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 271 KB
77 KB 28ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=9b5c02760a2151da65744951df866363

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e63bbd058713fa36c455833be8b97850e9857257d2247990e328856241329307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /T8y93QZlyRDuTSotIB6kA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78126
x-fb-rlafr: 0
x-fb-debug: FMZ0vISix46zbsYQfumDZqS1VdUuf+3VdjoYtKGPHgrjnN6t3VMb36Zr4+6q3WeM0npAyVtr4jgThdMTM8xJbg==
x-fb-trip-id: 686109401
x-fb-content-md5: 57c5f791d0a55df113d6a60eedb5a91a
x-frame-options: DENY
date: Mon, 08 Nov 2021 16:06:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "43e1b5c557fd1dbfd958d511c3c83da3"
timing-allow-origin: *
expires: Tue, 08 Nov 2022 16:02:24 GMT

GET
H2 200 index-fa13c2ff.js Show response
components.ticketek.com.au/dist/stx-components/ 127 KB
128 KB 16ms
15ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 898caace438a9925e895e871dd44cc56b1a8143ea77535a1e4caa5f6b553edfb

Request headers

Referer: https://components.ticketek.com.au/dist/stx-components/stx-components.esm.js
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:45:26 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:52 GMT
server: AmazonS3
age: 12055
etag: "705bcf5f3b1abcbf744ebcb08e76989a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 130503
x-amz-cf-id: ux-QBJmMaOiQEA6bdIlL7YgecIf_qwQmInZsY50Yvy_cO2mMR9FTqw==

GET
H2 200 app-globals-0f993ce5.js Show response
components.ticketek.com.au/dist/stx-components/ 64 B
507 B 16ms
16ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/app-globals-0f993ce5.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb534efe547cb9d9ba2853d713e575e0ca10c4f154733406372df2bb40514f80

Request headers

Referer: https://components.ticketek.com.au/dist/stx-components/stx-components.esm.js
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:45:26 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:43 GMT
server: AmazonS3
age: 12055
etag: "8372a2a3eccde49725077fdf00761935"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 64
x-amz-cf-id: y2VGA4M0T1hZO6QYSoqbqWF4k-AaIlrxJX0tLPg2ZHw0zHFHybfIFg==

GET
H2 200 angel-arrow-down.svg
premier.ticketek.com.au/images/icons/ 349 B
401 B 26ms
25ms Image
image/svg+xml 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/images/icons/angel-arrow-down.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/assets/css/main.css?5.22.50.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 4df3d519156036cf37a97d62b2344e99f37581584f9f6350b463675007be4ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/assets/css/main.css?5.22.50.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:44 GMT
x-cdn: Imperva
etag: "01e114253d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-38752638-38748966 2CNN RT(1636387579961 0) q(0 0 0 -1) r(0 0)
cache-control: max-age=5224, public
content-length: 256
expires: Mon, 08 Nov 2021 17:33:23 GMT

GET
DATA 200
OK truncated
/ 571 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 049587ac10f7ead90ad4654a2851cf4489cd8bd37a63487ffc1e06737aacbe49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
64 KB 18ms
18ms Font
font/woff 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 8051126
cdn-cachedat: 2021-07-24 16:51:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65452
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fdd196ce873f129de33a96160568e943
accept-ranges: bytes
cf-ray: 6ab00c4c38c605b7-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
117 KB 46ms
21ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 08 Nov 2021 16:06:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 103 B
729 B 39ms
16ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=premier.ticketek.com.au

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

48cbe7bf69de732b7c252c9ad6074b4add98138de314100a0ca2e7e4f1c0422c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Nov 2021 16:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Mon, 08 Nov 2021 16:06:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N79SLR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 315
date: Mon, 08 Nov 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 08 Nov 2021 18:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: iVF6lIlxJUwuxwxdHKOVtIO0ehvMoBCXHKV4lwHLUyIsd3kuPJH7IW8fHtiqs78RlcWa9e6yiQ9I0siMT+WPJg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 08 Nov 2021 16:06:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2141843.js Show response
static.hotjar.com/c/ 7 KB
3 KB 69ms
39ms Script
application/javascript 52.222.236.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2141843.js?sv=6

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-73.fra56.r.cloudfront.net

Software

Resource Hash

5d5b1ea4c1536377d03428fcc189483865d1aa0a48323e7d4c3b96c70a6c743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P4
etag: W/8786de4dfe4f7ae9452d5671b2b6b6af
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cgIxuhY0TYKGTaNcb9Ad_GPttI39L0QGipatJdFrQJ4V88VLCb7gEw==
via: 1.1 934706f40ffde6f857deae8d024c1193.cloudfront.net (CloudFront)

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
1 KB 37ms
16ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.1/appboy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5615
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: MWFFP00J4FN56JFH
x-amz-id-2: 5/bOKr313dKi97KTRRannnbDKb5WWOZXzqOg4bws+qaziPjRH+6pNsddmlQ6sG5z8q6p2P5PBcA=
last-modified: Wed, 30 Jun 2021 21:14:33 GMT
server: cloudflare
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLLI%2Bb%2F45s5FAeupwfqBoDoUXtBqA4PaTtA45qnqYIgOv%2Bgbt0gVH9kJZVeLNx99uAmUOU%2B2R1CBz7TH9GalMKZ0VTHtlSV6XtsqZh157jtZDKoxDuVBSwD9NGSr7Epz%2F6PjA06UFyWx51Jc7rbrlGtC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 6ab00c4db81d4a80-FRA

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 152ms
123ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=266866476780552&input_token&origin=1&redirect_uri=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=9b5c02760a2151da65744951df866363

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 4ewjKSF486LmekztsN1UiR/VSxqoTIGyfWamXU8FVZ0ebIuLFFgrqP1UiZuzAIIHkJw2OKLhu6dvaylF2f2XOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Mon, 08 Nov 2021 16:06:21 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://premier.ticketek.com.au
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 stx-calendar.entry.js Show response
components.ticketek.com.au/dist/stx-components/ 30 KB
30 KB 10ms
10ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/stx-calendar.entry.js
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 429b519582f79000e449eb25975d7bc2aee63e2cfcce9202e50895ebcd0d37c4

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:16:11 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:53 GMT
server: AmazonS3
age: 10211
etag: "b4022784888fae3a2a09d2afd2f1fe4a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 30479
x-amz-cf-id: ZcGtt9TFtVUQFHDJmNC_DwqML8eWL7mofuUpHljHMbbhTu1F9xCXcQ==

GET
H2 200 stx-environment.entry.js Show response
components.ticketek.com.au/dist/stx-components/ 3 KB
3 KB 10ms
10ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/stx-environment.entry.js
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73b22182dec7ed7d86be8e57649eacbf04e639e602173bac53745a9470913455

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:42:52 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:53 GMT
server: AmazonS3
age: 12209
etag: "3b72819ba8c517edb1b817d761348679"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3075
x-amz-cf-id: 2nj-J0bPiQj7r3EplNCkqGDV4WjYWN19GFfjxEx5Zn79_vWo25cuIg==

GET
H2 200 stx-api.entry.js Show response
components.ticketek.com.au/dist/stx-components/ 8 KB
9 KB 11ms
11ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/stx-api.entry.js
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2573bf5bdb07e44f7336464acdc5e6df6eee42c7d6fd4e3489491d7db50ac869

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:42:52 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:53 GMT
server: AmazonS3
age: 12209
etag: "efead5ba9392aa668d42c96b61e56104"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 8615
x-amz-cf-id: OUEM7YVzX5p8vUWQEdR7ucQKCpT1gaclzUvH_nAXl5QhuhCNocJBnA==

POST
H2 201 / Show response
sdk.iad-06.braze.com/api/v3/data/ 1 KB
1 KB 180ms
179ms XHR
application/json 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.1/appboy.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bfe5c226625e2d4924ab0b70eb1a5cbece2d7d4e3a50964ace39a209bf2d9ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 35e9ff84-9413-4d1a-853b-5cdeba1dfdef
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: c35b93f7-619a-47c1-a988-7be81631845d
x-served-by: cache-hhn4030-HHN
x-runtime: 0.077495
server: nginx
x-timer: S1636387581.264869,VS0,VE173
etag: W/"bfe5c226625e2d4924ab0b70eb1a5cbe"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-06.braze.com/api/v3/data/ Frame 0
0 132ms
100ms Preflight 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Origin: https://premier.ticketek.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Mon, 08 Nov 2021 16:06:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn4030-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1636387581.163539,VS0,VE93
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 16ms
14ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/7f85a56ba4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10785538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYNR017DZMX3ZD5
x-amz-id-2: QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7zYyzgWfgKejw11lHraQC2Yj5BpATM18s3CvG4L46X8JQLl%2BquWN0q5VROywRrmmDWxTCb%2BH48QaXyq5sS5hwoRWwQ4S6dQnNEcCo%2FxstBWlh7KyXQ%2BSl%2FekboW4frrNkNeZixOwMJ6GUkEjkOeUfA%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6ab00c4e392e4a80-FRA

GET
H2 200 1615462762065567 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 144ms
143ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1615462762065567?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e44308861f5dbec0f708c01a42054ffb44a330afcf9f7bfc808f55db249fbca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: PPsBSt2B9wn2JmJSmTIKu3ptIYtSAM+I2BO6DmRH5Zr5/otlz18kpYT1dfx0D2DhUWfvhl9jrxhlGrirzH2HeQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 08 Nov 2021 16:06:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166 Show response
5164505.fls.doubleclick.net/ Frame FDC8
Redirect Chain

https://5164505.fls.doubleclick.net/activityi;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166?
https://5164505.fls.doubleclick.net/activityi;dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166?

444 B
523 B

18ms
18ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5164505.fls.doubleclick.net/activityi;dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166?

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/js/jquery/jquery-latest.min.js?5.22.50.0-4481-c33af573ab0b5e71e6023483b268b0e8705cceda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

6cf50b4a0ef54a0e82bbd12c54fe8e497fa1b3068d00c72306259bacbd4fe224

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 08 Nov 2021 16:06:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 08 Nov 2021 16:06:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5164505.fls.doubleclick.net/activityi;dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 86 KB
34 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PHMCZX3&t=gtm6&cid=1183430726.1636387581

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffc820fbf5792a9333fba7a74cc435f44361c698875a2854528592870d1c88a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34751
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 08 Nov 2021 16:06:21 GMT

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 64ms
27ms Font
application/font-woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/7f85a56ba4.css
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35315
cf-ray: 6ab00c4f5d1f3758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
x-amz-id-2: e+vJD3WQ/XT2NKYAyw2KPY7JxhpFIU0rQ29FKLG4g7wOlJv1QSXgd50oNbgT/eTh8Brn3gpUIfw=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Le2Ccp6%2BdsS0ufrJsD9ky7G5JQZGZ96EuarxtU%2Bzpv9%2BAbTlmwEbc2b54hcjBsL14fWY%2FGsnIfsuvbX%2BpUdAONL9jF4zxgwJ4a4igSfFOQWOR03v4Xl72tSpxtotNvh7JN2exColiAiGv1IkZbhMiL91"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: R0TWCBPQ2C7QDZTV
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: application/font-woff2

GET
H2 200 modules.d4630e91cffbd6b56a37.js Show response
script.hotjar.com/ 222 KB
59 KB 31ms
9ms Script
application/javascript 18.66.112.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d4630e91cffbd6b56a37.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2141843.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7282
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 59861
access-control-allow-origin: *
last-modified: Mon, 01 Nov 2021 08:24:59 GMT
etag: "fe2e85deda154f5a6e0e0112bec8a18c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: fV1cOU3-B7a-Aq3dav4MHmSi92nZeHHQEdDXoaD9oF3DoilRBrkomw==

GET
H2 200 index-acd58378.js Show response
components.ticketek.com.au/dist/stx-components/ 4 KB
5 KB 9ms
9ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/index-acd58378.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e04bdf79531824da7a9060598887eb8d08145dd84e4f433152ad915d30449f7c

Request headers

Referer: https://components.ticketek.com.au/dist/stx-components/stx-environment.entry.js
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:42:53 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:52 GMT
server: AmazonS3
age: 12208
etag: "e203ade511975960948d3098cf4d08dd"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 4213
x-amz-cf-id: mve9n9_JO-Xbjdh2Fh9hZWLEyl6B5aLtBWSjRJMgB07xnAI9XwU8RA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-43862537-1&cid=1183430726.1636387581&jid=562550335&gjid=739418957&_gid=1728837021.1636387581&_u=aGDAgEADQAAAAE~&z=704338249

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 08 Nov 2021 16:06:21 GMT
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
191 B 7ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 15:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3102
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-d09a446edefba0dcce5d5143e1840e9a.html Show response
vars.hotjar.com/ Frame 6FFA 2 KB
1 KB 25ms
7ms Document
text/html 143.204.215.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2141843.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-95.fra53.r.cloudfront.net
Software: /
Resource Hash: 69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "63e08f928469ab67d9dac30c065ed182"
last-modified: Mon, 01 Nov 2021 08:24:59 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: O2aD22BCjK41QOvD_jeoPVk4D_-zFt4C1NhRpjdbUFDut17ScRONiw==
age: 7270

GET
H2 200 web-widget-framework-3a2a8604b6c6deb9b732.js Show response
static.zdassets.com/web_widget/latest/ Frame 7D9D 288 KB
95 KB 49ms
49ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b5f04b59-a9b6-433a-9db0-27be35227c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f30a90487ac5a1f8c4105760122f768da0e1da53df698c1130a8365beb1a7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395485
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 9YZDRC792QHKKXEZ
x-amz-id-2: JCpuXloKBxs3BaT5w6DTGofSmMAetvA4JYpR+h0SUUqyywlu7sHzY5emlsdqzY4pltryRo855cs=
last-modified: Wed, 03 Nov 2021 22:16:22 GMT
server: cloudflare
etag: W/"2a16a8e19f7dbccb39fb77d83d2a14e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIn0Vn3VjhHuSCFoc0chHgBQm%2FXyDpi3TSKZ8iJ3UTUxINnmOeZI%2BhTEy1xPMHWzdPCvdLMvPn11wbvz%2BaPtONa3RVYj5vpBS8DY4%2Bi2DBvE8%2BAmKXkwTNK4LxXzvInQkeyfAg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: ydGGxK7TAx23NDRPG7kj.JqrKtiUwWrq
cf-ray: 6ab00c501b923622-MAN
expires: Thu, 03 Nov 2022 22:16:21 GMT

OPTIONS
H2 200 sync
sdk.iad-06.braze.com/api/v3/content_cards/ Frame 0
0 100ms
100ms Preflight 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Origin: https://premier.ticketek.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Mon, 08 Nov 2021 16:06:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn4030-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1636387581.453451,VS0,VE93
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 sync Show response
sdk.iad-06.braze.com/api/v3/content_cards/ 85 B
235 B 124ms
123ms XHR
application/json 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/content_cards/sync

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.1/appboy.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4259944a8b75a4bcc04474d2e2e90e01ad38b35c811ea8efee67ebb47a8f70aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 35e9ff84-9413-4d1a-853b-5cdeba1dfdef
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json
Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: f3681076-53f4-4c7b-833f-5fddcd4e4a24
x-served-by: cache-hhn4030-HHN
x-runtime: 0.026264
server: nginx
x-timer: S1636387582.554320,VS0,VE117
etag: W/"4259944a8b75a4bcc04474d2e2e90e01"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 original.jpg
braze-images.com/appboy/communication/marketing/slide_up/slide_up_message_parameters/images/6046fd8cd3d4dd2e7972f0cf/bca90458ea700a1fca731aee3be96786270fc23c/ 487 KB
488 KB 35ms
10ms Image
image/jpeg 151.101.65.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://braze-images.com/appboy/communication/marketing/slide_up/slide_up_message_parameters/images/6046fd8cd3d4dd2e7972f0cf/bca90458ea700a1fca731aee3be96786270fc23c/original.jpg?1615265167
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.208 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdc12f45116811f3496a07c7f9ee89d407fa74f0656735506298ff396488aec5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 2208278
x-cache: HIT, HIT
content-length: 498895
x-amz-id-2: ulHozVmurt3Mz0/cOLagUOSHp3iW8JrzOL0Ksj0VW2TfMUu1SFfoXE13OcOJtebG3vNV1YIwLUE=
server: AmazonS3
x-served-by: cache-bwi5154-BWI, cache-hhn4046-HHN
last-modified: Tue, 09 Mar 2021 04:46:09 GMT
x-ab-reg-test: yes
x-timer: S1636387581.480937,VS0,VE3
etag: "354cf5d77ae0e9f5ee357966435f698e"
access-control-allow-methods: GET
x-amz-request-id: 7AZB493PZ0QSCPCN
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: ab-app-group-id
x-cache-hits: 1, 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
228 B 9ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1615462762065567&ev=PageView&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&rl=&if=false&ts=1636387581147&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1636387581145.1182549193&it=1636387580812&coo=false&exp=p1&rqm=GET

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 08 Nov 2021 16:06:21 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166;~oref=https://premier.ticketek.com.au/ Frame 44C2 443 B
817 B 67ms
43ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166;~oref=https://premier.ticketek.com.au/

Requested by

Host: 5164505.fls.doubleclick.net
URL: https://5164505.fls.doubleclick.net/activityi;dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a747a192fb4230e35e2fd78447bb0129a3fd9222354449ccd11115d564023f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://5164505.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 08 Nov 2021 16:06:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 348
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 stx-calendar-inner.entry.js Show response
components.ticketek.com.au/dist/stx-components/ 33 KB
34 KB 9ms
8ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/stx-calendar-inner.entry.js
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f95dea9faaeab7adbeb9c89447bc058079522b7c870ed527c83b48680b4b547

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:16:13 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:53 GMT
server: AmazonS3
age: 10209
etag: "7769f058413a66a676ccf422586601dd"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 34214
x-amz-cf-id: 5eMibpPKXTnPRhon4SooXKjrnIf9SaQQdseVe2HRAxM4OWNKXbDGag==

GET
H2 200 config Show response
ticketek.zendesk.com/embeddable/ Frame 7D9D 473 B
1 KB 614ms
554ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1ad8fe752ae2a30c2a1d699d06035a25a0d9a126455a3aa0c76e611a0a0ad33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: embeddable-app-server-54876fd85-d6jsp
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 6ab00c51e9053b3d-NRT, 6ab00c51e9053b3d-NRT
x-runtime: 0.001838
last-modified: Mon, 08 Nov 2021 16:06:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcIm%2BEID%2BfM3xkSV%2BW391IY9kVG0zWymma%2BCaAlTRFSAD5%2BFP1Vff%2BDc9oXHqw%2F1qC0ofNkgUjQh7HToF0os7FMxmhTfTjX2fj52n77Glvtw9Ls4Trqd6NBZZTfjVYzB4VF6XvuH"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6ab00c51e9053b3d-CDG

POST
H2 200 u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra Show response
premier.ticketek.com.au/ 627 B
797 B 36ms
35ms Fetch
application/json 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra?d=premier.ticketek.com.au
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: 6f3bb7e125d927d916c578c006b2e087a49b612155d073b299d76d531a39e657

Request headers

Accept: application/json; charset=utf-8
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: gzip
server: connector
content-type: application/json
access-control-allow-origin: *
x-iinfo: 3-38752742-38752509 PNYN RT(1636387580938 0) q(0 0 0 -1) r(0 0) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=14.508108
x-cdn: Imperva

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166;~oref=https://premier.ticketek.com.au/ Frame 6FC5 194 B
870 B 71ms
44ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166;~oref=https://premier.ticketek.com.au/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKas_uOSifQCFUn9UQodeF4PUw;src=5164505;type=retar0;cat=au_fr0;ord=8841759639943.166;~oref=https://premier.ticketek.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 08 Nov 2021 16:06:21 GMT
expires: Mon, 08 Nov 2021 16:06:21 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 FROZEN21 Show response
premier.ticketek.com.au/api/events/ 24 KB
2 KB 457ms
456ms Fetch
application/json 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://premier.ticketek.com.au/api/events/FROZEN21

Requested by

Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/stx-api.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.230 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7f3e636bcdf07c23ef03477c34757c3ee388b9f3e898188225aadf87bd5b25b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 3-38752748-38752192 PNYN RT(1636387580987 0) q(0 0 0 -1) r(5 5) U2
cache-control: private, max-age=120
x-cdn: Imperva

GET
H2 200 availability Show response
premier.ticketek.com.au/api/events/FROZEN21/ 1 KB
919 B 638ms
637ms Fetch
application/json 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://premier.ticketek.com.au/api/events/FROZEN21/availability?monthOf=2021-11-01

Requested by

Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/stx-api.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.230 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c4e2db2860a5841d508dfb6692187433b561f577ffbc735d6f5cf946a3a947a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 3-38752749-38752750 NNYY CT(281 576 0) RT(1636387580990 0) q(0 0 0 -1) r(7 7) U2
cache-control: private, max-age=120
x-cdn: Imperva

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 08 Nov 2021 17:00:34 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 21ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N79SLR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

55aa0299a6b880ddee3b6e438a6e155730fca9eaf992e5e4ac105ca1de5f3312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14369
x-xss-protection: 0
server: cafe
etag: 15288909967828865177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Nov 2021 16:06:21 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
950 B 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 08 Nov 2021 16:32:30 GMT

GET
H2 200 ins.js Show response
ticketekau.api.useinsider.com/ 187 KB
55 KB 73ms
43ms Script
application/javascript 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N79SLR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c13488ad44fb3c979306129a36cdd21e4b75d58cdc6f55e9aebf5c0a114f242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 2900
x-amz-request-id: V814KX4JST54BSVD
x-amz-id-2: B8HiXIPeW/n0Z8AO9Mfkua7AfsQB+fvTJa84bURJJpqKN1+82XAb0NmxHrsW9BXWQUmfSITo8EI=
last-modified: Thu, 04 Feb 2021 09:58:50 GMT
server: cloudflare
etag: W/"a66eeb7c4a2df137cc9cf106204ffab9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-version-id: ehqZn5JzPG_DOImCWGdVAVdfua.sZ3NM
cf-ray: 6ab00c536fba435d-FRA
expires: Mon, 08 Nov 2021 16:11:22 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 6 KB
2 KB 131ms
35ms XHR
application/json 52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=495479CA584AB1B90A495EEA%40AdobeOrg&d_nsid=0&ts=1636387581590

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bc533f0ae1fb67dd88c186bb862fd84ab7efefcbb4bba2285b3729873846e9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v019-06a57b486.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: ijcNX6ZOTw0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://premier.ticketek.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1648
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1615462762065567&ev=ViewContent&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&rl=&if=false&ts=1636387581575&cd[content_name]=FROZEN21&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1636387581145.1182549193&it=1636387580812&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 08 Nov 2021 16:06:21 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
123 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=315238758&t=pageview&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&ul=en-us&de=UTF-8&dt=Frozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDACEArRAAAAG~&jid=1810675847&gjid=1054904621&cid=1183430726.1636387581&tid=UA-63445827-1&_gid=1728837021.1636387581&_r=1&gtm=2wgar0N79SLR&cd11=normal&cd12=advertising&cd13=FullShow&cd33=Normal%20Mode&cd35=0&cd37=New&cd38=1&cd39=5985fd17-cb99-42f0-b5c7-5428e534cad8&cd40=&pa=detail&pr1ca=MTHTRE%2FMUSICAL&pr1id=FROZEN21&pr1nm=Frozen%20the%20Musical&pr1cd5=MTHTRE&pr1cd6=MUSICAL&pr1cd7=normal&pr1cd8=available&pr1cd9=FROZENUM21&z=967686387

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=315238758&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&ul=en-us&de=UTF-8&dt=Frozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ShowPage%20M-Type&ea=MTHTRE%2FMUSICAL&el=FROZEN21&_u=aHDACEArRAAAAG~&jid=&gjid=&cid=1183430726.1636387581&tid=UA-63445827-1&_gid=1728837021.1636387581&gtm=2wgar0N79SLR&cd31=MTHTRE%2FMUSICAL&z=1217405504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 15:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3102
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
95 B 8ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=315238758&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&ul=en-us&de=UTF-8&dt=Frozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BrowseShow&ea=view%20%7C%20%2Fshows%2Fshow.aspx&el=Other&_u=aHHACEArRAAAAG~&jid=&gjid=&cid=1183430726.1636387581&tid=UA-63445827-1&_gid=1728837021.1636387581&gtm=2wgar0N79SLR&z=1797384129

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 15:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3103
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978929700/ 2 KB
2 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978929700/?random=1636387581628&cv=9&fst=1636387581628&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgar0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&tiba=Frozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20Ticketek%20Australia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9edb2c90fd6d3004fc4dba7064870297829950dbfb256ded8c575e7bf3c9dec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 323ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-63445827-1&cid=1183430726.1636387581&jid=1810675847&gjid=1054904621&_gid=1728837021.1636387581&_u=aHDACEArRAAAAG~&z=1838905968

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 08 Nov 2021 16:06:22 GMT
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 318ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=%5Bobject%20Object%5D&cid=1183430726.1636387581&jid=477809756&gjid=1845462543&_gid=1728837021.1636387581&_u=aHHAiEArRAAAAG~&z=29256928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 08 Nov 2021 16:06:22 GMT
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=315238758&t=pageview&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&ul=en-us&de=UTF-8&dt=Frozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHHAiEArRAAAAG~&jid=477809756&gjid=1845462543&cid=1183430726.1636387581&tid=%5Bobject%20Object%5D&_gid=1728837021.1636387581&gtm=2wgar0N79SLR&pa=detail&pr1ca=MTHTRE%2FMUSICAL&pr1id=FROZEN21&pr1nm=Frozen%20the%20Musical&pr1cd5=MTHTRE&pr1cd6=MUSICAL&pr1cd7=normal&pr1cd8=available&pr1cd9=FROZENUM21&cd4=0&z=2028681340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 15:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3103
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1615462762065567&ev=Microdata&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&rl=&if=false&ts=1636387581650&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Cn%20%20%20%20%5Cn%5CtFrozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20%5Cn%5CtTicketek%20Australia%5Cn%5Cn%5Cn%22%2C%22meta%3Adescription%22%3A%22Buy%20official%20Frozen%20the%20Musical%20tickets%20for%20Her%20Majesty%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Frozen%20the%20Musical%22%2C%22og%3Atype%22%3A%22actor%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fpremier.ticketek.com.au%2Fdbimages%2Fsfx255477.jpg%22%2C%22og%3Adescription%22%3A%22From%20the%20producers%20of%20Aladdin%2C%20The%20Lion%20King%20and%20Mary%20Poppins%2C%20Disney%27s%20new%20hit%20musical%20Frozen%20opens%20in%20Melbourne%20this%20June.%22%2C%22og%3Asite_name%22%3A%22%20Ticketek%20%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.2.1636387581145.1182549193&it=1636387580812&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 08 Nov 2021 16:06:22 GMT

GET
H2 200 worker-new.html Show response
ticketekau.api.useinsider.com/ Frame 80ED 8 KB
3 KB 21ms
21ms Document
text/html 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticketekau.api.useinsider.com/worker-new.html
Requested by: Host: ticketekau.api.useinsider.com
URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-type: text/html
access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 04:01:34 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2900
expires: Wed, 24 Nov 2021 16:06:22 GMT
cache-control: public, max-age=1382400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ab00c53e948435d-FRA
content-encoding: br

GET
H2 200 /
www.google.com/pagead/1p-user-list/978929700/ 42 B
548 B 43ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978929700/?random=1636387581628&cv=9&fst=1636387200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgar0&sendb=1&frm=0&url=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&tiba=Frozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20Ticketek%20Australia&async=1&fmt=3&is_vtc=1&random=1200394927&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/978929700/ 42 B
548 B 45ms
21ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/978929700/?random=1636387581628&cv=9&fst=1636387200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgar0&sendb=1&frm=0&url=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&tiba=Frozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20Ticketek%20Australia&async=1&fmt=3&is_vtc=1&random=1200394927&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
location.api.useinsider.com/ 264 B
474 B 114ms
66ms XHR
application/json 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10004098&
Requested by: Host: ticketekau.api.useinsider.com
URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 880abd1c233708c78bcd0a9c5ba5dd7555211cc00e628021c1e5f50e4f0e485b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 6ab00c54499a5363-FRA
content-type: application/json

GET
H2 200 1636387581721e362314a25.15306ac4 Show response
segment.api.useinsider.com/v4/segments/ 927 B
661 B 248ms
197ms XHR
application/json 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/1636387581721e362314a25.15306ac4?partnerid=10004098&fields=544da21d7e6756ee1860fc0228be4b5e,bdf571d0636fbb118c2b6e611c1bb789&
Requested by: Host: ticketekau.api.useinsider.com
URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69268e71e60dad8d5d2697364594d6e01fd1698f6ec0ace20b721acb1c617afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 6ab00c545de7f923-MXP

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
285 B 79ms
50ms XHR
text/plain 2606:4700::6811:ab72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: ticketekau.api.useinsider.com
URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ab72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: 1bddd78d-726c-4251-814a-22a6ea49989a
cf-ray: 6ab00c543d18e003-FRA
content-length: 16

GET
H/1.1 200
OK dest5.html Show response
tega.demdex.net/ Frame B48A 7 KB
3 KB 139ms
32ms Document
text/html 108.128.101.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tega.demdex.net/dest5.html?d_nsid=0

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.101.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-101-122.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 8 Nov 2021 16:06:22 GMT
DCS: dcs-prod-irl1-2-v019-0c1efb9a7.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 11:09:05 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: lHYExqIAR18=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YYlK-gAAAHTofwQD
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=30454969894971832284106595988907376067
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYlK-gAAAHTofwQD

42 B
943 B

36ms
36ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYlK-gAAAHTofwQD

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-09f7953bb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7NX9o7BjSns=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YYlK-gAAAHTofwQD
Date: Mon, 08 Nov 2021 16:06:22 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 web-widget-44722-036d62e90be79b6b3c39.js Show response
static.zdassets.com/web_widget/latest/ Frame 7D9D 336 KB
102 KB 45ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-44722-036d62e90be79b6b3c39.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70828d3386d394bf286b96e7b70f502f11a85f241d8d1ca5bcd04a1e97023649

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395485
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRP3CCBPQYDW1EV0
x-amz-id-2: 68WsvmO6j5z1D2kjSl2JzWG5IC5UQNUe+4XPMKP+m7IOdTHz78bM58bfMUfGJWj2K+L3WmX5+u8=
last-modified: Wed, 03 Nov 2021 23:49:38 GMT
server: cloudflare
etag: W/"47aa05bd3d5756564f80ecd1fcb52e87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJVot98CtllvgErUcBCAUuFcOsyZWMzjok%2FiUFH6JsrsU%2BTFy8isYgwTohdJD0kmPkVmnuRHTl6qCAjJde%2BFSjTG0Da1JM%2BDbui1hWyR9QZIvesVx3aR0XeJz6ObtsZDhR%2FPa3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: b8R5dBnej5oWu4mB.kBlRRCP9bk5SfNc
cf-ray: 6ab00c557df73622-MAN
expires: Thu, 03 Nov 2022 23:49:37 GMT

GET
H2 200 web-widget-71349-55d73a3a407b6098b248.js Show response
static.zdassets.com/web_widget/latest/ Frame 7D9D 85 KB
23 KB 38ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-71349-55d73a3a407b6098b248.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba2effb91745469929c5e993fe2c38cf19aaa2056b5e746e68bf35641c12095

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395485
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRP1D07EJZ655YNR
x-amz-id-2: QqCvd2srvCMr6HvLnZ0J/qqczV89zEDVwDSeWawMroyBqzoquSjPEqrict9Lm9abEusDRsZ4y0s=
last-modified: Wed, 03 Nov 2021 23:49:38 GMT
server: cloudflare
etag: W/"c63b8bad238d77b67872a4e26c002a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eg4LYQFhbYA9OnL%2FDHVbFi3bQNxcoioesok7k43BsEWAahO%2BnlIE%2Br%2F7xVxSXrR1BztnlxSlacsvZlPuwf0g4q1Wf3OT%2BY7S6Eldtt7Hbh0aL80mlt3ry2EBexl6f8EZ3rb2qTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: jPFAGw1Z1H_TV7Lu8YDu1VLFLgkOunwx
cf-ray: 6ab00c557dfb3622-MAN
expires: Thu, 03 Nov 2022 23:49:37 GMT

GET
H2 200 web_widget-5c92aeec2d469bcb1e15.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 7D9D 431 KB
94 KB 52ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-5c92aeec2d469bcb1e15.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4995a1647916583ca12ef566434cf47c8e491ac1658b6d7630763f957696b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395485
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRP5Q581SN5DC96N
x-amz-id-2: j42qiZx1bpB1eWH7uzLbxXMLtC35n4mQeutIOgByIRFiuQAtgvykrAYPlsdeGbZMbnNmmPxOrG4=
last-modified: Wed, 03 Nov 2021 22:13:06 GMT
server: cloudflare
etag: W/"4744232209675ba3572f46c27cada121"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dox%2F%2BxwctTrm3H28xYNEQWjIXgLTUrRwEUyebeiWcZkqCg6z0VqPkcY42Ko7BksS09XFdEE3P8AuMRIUHPHNyJCyybXxo7oSn0BO8i3Rl0zXa12G%2FVOXQEMxNzuhl7hoCIs3%2Fb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: pya6tXzlA2ckahCEz4GAPnV1a7gt1Ptx
cf-ray: 6ab00c557dfd3622-MAN
expires: Thu, 03 Nov 2022 22:13:05 GMT

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=OVmyDts41MK7a65
dpm.demdex.net/ Frame B48A
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=OVmyDts41MK7a65

42 B
943 B

41ms
40ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=OVmyDts41MK7a65

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-06a57b486.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BPEIT2RkT2k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 16:06:21 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=OVmyDts41MK7a65
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63445827-1&cid=1183430726.1636387581&jid=1810675847&_u=aHDACEArRAAAAG~&z=1267862833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63445827-1&cid=1183430726.1636387581&jid=1810675847&_u=aHDACEArRAAAAG~&z=1267862833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stx-button.entry.js Show response
components.ticketek.com.au/dist/stx-components/ 16 KB
17 KB 24ms
24ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/stx-button.entry.js
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d47fe0b6c81139a632f561041fc656d841de4c6023c2e4497a9fd93fafce4c1c

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:18:45 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:53 GMT
server: AmazonS3
age: 6458
etag: "806f733348c530d58fb756e4dbe3bcb3"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 16744
x-amz-cf-id: wWf58h71_dntZZQFl7mRZWAQLSkkfDX3N60s7RjJ6X6iI0KXBfdEZw==

GET
H2 200 stx-drawer.entry.js Show response
components.ticketek.com.au/dist/stx-components/ 10 KB
10 KB 15ms
15ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/stx-drawer.entry.js
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c351a7e7aca20f8d9d1b7ee122589cd3488602af5a9cf210c22f7e89e897cd6a

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:18:45 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:53 GMT
server: AmazonS3
age: 6458
etag: "d02357a974ec19042c3e925738eccd18"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 9887
x-amz-cf-id: AlyzYWVEQDo0gy2FT0gL4VZ2qa3wKblWUaHqwUMEsgelh0xhGj1oeA==

GET
H2 200 availability Show response
premier.ticketek.com.au/api/events/FROZEN21/ 1 KB
909 B 365ms
364ms Fetch
application/json 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://premier.ticketek.com.au/api/events/FROZEN21/availability?monthOf=2021-11-01

Requested by

Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/stx-api.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.230 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c4e2db2860a5841d508dfb6692187433b561f577ffbc735d6f5cf946a3a947a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 3-38752813-38752192 PNYN RT(1636387581520 0) q(0 0 0 -1) r(3 3) U2
cache-control: private, max-age=120
x-cdn: Imperva

GET
H2 200 availability Show response
premier.ticketek.com.au/api/events/FROZEN21/ 1 KB
923 B 348ms
348ms Fetch
application/json 45.60.198.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://premier.ticketek.com.au/api/events/FROZEN21/availability?monthOf=2021-11-01

Requested by

Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/stx-api.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.198.230 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c4e2db2860a5841d508dfb6692187433b561f577ffbc735d6f5cf946a3a947a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 3-38752814-38752815 NNYY CT(276 581 0) RT(1636387581525 0) q(0 0 0 -1) r(3 3) U2
cache-control: private, max-age=120
x-cdn: Imperva

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:21:35 GMT
x-content-type-options: nosniff
age: 344687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 16:21:35 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-63445827-1&cid=1183430726.1636387581&jid=861755389&gjid=869050465&_gid=1728837021.1636387581&_u=aHHAiEArRAAAAG~&z=545917342

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 08 Nov 2021 16:06:22 GMT
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=315238758&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DFROZEN21&ul=en-us&de=UTF-8&dt=Frozen%20the%20Musical%20tickets%20%7C%20Her%20Majesty%27s%20Theatre%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ConversionFunnel%2FPrimaryShow&ea=A-ShowPage&el=FROZENUM21&_u=aHHAiEArRAAAAG~&jid=861755389&gjid=869050465&cid=1183430726.1636387581&tid=UA-63445827-1&_gid=1728837021.1636387581&gtm=2wgar0N79SLR&z=2128434778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 15:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3103
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=1303121740232379231
dpm.demdex.net/ Frame B48A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1303121740232379231

42 B
943 B

37ms
37ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=1303121740232379231

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-092dc6a27.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: v/04mDQGQH4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 16:06:22 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cc1d3698-c474-41af-95bf-430ace4ffd99
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=1303121740232379231
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 slot-4bb2ee4f.js Show response
components.ticketek.com.au/dist/stx-components/ 2 KB
2 KB 23ms
22ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/slot-4bb2ee4f.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 312e7999a141ad78a2369e36e66ce2921bb632e10652ed713c242a3891362106

Request headers

Referer: https://components.ticketek.com.au/dist/stx-components/stx-button.entry.js
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:18:46 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:52 GMT
server: AmazonS3
age: 6457
etag: "c84073304ab6b9b363dc6c2b63442cfc"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 1748
x-amz-cf-id: qQXrMjmX0-0SmNL8DwaKhqlno_AGKmoQTwTCmcB686UGILKUzj6ZzQ==

GET
H2 200 embeddable_blip Show response
ticketek.zendesk.com/ Frame 7D9D 0
429 B 958ms
958ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTUuMC40NjM4LjU0IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiJlMTAzNTY3ZWI4Yjk4ODU0OWZhYjlmNDI0MDFjMzgwOCIsInN1aWQiOiI0ZGJkNDMxYTZkMGQ1YTZjZGJlNTIyNmI4OTIxYjJhZSIsInZlcnNpb24iOiJiMjQwYjYxIiwidGltZXN0YW1wIjoiMjAyMS0xMS0wOFQxNjowNjoyMi4xNzRaIiwidXJsIjoiaHR0cHM6Ly9wcmVtaWVyLnRpY2tldGVrLmNvbS5hdS9zaG93cy9zaG93LmFzcHg%2Fc2g9RlJPWkVOMjEifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 08 Nov 2021 16:06:23 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdvtT%2FYxqb0thuooSX8%2FW9oN3yd57X5%2BPfQGwra6W7OHlPsZqnSAb8oiIoT%2Bra1bvl8rxTFlEyCuFuMWfFyXP1S95Aci%2FPq%2FFmRb94DZfVmUBXD70RFJR5H33uTcgC%2FkjRalIgGX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://premier.ticketek.com.au
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ab00c56fc823b3d-CDG
vary: Accept-Encoding
content-length: 0
x-request-id: 0f42a82d68d7dd253d5367fb3bb329aa

GET
H2 200 embeddable_blip Show response
ticketek.zendesk.com/ Frame 7D9D 0
323 B 276ms
276ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJzdXBwcmVzcyI6dHJ1ZX0sImhlbHBDZW50ZXIiOnsic3VwcHJlc3MiOmZhbHNlfX19LCJidWlkIjoiZTEwMzU2N2ViOGI5ODg1NDlmYWI5ZjQyNDAxYzM4MDgiLCJzdWlkIjoiNGRiZDQzMWE2ZDBkNWE2Y2RiZTUyMjZiODkyMWIyYWUiLCJ2ZXJzaW9uIjoiYjI0MGI2MSIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDhUMTY6MDY6MjIuMTg5WiIsInVybCI6Imh0dHBzOi8vcHJlbWllci50aWNrZXRlay5jb20uYXUvc2hvd3Mvc2hvdy5hc3B4P3NoPUZST1pFTjIxIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 08 Nov 2021 16:06:22 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWlVdfniq9AdwbGPskVmgN8zhKO%2B8CRC19MoqrE1Ti6yFg2yrDvLKeFEt4O7vEQb6CfCzVeiKWwrCfq5Pcq5W2brfrc1gVDW69EZDX1Lpo6Hy7wb9FSAEX445aQAr%2FSsFWE%2FCUE7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://premier.ticketek.com.au
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ab00c571ca63b3d-CDG
vary: Accept-Encoding
content-length: 0
x-request-id: 99457ca85d269943a6ff6935bb3792dc

GET
H2 200 de-de-json-0e7b9ae3b696a34b6d22.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame 7D9D 28 KB
7 KB 46ms
46ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/de-de-json-0e7b9ae3b696a34b6d22.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395479
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: N3HASRFX6HDCVAYT
x-amz-id-2: X5mqvSxWfX7oUypcFGxz1Evw80xyv+TtowQX/FJHLKhnpIBNvfSYAH1YRwWKaL0Oxv8tcJL+Oa0=
last-modified: Wed, 03 Nov 2021 23:47:17 GMT
server: cloudflare
etag: W/"8fc7b388e5d1886d801f856533dc1ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUAmejiGjFqbbllU%2FLKjAR30lhLtIlANNyiHPH8EsLtNtGcYcdS0o9GQ%2F3%2BcRCyMKUacvkb3KbljKyUdZnmFUIr5Tk0PZuMLVdiJO4VbBwIXx%2FpXVosvuDKGz5xGt87dPY0GzF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 6RmU.xLcJA.EQghxyd1xkwY2BBWkSgbD
cf-ray: 6ab00c5718f53622-MAN
expires: Thu, 03 Nov 2022 23:47:15 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63445827-1&cid=1183430726.1636387581&jid=861755389&_u=aHHAiEArRAAAAG~&z=1383163778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-63445827-1&cid=1183430726.1636387581&jid=861755389&_u=aHHAiEArRAAAAG~&z=1383163778

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK event Show response
tega.demdex.net/ 5 KB
2 KB 38ms
38ms XHR
application/json 108.128.101.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tega.demdex.net/event?d_dil_ver=9.5&_ts=1636387582204

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.101.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-101-122.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b3c7dddc496948980da5da6f786667996bf8513507403a1a64b4ec5003918d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v019-090b1e384.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: fKAdCYecTbk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://premier.ticketek.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1559
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=445&dpuuid=0c121a66-b2c6-4f10-8d52-e3bcfbbcc608
dpm.demdex.net/ Frame B48A
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=38noredirect
https://sync.tidaltv.com/genericusersync.ashx?dpid=38noredirect&s_h=1
https://dpm.demdex.net/ibs:dpid=445&dpuuid=0c121a66-b2c6-4f10-8d52-e3bcfbbcc608?gdpr=1&gdpr_consent=

0
0

32ms
32ms

Image
application/json

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=445&dpuuid=0c121a66-b2c6-4f10-8d52-e3bcfbbcc608?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Server: 52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
server: Apache-Coyote/1.1
location: https://dpm.demdex.net/ibs:dpid=445&dpuuid=0c121a66-b2c6-4f10-8d52-e3bcfbbcc608?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 scroll-63c302dc.js Show response
components.ticketek.com.au/dist/stx-components/ 2 KB
3 KB 25ms
25ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/scroll-63c302dc.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 506e5ec29024643c84ee536ec2e57259bd66529f33dad11b4dd28c8fccb29172

Request headers

Referer: https://components.ticketek.com.au/dist/stx-components/stx-drawer.entry.js
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:18:46 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:52 GMT
server: AmazonS3
age: 6457
etag: "5cbfaa4a56426c4ef4ac6ec7b69c50db"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 2551
x-amz-cf-id: CJEWKFnkZMobuzQfEH8IkD-kkurquPj5ZFEhkC3q0uXeEl_YAOy83g==

GET
H2 200 modal-f26d9cf9.js Show response
components.ticketek.com.au/dist/stx-components/ 1 KB
2 KB 26ms
26ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/modal-f26d9cf9.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb5c4975d2cfbfa9486bedc6ce54f57d54e979c248f0b0e196699b9166e6648c

Request headers

Referer: https://components.ticketek.com.au/dist/stx-components/stx-drawer.entry.js
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:18:46 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:52 GMT
server: AmazonS3
age: 6457
etag: "0d8737e0574afb5a1113456ec7fa1841"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 1307
x-amz-cf-id: uSoYIuV1G9C-VK1oE_1fQz9JrbwK4MlOKL0yKpN4YJhNjXqKWNuPJw==

GET
H2 200 embeddable_blip Show response
ticketek.zendesk.com/ Frame 7D9D 0
282 B 294ms
294ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9wcmVtaWVyLnRpY2tldGVrLmNvbS5hdS9zaG93cy9zaG93LmFzcHg%2Fc2g9RlJPWkVOMjEiLCJ0aW1lIjoxMjksImxvYWRUaW1lIjo5MS42OTk5OTY5NDgyNDIxOSwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IkZyb3plbiB0aGUgTXVzaWNhbCB0aWNrZXRzIHwgSGVyIE1hamVzdHkncyBUaGVhdHJlIHwgVGlja2V0ZWsgQXVzdHJhbGlhIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk1LjAuNDYzOC41NCBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLCBtaW5pbXVtLXNjYWxlPTEsIHNocmluay10by1maXQ9bm8iLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6ImUxMDM1NjdlYjhiOTg4NTQ5ZmFiOWY0MjQwMWMzODA4Iiwic3VpZCI6IjRkYmQ0MzFhNmQwZDVhNmNkYmU1MjI2Yjg5MjFiMmFlIiwidmVyc2lvbiI6ImIyNDBiNjEiLCJ0aW1lc3RhbXAiOiIyMDIxLTExLTA4VDE2OjA2OjIyLjMwMloiLCJ1cmwiOiJodHRwczovL3ByZW1pZXIudGlja2V0ZWsuY29tLmF1L3Nob3dzL3Nob3cuYXNweD9zaD1GUk9aRU4yMSJ9

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 08 Nov 2021 16:06:22 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4H6Cx3cPxKSLYWaDCy9hbUj39Gz660B%2FMcXVIlXBNXv%2FR197oY1z8hY2uPp6ykLGZWAJRnGeOzMaV56CgvUWerTL1oKU2YL0W5UG2SQXiWk4diRhiAUDEHVQJ91HKraoUwr0%2BN2%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://premier.ticketek.com.au
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ab00c57ce0c3b3d-CDG
vary: Accept-Encoding
content-length: 0
x-request-id: cf8fd96c2916d1f7cbce25c3682a861f

GET
H2 200 embeddable_blip Show response
ticketek.zendesk.com/ Frame 7D9D 0
286 B 278ms
277ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable_blip?type=performance&data=eyJwZXJmb3JtYW5jZSI6eyJpbml0SW50ZXJ2YWwiOjE5NDUsImNvbmZpZ0xvYWRUaW1lIjo2MjV9LCJidWlkIjoiZTEwMzU2N2ViOGI5ODg1NDlmYWI5ZjQyNDAxYzM4MDgiLCJzdWlkIjoiNGRiZDQzMWE2ZDBkNWE2Y2RiZTUyMjZiODkyMWIyYWUiLCJ2ZXJzaW9uIjoiYjI0MGI2MSIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDhUMTY6MDY6MjIuMzAzWiIsInVybCI6Imh0dHBzOi8vcHJlbWllci50aWNrZXRlay5jb20uYXUvc2hvd3Mvc2hvdy5hc3B4P3NoPUZST1pFTjIxIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-3a2a8604b6c6deb9b732.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 08 Nov 2021 16:06:22 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dMUv322vPPZPUa6vEGfED4ZIe%2F973lG5k7QabNG%2BFj4Icijokb96SMFiXf4IV%2BrmKf64cRJwHVNIhEQcL2XNO1%2BKuplZ5vSaIVewpmL%2FnMGrFpM%2BjXlkJdLtme4cW4%2F086iZR61"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://premier.ticketek.com.au
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ab00c57ce0e3b3d-CDG
vary: Accept-Encoding
content-length: 0
x-request-id: 12600735e5f7cef24692f6b1595c4e99

GET
H2 200 sl-icon-button.entry.js Show response
components.ticketek.com.au/dist/stx-components/ 2 KB
2 KB 8ms
8ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/sl-icon-button.entry.js
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a30f09f2c8dddcc7c5858e991c7d85a9bdc96931c1312eeefabca889e5ab967

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:42:55 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:52 GMT
server: AmazonS3
age: 12208
etag: "ba06eca7e888d69e79b7e067c8bad42d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 1957
x-amz-cf-id: I0K8VG1G7wh-O6SBhE1ug0xVL80re_c9iEmwTnmM1snHWLsO_EUWkQ==

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=4223899392939032060
dpm.demdex.net/ Frame B48A
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4223899392939032060

42 B
943 B

94ms
33ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=4223899392939032060

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-092dc6a27.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3FJvI1TwT2M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=4223899392939032060
pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 focus-visible-a3dbdfcf.js Show response
components.ticketek.com.au/dist/stx-components/ 1 KB
2 KB 8ms
8ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/focus-visible-a3dbdfcf.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80781bbe1d81f324bf0f41df45724d1ffc2dbda71f0ea199a913ccf708ca8284

Request headers

Referer: https://components.ticketek.com.au/dist/stx-components/sl-icon-button.entry.js
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:42:56 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:44 GMT
server: AmazonS3
age: 12207
etag: "98ac1c627b47db6bbc5f9d0b823e53c3"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 1238
x-amz-cf-id: hepVUGlC3uHSt4sf1FLqdlLDG0wWuQ6O5pEDwz3v9QF2NTDSNuRwPA==

GET
H2 200 sl-icon.entry.js Show response
components.ticketek.com.au/dist/stx-components/ 4 KB
4 KB 10ms
9ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/sl-icon.entry.js
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/index-fa13c2ff.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1baba34c28797fd421dbb65f9bc6ce7a7573178063a7207fa79aa685a176fc4b

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:42:57 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:52 GMT
server: AmazonS3
age: 12206
etag: "cbc08fdcdcd1b438456f7a9180d4dc98"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3657
x-amz-cf-id: PtODHvi8YlPNDNu4E0YEqg_jxpvu2SFNlG0w0oVILKRnqRHCixfnYQ==

GET
H2 200 icon-library-registry-6ad57fef.js Show response
components.ticketek.com.au/dist/stx-components/ 867 B
1 KB 8ms
8ms Script
application/javascript 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/icon-library-registry-6ad57fef.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=FROZEN21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf267e44b195e47be570dab9a8d360f6e56594825fc90ebb1ccb8e33793610cf

Request headers

Referer: https://components.ticketek.com.au/dist/stx-components/sl-icon.entry.js
Origin: https://premier.ticketek.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:42:58 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:44 GMT
server: AmazonS3
age: 12204
etag: "77ca35f7dacb842dc17c2ea47f007c1e"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 867
x-amz-cf-id: 6jTfzIFt_GeigeAlnyJkCxbO2g64WXMKODNoiPdluxAU89ren2dj-Q==

GET
H2 200 x.svg Show response
components.ticketek.com.au/dist/stx-components/icons/ 332 B
770 B 11ms
10ms Fetch
image/svg+xml 18.66.112.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://components.ticketek.com.au/dist/stx-components/icons/x.svg
Requested by: Host: components.ticketek.com.au
URL: https://components.ticketek.com.au/dist/stx-components/sl-icon.entry.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48d5345df5fcecdb7a3b2eb9f04982923a46a4d51e95bb7edc3f909e8234889d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:18:47 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Mon, 08 Nov 2021 12:23:52 GMT
server: AmazonS3
age: 6455
etag: "df13156bbaa7c8bbc9ef7f7ce6151e2c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 332
x-amz-cf-id: V_TFjzP57O3yUZNOXFJcJnHT9B6TEw4Ytcrv_R5Wy5HbMqQ0Jbbn0A==

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEA0tctIIDwHL_rkeUZcoHHk&google_cver=1
dpm.demdex.net/ Frame B48A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzA0NTQ5Njk4OTQ5NzE4MzIyODQxMDY1OTU5ODg5MDczNzYwNjc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA0tctIIDwHL_rkeUZcoHHk&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

99ms
41ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA0tctIIDwHL_rkeUZcoHHk&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-07ca0a12f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lMRZCD4LS2c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA0tctIIDwHL_rkeUZcoHHk&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B48A
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEPJxpcoSdnu88-_GIIZi4HU&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

30ms
30ms

Image
image/png

52.18.11.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.18.11.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 08 Nov 2021 16:06:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B48A
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEP...
https://pixel.everesttech.net/1x1

128 B
796 B

31ms
29ms

Image
image/png

52.18.11.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.18.11.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 08 Nov 2021 16:06:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B48A
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

34ms
34ms

Image
image/png

52.18.11.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.18.11.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 08 Nov 2021 16:06:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B48A
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

31ms
31ms

Image
image/png

52.18.11.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.18.11.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "36b521-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 08 Nov 2021 16:06:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B48A
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

30ms
30ms

Image
image/png

52.18.11.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.18.11.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 08 Nov 2021 16:06:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=732a9589-bac8-49a6-ad61-57665c3e050a
dpm.demdex.net/ Frame B48A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=732a9589-bac8-49a6-ad61-57665c3e050a

42 B
943 B

40ms
40ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=732a9589-bac8-49a6-ad61-57665c3e050a

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-092dc6a27.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: XGD2TaHJRxQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=732a9589-bac8-49a6-ad61-57665c3e050a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame B48A
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVlsSy1nQUFBSFRvZndRRA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

29ms
29ms

Image
image/png

52.18.11.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 52.18.11.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:23 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Mon, 08 Nov 2021 16:06:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YYlK-1uE4Djd3g120nTR-QAA%261148
dpm.demdex.net/ Frame B48A
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YYlK-1uE4Djd3g120nTR-QAA%261148

42 B
943 B

40ms
39ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YYlK-1uE4Djd3g120nTR-QAA%261148

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0dabc80c8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: D6rtldPQROA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 16:06:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YYlK-1uE4Djd3g120nTR-QAA%261148
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Expires: Mon, 08 Nov 2021 16:06:23 GMT

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame B48A
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=30454969894971832284106595988907376067&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=30454969894971832284106595988907376067&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
961 B

30ms
30ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-016ac64a0.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: I8NEBCCCTl4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Mon, 08 Nov 2021 16:06:23 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame B48A
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YYlK-gAAAHTofwQD&sigv=1&esig=1~4305df3226603828d44974c4b51331d7675461b5

0
443 B

25ms
8ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YYlK-gAAAHTofwQD&sigv=1&esig=1~4305df3226603828d44974c4b51331d7675461b5

Protocol

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:23 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YYlK-gAAAHTofwQD&sigv=1&esig=1~4305df3226603828d44974c4b51331d7675461b5
Date: Mon, 08 Nov 2021 16:06:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B48A
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=30454969894971832284106595988907376067
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=30454969894971832284106595988907376067

0
338 B

96ms
31ms

Image
text/plain

52.17.176.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=30454969894971832284106595988907376067
Protocol: H2
Server: 52.17.176.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-176-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:24 GMT
cache-control: private, no-cache, no-store
x-request-time: D=121 t=1636387584
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=30454969894971832284106595988907376067
date: Mon, 08 Nov 2021 16:06:24 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=9f8d0ea265b6be7ee87f374de49c011c
dpm.demdex.net/ Frame B48A
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=30454969894971832284106595988907376067?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=30454969894971832284106595988907376067?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9f8d0ea265b6be7ee87f374de49c011c

42 B
943 B

34ms
34ms

Image
image/gif

52.18.85.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9f8d0ea265b6be7ee87f374de49c011c

Protocol

HTTP/1.1

Server

52.18.85.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-85-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0d7ebfd97.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bVJh/fHATO4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9f8d0ea265b6be7ee87f374de49c011c
cache-control: no-cache
x-server: 10.45.20.14
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B48A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVlsSy1nQUFBSFRvZndRRA==

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVlsSy1nQUFBSFRvZndRRA==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636387584.140421,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVlsSy1nQUFBSFRvZndRRA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B48A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYlK-gAAAHTofwQD&expires=90

0
239 B

35ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYlK-gAAAHTofwQD&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636387584.224666,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YYlK-gAAAHTofwQD&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B48A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYlK-gAAAHTofwQD

43 B
1003 B

96ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYlK-gAAAHTofwQD
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 16:06:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 08 Nov 2021 16:06:24 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636387584.324202,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YYlK-gAAAHTofwQD
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B48A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YYlK-gAAAHTofwQD

43 B
1014 B

31ms
30ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YYlK-gAAAHTofwQD

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 08 Nov 2021 16:06:24 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f3cbd30c-f22f-47e2-bf0c-6939bd12fb70
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636387584.424867,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YYlK-gAAAHTofwQD
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B48A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYlK-gAAAHTofwQD
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYlK-gAAAHTofwQD

43 B
61 B

28ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYlK-gAAAHTofwQD
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YYlK-gAAAHTofwQD
date: Mon, 08 Nov 2021 16:06:24 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B48A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYlK-gAAAHTofwQD

1 B
547 B

78ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYlK-gAAAHTofwQD
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 16:06:24 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:348
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636387585.626620,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYlK-gAAAHTofwQD
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame B48A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYlK-gAAAHTofwQD&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYlK-gAAAHTofwQD&img=1&__user_check__=1&sync_id=d29828b4-40ad-11ec-909e-1e1d47870106

43 B
548 B

30ms
30ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YYlK-gAAAHTofwQD&img=1&__user_check__=1&sync_id=d29828b4-40ad-11ec-909e-1e1d47870106
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 16:06:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 84
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 08 Nov 2021 16:06:24 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YYlK-gAAAHTofwQD&img=1&__user_check__=1&sync_id=d29828b4-40ad-11ec-909e-1e1d47870106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame B48A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYlK-gAAAHTofwQD&t=2592000&o=0

43 B
1012 B

122ms
122ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYlK-gAAAHTofwQD&t=2592000&o=0

Protocol

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:06:24 PST
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: xKoVXq27iI6QS6Axuv17+JWViB+cBE/UnwYxgNi9PIC51+HP2eH56DoGuaXHzvUvBdNugsSBcWvcEYA5p+CfrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Mon, 08 Nov 2021 08:06:24 PST

Redirect headers

pragma: no-cache
date: Mon, 08 Nov 2021 16:06:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636387585.835278,VS0,VE0
x-served-by: cache-hhn4069-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YYlK-gAAAHTofwQD&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A5%2Cc%3A32%2Cr%3A3232)

Verdicts & Comments Add Verdict or Comment

408 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
premier.ticketek.com.au/shows	1969-12-31 23:59:59	Name: myCookie Value:
.ticketek.com.au/	1970-01-20 07:18:18	Name: visid_incap_2399871 Value: gkCpUYfyQTWxDHlr5TZ3P/dKiWEAAAAAQUIPAAAAAACcMFWgGdBLK8von5oKdIlV
.ticketek.com.au/	1969-12-31 23:59:59	Name: incap_ses_464_2399871 Value: 2lXNAglGN3LOWWloD3ZwBvdKiWEAAAAA3eiEPn0W5gzgZeGpuPEotA==
.ticketek.com.au/	1969-12-31 23:59:59	Name: ticketek.com.au+cookies Value: true
.ticketek.com.au/	1969-12-31 23:59:59	Name: nlbi_2399871 Value: CWZcJZmfYRb49BWeROFu0QAAAACWLn2+jORSY1BCHVzCS7yT
.ticketek.com.au/	1970-01-20 07:18:21	Name: visid_incap_2408402 Value: mx21PV3WRkmSd1BjG+wBKPlKiWEAAAAAQUIPAAAAAAAVR58eb8rbQxVr8QKIe9F/
.ticketek.com.au/	1969-12-31 23:59:59	Name: nlbi_2408402 Value: 73SaIK754lVBx3zFYGdm3wAAAAC1lrLs9vcxlDCeBJveIDDi
.ticketek.com.au/	1969-12-31 23:59:59	Name: incap_ses_536_2408402 Value: vzv5BvHnrmsYg2IgokFwB/lKiWEAAAAAjvAEfcmHITYN3b49ERzt7w==
.ticketek.com.au/	1969-12-31 23:59:59	Name: ticketek.com.au+cp.id Value: db868cff-3002-44f1-acf3-384e9ead3bad
premier.ticketek.com.au/	1970-01-19 22:33:07	Name: __session:0.8201035622396065: Value: https:
premier.ticketek.com.au/	1969-12-31 23:59:59	Name: softix.affiliate Value: Ticketek%20Au%20Website
.premier.ticketek.com.au/	1969-12-31 23:59:59	Name: originalReferrer Value:
.ticketek.com.au/	1970-01-20 07:19:04	Name: ab.storage.deviceId.35e9ff84-9413-4d1a-853b-5cdeba1dfdef Value: %7B%22g%22%3A%225712ea55-cb31-59f5-eb4f-70ee9e1d997c%22%2C%22c%22%3A1636387580686%2C%22l%22%3A1636387580686%7D
premier.ticketek.com.au/	1970-01-20 07:18:43	Name: myCookie Value:
.ticketek.com.au/	1970-01-20 16:04:19	Name: _ga Value: GA1.3.1183430726.1636387581
.ticketek.com.au/	1970-01-19 22:34:33	Name: _gid Value: GA1.3.1728837021.1636387581
.ticketek.com.au/	1970-01-19 22:33:07	Name: _gat Value: 1
.ticketek.com.au/	1970-01-20 07:19:04	Name: ab.storage.sessionId.35e9ff84-9413-4d1a-853b-5cdeba1dfdef Value: %7B%22g%22%3A%22410779cc-c960-a481-3d93-a96b81a180ea%22%2C%22e%22%3A1636389381093%2C%22c%22%3A1636387580684%2C%22l%22%3A1636387581093%7D
.ticketek.com.au/	1970-01-20 07:18:43	Name: _hjid Value: 7fc39656-57f2-4c9b-a607-d7be9546d798
.ticketek.com.au/	1970-01-19 22:33:09	Name: _hjFirstSeen Value: 1
.ticketek.com.au/	1970-01-20 00:42:43	Name: _fbp Value: fb.2.1636387581145.1182549193
premier.ticketek.com.au/	1970-01-19 22:33:07	Name: _hjIncludedInSessionSample Value: 0
.ticketek.com.au/	1970-01-19 22:33:09	Name: _hjAbsoluteSessionInProgress Value: 0
.ticketek.com.au/	1969-12-31 23:59:59	Name: nlbi_2399871_2147483646 Value: nZeJRe/u2D0lib2BROFu0QAAAAB8jFcrKsVacApzXhx45TFF
.ticketek.com.au/	1970-01-19 23:16:19	Name: reese84 Value: 3:AZ9KGlYRBuarH5sf0hGK+A==:aswVhPzyAX7JGLd3q4VTtL0rGdmSJzMb4PIJ+BlyHMdJEp2ZPEpdtXpOO/ezNp/U+XQxblf+tfc9zP80YTblUs8r0RoeDgYhJxWlIKUYjQlYcDGjiesamRQjW74M1pBtN10GQiLwP0nFV/KJ3y3wS6hWese40Vml9grAz0kKAHtZgM/RQZ+gFA5MkPbr7LvpxK5rvBLq1raBzsf0sbWx2NZwkrHLfXheyrJvP9VWcU5wRrCXXyn3Dv5gpi/229myFsK5AyTpzlcYQDGIKN1SvDNtlGv71Gt9HwIMz+VQHNJPIaLwOqL32u3kR17ClZzl0JZgHwTF9Fhu+W1WP/XqRFFlpI94sTp6sovk1y27EoRU/yVuTip42ceZIlk4qWNg2f89+zWIxJefC8P+hOcWGlh7Cn1rOHJN1mUQT1OjkBkLTBZfU3pF2TMdsMzLEpz+a3wTlvVry39MX0ACgE5Me/+1PxYjU8mqbUORPACrAyo=:TNFRJ0nfPGHlyuupmyHJdSNiuWWQ+yoXs0PddCoSf9Q=
.ticketek.com.au/	1970-01-20 00:42:43	Name: _gcl_au Value: 1.1.1902108553.1636387582
.ticketek.com.au/	1970-01-19 22:33:07	Name: _gat_UA-63445827-1 Value: 1
.premier.ticketek.com.au/	1970-01-20 16:04:19	Name: _ga Value: GA1.4.1183430726.1636387581
.premier.ticketek.com.au/	1970-01-19 22:34:33	Name: _gid Value: GA1.4.1728837021.1636387581
.premier.ticketek.com.au/	1970-01-19 22:33:07	Name: _dc_gtm_objectObject Value: 1
.doubleclick.net/	1970-01-20 07:54:43	Name: IDE Value: AHWqTUlbu_QuoxyCH2Nfs_cJQOCgdCRm8jzdQYX0deCiqvDUlmsHQrx8zhp5v6Ey
.premier.ticketek.com.au/	1970-01-20 07:18:43	Name: ins-storage-version Value: 1
.demdex.net/	1970-01-20 02:52:19	Name: demdex Value: 30454969894971832284106595988907376067
.ticketek.com.au/	1969-12-31 23:59:59	Name: AMCVS_495479CA584AB1B90A495EEA%40AdobeOrg Value: 1
.ticketekau.api.useinsider.com/	1970-01-19 22:34:33	Name: insdrPushCookieStatus Value: true
.everesttech.net/	1970-01-20 07:18:43	Name: everest_g_v2 Value: g_surferid~YYlK-gAAAHTofwQD
.dpm.demdex.net/	1970-01-20 02:52:19	Name: dpm Value: 30454969894971832284106595988907376067
.ticketek.com.au/	1970-01-20 16:04:19	Name: AMCV_495479CA584AB1B90A495EEA%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18940%7CMCMID%7C30960023139841082244055911033788764415%7CMCAAMLH-1636992381%7C6%7CMCAAMB-1636992381%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1636394781s%7CNONE%7CMCSYNCSOP%7C411-18947%7CvVersion%7C5.2.0
.ticketek.com.au/	1969-12-31 23:59:59	Name: ticketek.com.au+cp.ex Value: 2021-11-09+03%3a09%3a52
.ticketek.com.au/	1969-12-31 23:59:59	Name: ticketek.com.au+cp.st Value: 2021-11-09+03%3a06%3a22
.w55c.net/	1970-01-20 08:01:55	Name: wfivefivec Value: OVmyDts41MK7a65
.w55c.net/	1970-01-19 23:16:19	Name: matchdmx Value: 5
.premier.ticketek.com.au/	1970-01-19 22:33:07	Name: _dc_gtm_UA-63445827-1 Value: 1
.adnxs.com/	1970-01-20 00:42:43	Name: uuid2 Value: 1303121740232379231
.premier.ticketek.com.au/	1970-01-19 23:16:19	Name: aam_uuid Value: 30454969894971832284106595988907376067
.tidaltv.com/	1970-01-20 07:18:43	Name: tidal_ttid Value: 0c121a66-b2c6-4f10-8d52-e3bcfbbcc608
premier.ticketek.com.au/	1970-01-19 22:43:12	Name: AWSALBTG Value: fH+Bhw4hXF/QDH0kPsSsUFyTFxk5KOWF5WbNT7hCcazo6zRQI8dZoQRv1wNdKpySUsuZS9OJ3QrWA/lXcSkuOBKAyQKi8AfdvcmyIiU4J8/wY2v665oo+tCBRSUBw2VsBqrKU8YGQr92f6fcTVocbsJR+xkgs2QlpFkLHJkJzMvmdxd7c2M=
premier.ticketek.com.au/	1970-01-19 22:43:12	Name: AWSALBTGCORS Value: fH+Bhw4hXF/QDH0kPsSsUFyTFxk5KOWF5WbNT7hCcazo6zRQI8dZoQRv1wNdKpySUsuZS9OJ3QrWA/lXcSkuOBKAyQKi8AfdvcmyIiU4J8/wY2v665oo+tCBRSUBw2VsBqrKU8YGQr92f6fcTVocbsJR+xkgs2QlpFkLHJkJzMvmdxd7c2M=
.tidaltv.com/	1970-01-20 07:18:43	Name: sync-his Value: "H4sIAAAAAAAAADM0sjQ2sDI0tAAAdZH/UgkAAAA="
.turn.com/	1970-01-20 02:52:19	Name: uid Value: 4223899392939032060
.everesttech.net/	1970-01-19 23:17:45	Name: ev_sync_ax Value: 20211108
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: YYlK-wAABakL9UfR
.adsrvr.org/	1970-01-20 07:18:43	Name: TDID Value: 732a9589-bac8-49a6-ad61-57665c3e050a
.adsrvr.org/	1970-01-20 07:18:43	Name: TDCPM Value: CAESEgoDYWFtEgsIzsyF5fe2kToQBRgFIAEoAjILCNrjpJKOt5E6EAU4AQ..
.eyeota.net/	1970-01-20 07:18:43	Name: mako_uid Value: 17d004cf700-13430000010f4e82
.eyeota.net/	1970-01-19 22:33:08	Name: SERVERID Value: 20098~DM
.casalemedia.com/	1970-01-20 07:18:43	Name: CMID Value: YYlK-1uE4Djd3g120nTR-QAA
.casalemedia.com/	1970-01-20 00:42:43	Name: CMPS Value: 5222
.everesttech.net/	1970-01-19 23:17:45	Name: ev_sync_yh Value: 20211108
.yahoo.com/	1970-01-20 07:19:05	Name: A3 Value: d=AQABBP9KiWECEOqHjkOfKtTCQy1nibhkHB0FEgEBAQGcimGTYQAAAAAA_eMAAA&S=AQAAAsQ0EmeRvA3i4gOcD6OZHdE
.casalemedia.com/	1970-01-20 00:42:43	Name: CMPRO Value: 1148
.crwdcntrl.net/	1970-01-20 05:01:55	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:01:55	Name: _cc_id Value: 9f8d0ea265b6be7ee87f374de49c011c
.crwdcntrl.net/	1970-01-20 05:01:55	Name: _cc_cc Value: "ACZ4XmNQsEyzSDFITTQyM00yS0o1T021ME8zNjdJSTWxTDYwNExmAILETm8QBQMAYKsKhQ%3D%3D"
.crwdcntrl.net/	1970-01-20 05:01:55	Name: _cc_aud Value: "ABR4XmNgYGBI7PQGkjAAAA%2FZATY%3D"
.casalemedia.com/	1970-01-20 07:18:43	Name: CMRUM3 Value: 5861894b002760YYlK-gAAAHTofwQD
.casalemedia.com/	1970-01-19 22:34:33	Name: CMST Value: YYlK-2GJSwAA
.adnxs.com/	1970-01-20 00:42:43	Name: anj Value: dTM7k!M4.FErk#WF']wIg2Hb6p3xja!@wnfH)iR8PMp-v=0BzJf)4P^iJ%Bi/]<GshufY=l@v%$%(2K:$doRL2xc>Hx7R)0hLP)lT''wzDYzIJ!!(HM*+%_N
.openx.net/	1970-01-20 07:18:43	Name: i Value: f00b870e-5cb2-4761-aa7f-ace46ef313b0\|1636387584
.krxd.net/	1970-01-20 02:52:19	Name: _kuid_ Value: OeENl4eE
.pubmatic.com/	1970-01-20 00:42:43	Name: KRTBCOOKIE_218 Value: 4056-YYlK-gAAAHTofwQD&KRTB&22978-YYlK-gAAAHTofwQD&KRTB&23194-YYlK-gAAAHTofwQD&KRTB&23209-YYlK-gAAAHTofwQD
.pubmatic.com/	1970-01-19 23:16:19	Name: PugT Value: 1636387584
.pubmatic.com/	1970-01-20 00:42:43	Name: PUBMDCID Value: 3
.demdex.net/	1970-01-20 02:52:19	Name: dextp Value: 359-1-1636387581940\|358-1-1636387582069\|445-1-1636387582206\|470-1-1636387582334\|771-1-1636387582435\|1083-1-1636387582536\|1085-1-1636387582637\|1086-1-1636387582738\|1087-1-1636387582839\|1088-1-1636387582940\|903-1-1636387583040\|19913-1-1636387583141\|23728-1-1636387583242\|30064-1-1636387583343\|83349-1-1636387583444\|66757-1-1636387583544\|121998-1-1636387583645\|144230-1-1636387583746\|144231-1-1636387583847\|144232-1-1636387583948\|144233-1-1636387584048\|144234-1-1636387584149\|144235-1-1636387584250\|144236-1-1636387584351\|144237-1-1636387584458
.spotxchange.com/	1970-01-20 07:18:47	Name: audience Value: d2982840-40ad-11ec-909e-1e1d47870106

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5164505.fls.doubleclick.net
ads.yahoo.com
adservice.google.com
adservice.google.de
beacon.krxd.net
braze-images.com
cdnjs.cloudflare.com
click.email.disney.com.au
cm.everesttech.net
cm.g.doubleclick.net
components.ticketek.com.au
connect.facebook.net
d.turn.com
d35kvm5iuwjt9t.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hit.api.useinsider.com
ib.adnxs.com
image2.pubmatic.com
js.appboycdn.com
location.api.useinsider.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
polyfill.io
premier.ticketek.com.au
ps.eyeota.net
sadmin.brightcove.com
script.hotjar.com
sdk.iad-06.braze.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
ssum.casalemedia.com
stackpath.bootstrapcdn.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.tidaltv.com
tega.demdex.net
ticketek.zendesk.com
ticketekau.api.useinsider.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.ticketek.com.au
premier.ticketek.com.au
104.16.53.111
104.18.72.113
104.92.103.28
108.128.101.122
13.111.159.139
13.32.118.82
142.250.185.226
142.250.186.166
142.250.186.34
143.204.215.95
151.101.1.208
151.101.194.49
151.101.65.208
18.185.182.242
18.66.112.126
18.66.112.65
185.33.221.90
185.64.190.80
185.94.180.126
2.18.234.21
2001:678:cb4:bbbb::13
2606:4700:10::ac43:7e2
2606:4700:3037::6815:4e07
2606:4700::6810:135e
2606:4700::6811:a872
2606:4700::6811:aa72
2606:4700::6811:ab72
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1288:80:800::7001
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:a00::282
2a05:d018:24:b002:2591:850:d183:b9b4
3.125.70.222
3.33.220.150
34.98.64.218
45.60.198.230
52.17.176.161
52.18.11.109
52.18.85.49
52.222.236.73
52.44.110.4
54.194.191.134
54.194.226.253
69.173.144.138
0095244614533bd39720fdef1abdd163dd6899570a58c5910085968ef106f127
009c5e73bf6b01d1c8ed3dcb7da2ba322fa6edf5561c3b5eecbb339cea98ec60
049587ac10f7ead90ad4654a2851cf4489cd8bd37a63487ffc1e06737aacbe49
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09ca096b5dcefed31369c823f65ebb9b2836844fa0d5a6b9b4f97cb6625b0675
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12ccf827ffd5452b891e6219a9d3be8222aea9ab9d2277bfb9cf06e745dc2159
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a30f09f2c8dddcc7c5858e991c7d85a9bdc96931c1312eeefabca889e5ab967
1baba34c28797fd421dbb65f9bc6ce7a7573178063a7207fa79aa685a176fc4b
1dc7dc002e2016f0628dc8262d8a803a5d7a0db57055a3e8cecdf7b1c948ba9a
1e93ef3381389ca9f0d65bd91de800196f481f4be33725bef9005c3cccc18450
1f85b96e840c95038b19f71bdd8ea63d99c5305b51b1a4b298353091893e61ba
22be3b608d348c6fde6943128b3b85d447800263df2f30629026930384ae0b3d
249f06a35cb2786148c66d93b37f2173b54f6afc7e196d5e7500f2e1dba0ad79
2573bf5bdb07e44f7336464acdc5e6df6eee42c7d6fd4e3489491d7db50ac869
273e6b9c3a93e545186527784a7ef95553b9e3c4f62a64e77638ca3d64b1d4b4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b00e1d782b3fdbe3d81c3e9ba8649c1e77b625dc968b6e46e7a4e3213e0cacf
2d3e82a60eaa972e5fafba6741ac1357f01fa898f24fbe822058d19af621e16d
307b9dbbe788513d426415296a1a0651d4aeb628e81cfa2873f32e8766c296f2
312e7999a141ad78a2369e36e66ce2921bb632e10652ed713c242a3891362106
3269b8735e94ac2d7913df38a851ed5a3925c0b2808fb25ffa36526d68791f17
34fe739dc619a4c6ba22e594e4d52f330b964918a25f59f145b9fcfb387998e4
363da08842b371b115aed72a5eb403e1bea447df77d1a1f3892bab6cc4f759fc
39ac6d1ed483472b163f001f9d17806fc32db5066145fade59f7f5644c963fdb
3e44308861f5dbec0f708c01a42054ffb44a330afcf9f7bfc808f55db249fbca
4259944a8b75a4bcc04474d2e2e90e01ad38b35c811ea8efee67ebb47a8f70aa
429b519582f79000e449eb25975d7bc2aee63e2cfcce9202e50895ebcd0d37c4
44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3
48cbe7bf69de732b7c252c9ad6074b4add98138de314100a0ca2e7e4f1c0422c
48d1bf407ff7c247b27eff6eb1e2550b626e688807d353cdeae95c526e33c4e6
48d5345df5fcecdb7a3b2eb9f04982923a46a4d51e95bb7edc3f909e8234889d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df3d519156036cf37a97d62b2344e99f37581584f9f6350b463675007be4ebf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f95dea9faaeab7adbeb9c89447bc058079522b7c870ed527c83b48680b4b547
506e5ec29024643c84ee536ec2e57259bd66529f33dad11b4dd28c8fccb29172
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54977bd28e95c5d7f9aa476648978d4805fb1fbc7e56b4e3d8a4055d225919f4
55aa0299a6b880ddee3b6e438a6e155730fca9eaf992e5e4ac105ca1de5f3312
55d44cd61ee84c79e7d910fc9c7c498fef7a6231efc1f343dba333d2246559d8
58c436fa205315b39757504b283fa3cc7565d9966c18b09cb62f4e8a427a8670
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5bdcfc8933f92c9784de32290b9b79e673c60c067c66cea86de0170f89130ad4
5c13488ad44fb3c979306129a36cdd21e4b75d58cdc6f55e9aebf5c0a114f242
5d5b1ea4c1536377d03428fcc189483865d1aa0a48323e7d4c3b96c70a6c743f
5f30a90487ac5a1f8c4105760122f768da0e1da53df698c1130a8365beb1a7a5
62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284
6324f69233f73f119979b489f5d32a2250b3bfeb7d24d8b2908b92bb6c1e2e09
6709758a7991132539e45c72e3c6ed7241e8937f1d19217d89e0df6e76046f40
6924ff420cfd645667ff37d1b972f5a1412933427985f171eff1c011e06c3e9b
69268e71e60dad8d5d2697364594d6e01fd1698f6ec0ace20b721acb1c617afe
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf50b4a0ef54a0e82bbd12c54fe8e497fa1b3068d00c72306259bacbd4fe224
6d02537a86ac0059d784dbe19d4b20b9f38144a9a2da5686b1e0dda5f27e86c2
6dcacfbeaa0e51a7ebd11eb147f18bf2263185e8620662020bafa6b9833ac895
6f2f152b570d71ee4cbbe1274bfee67a7cb5193c7ab311ace97034ecfb947624
6f3bb7e125d927d916c578c006b2e087a49b612155d073b299d76d531a39e657
705ff70b643e209c697f93f0c42c84ea6dd64e35e9fead0caa1bc91bb60065d2
70828d3386d394bf286b96e7b70f502f11a85f241d8d1ca5bcd04a1e97023649
718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d
73b22182dec7ed7d86be8e57649eacbf04e639e602173bac53745a9470913455
7720981f81c85f561162dd8889c443a22fca70e71e8d828170b68bfc26661540
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d4a5ffa515caf0f5eae323a4d72c65f36c6de7ef722badcaaa832c7e2395572
7dbe746ee74ad352b603929570ba5f52f3b048053e98962b7946690d0ec5b54c
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
7f3e636bcdf07c23ef03477c34757c3ee388b9f3e898188225aadf87bd5b25b5
80781bbe1d81f324bf0f41df45724d1ffc2dbda71f0ea199a913ccf708ca8284
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b58afaf830ba51130ea7072344887fba421f8e0518686a49a89837f010c559
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
880abd1c233708c78bcd0a9c5ba5dd7555211cc00e628021c1e5f50e4f0e485b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
898caace438a9925e895e871dd44cc56b1a8143ea77535a1e4caa5f6b553edfb
8b4a3652a32257df76398a8a4ab832a050423b7825fa33ab97366e0d83dd4862
908d52256ccbc2c28bef26bd8521f974122f169aeaadf42cc48193735ca9b6cc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
931143bad19f42bec041d52ce026f1d8c039d82bc08c4ee5f3d3f27377cd2412
93ab49bc6238f0f6212d5942e6c52be7eae398e84bd9d748803836199d0746e1
9400d1b122f8baa0c73c03abdc8007a2fe5780b64e33cc5faf3b5c2c15f6e020
94942fad1063c2770548acc8fdc17cf8eaadc13738178d70dbd0d408d590e778
94f301476f6e3bad1a2ac0c21895e078c1dbecf29d2a50dfad998c493b6eda0e
9edb2c90fd6d3004fc4dba7064870297829950dbfb256ded8c575e7bf3c9dec7
a4904d50e40ada4976f45101cf460a93eb83a7e2feca91712e46ad622457e2e2
a673f6d6d082cbe9a25f0f773a2540d24e7427856d8338dfebd2968bbeddb7a7
a747a192fb4230e35e2fd78447bb0129a3fd9222354449ccd11115d564023f8d
aaba6ddd7b3595332d3ba69f3b1ec88f6229d7277d0a71108f76c189c19614eb
ad3a75fcf3e9fad91021b54bec0d081dc617672ca740fa1c485ade6df4f7ef41
ad4bbdb8bc104ad6e09cf76b9f9725eb9d74cef7d3d8e9d593bd60c5bfb46dee
adc9f82fae77ea36e1f5ce4eae85110c306819e19cac85b12ab0f19130e87a85
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3c7dddc496948980da5da6f786667996bf8513507403a1a64b4ec5003918d45
b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af
bba2effb91745469929c5e993fe2c38cf19aaa2056b5e746e68bf35641c12095
bc533f0ae1fb67dd88c186bb862fd84ab7efefcbb4bba2285b3729873846e9bc
bceb67719489d29fb2e4c74fe9d9956120fc98d7d7aba7c225e47bc77c7b91dd
bee9c546f0500189dc24f61b2c3ed05df0d2d989bf1891daba2fd293ba2f9cbe
bf267e44b195e47be570dab9a8d360f6e56594825fc90ebb1ccb8e33793610cf
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
bfe5c226625e2d4924ab0b70eb1a5cbece2d7d4e3a50964ace39a209bf2d9ac6
c1d384b1facfbbc3813492b60aa7fff6447b6db9253abe821043bd204ad5bc5e
c351a7e7aca20f8d9d1b7ee122589cd3488602af5a9cf210c22f7e89e897cd6a
c469f91bb3f5547f5e8f8feb99fe3d2c98c68f7d7ddcb2c4a4aab7447d588c53
c4e2db2860a5841d508dfb6692187433b561f577ffbc735d6f5cf946a3a947a4
c716b112c1f0deb92f52c52b6dc7502e4ac57a304c49a23609c39781a7e586f9
c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c991e57593efb95800ba1166ed6469e36146fcb1859566c8134964b3dde2eda1
cb534efe547cb9d9ba2853d713e575e0ca10c4f154733406372df2bb40514f80
cb5c4975d2cfbfa9486bedc6ce54f57d54e979c248f0b0e196699b9166e6648c
ce0277a9b955f3751687dc240a6221d7e5ae38353974d790c06e6abb154357d3
d0195a5a14c496c88b66f39b4bc500d41da7d1678814868f3671a52801645b9b
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d1ad8fe752ae2a30c2a1d699d06035a25a0d9a126455a3aa0c76e611a0a0ad33
d3ec09caf051a4a00d410aceb3fdc24e14bf2ac99f68999d9371bae49f79f914
d47fe0b6c81139a632f561041fc656d841de4c6023c2e4497a9fd93fafce4c1c
d86885dfb06ed30648930452190eb91c85fe8a86c863c348078b1a8d48b81426
d9925c1bef157e46012e2fb2dca5ac809e0c2ac2f15c28928974a495a48ee74f
dad2e6bb3ac10b4da6dd0f1985d87364af3aa1a0dba6e88b749e38f4207f6ec7
dc896af2c2c6ce8a2aa36619e5327e4e4e13830ad8670724d0a6e35687f2aa33
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
dd8bce41d0be6d4e5449bef910b493bcf872a4189a361451102996bfe0082f3a
ddc90c6bde8cd1e78fa0c373dbf664b3ed4becf7e1224fe5510d96c46b17874a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
defae6aed9e3489a9996fc363db0b8d356cc25ccfa5e061719a5f1bd344b3a23
e04bdf79531824da7a9060598887eb8d08145dd84e4f433152ad915d30449f7c
e19c8dde41a783c0f2ee3e1dab10648155511602eae9ef896e3ab2ad9b244339
e30a48a7615ba27b3d0f38babb6462da2e80f208d98b2baf8f6764b00f2a4066
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4995a1647916583ca12ef566434cf47c8e491ac1658b6d7630763f957696b74
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e618c75852d3d3774a9ed489de8390b61fefa3730385d1fd71a3ae9718797b69
e63bbd058713fa36c455833be8b97850e9857257d2247990e328856241329307
e857e5990cf935c75f0a98a99d822f0d74c4edd21e4a467c02eab5239d99312d
e8bc7150519c3bec8751de818bca8136134aff71a27cd65551e9a488f12e9340
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f070276771bf2bdfac5e7eff25db4361eebd2f38167df4d1974dac562932be47
f3613a8d1372261cb74d2a8b53eb117e32f8fdd2e3d9d72141610f06f9292d15
f36407993e16efb421a47f0915c29eb0c3171c99051ab7bb0810ba5869b315f5
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f7037190c446071a76c7adb272153f34d1366a185c269c2c4d86b8c5f042564c
f9c39680773790fb7a554a7f9a70238e4a521cc3d8d8c82641d37c69cc740630
f9d6eafcb51142ebbffdf3fdcd4643607b85b32c39987f1b6677396808cb9904
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdc12f45116811f3496a07c7f9ee89d407fa74f0656735506298ff396488aec5
ffc820fbf5792a9333fba7a74cc435f44361c698875a2854528592870d1c88a9

premier.ticketek.com.au Open in urlscan Pro 45.60.198.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

204 Requests

87 %HTTPS

44 %IPv6

43 Domains

63 Subdomains

48 IPs

7 Countries

3736 kBTransfer

8188 kBSize

75 Cookies

24 Outgoing links

Page URL History

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

premier.ticketek.com.au Open in urlscan Pro
45.60.198.230 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

87 %
HTTPS

44 %
IPv6

43
Domains

63
Subdomains

48
IPs

7
Countries

3736 kB
Transfer

8188 kB
Size

75
Cookies

204 HTTP transactions
1 data transactions