premier.ticketek.com.au Open in urlscan Pro
45.60.196.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://arep.cc/C6T1cRyTI8?e=aTZFYEjtd9eTAtZxlJG65djZSnzxubiscdo3hOppmHnvCWzDxklV0hGvtsxMM9Wu
Effective URL:
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Submission: On November 17 via manual (November 17th 2021, 1:56:09 pm UTC) from CA — Scanned from CA

Summary HTTP 186 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 48 IPs in 3 countries across 44 domains to perform 186 HTTP transactions. The main IP is 45.60.196.230, located in United States and belongs to INCAPSULA, US. The main domain is premier.ticketek.com.au.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on October 21st 2021. Valid for: 6 months.

This is the only time premier.ticketek.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.62.81.96 52.62.81.96	16509 (AMAZON-02) (AMAZON-02)
2 64	45.60.196.230 45.60.196.230	19551 (INCAPSULA) (INCAPSULA)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:a00... 2a04:4e42:a00::282	54113 (FASTLY) (FASTLY)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:808::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:94f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.100.147.231 104.100.147.231	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.224.206.71 13.224.206.71	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f011:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.210.63 13.224.210.63	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.1.208 151.101.1.208	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.193.208 151.101.193.208	54113 (FASTLY) (FASTLY)
1	13.224.210.65 13.224.210.65	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f11... 2a03:2880:f111:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:402... 2607:f8b0:4023:1404::9a	15169 (GOOGLE) (GOOGLE)
1	13.224.210.105 13.224.210.105	16509 (AMAZON-02) (AMAZON-02)
4	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:a872	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	3.217.204.166 3.217.204.166	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:aa72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.187.87.190 54.187.87.190	16509 (AMAZON-02) (AMAZON-02)
8 8	3.234.202.189 3.234.202.189	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:a772	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
2 2	54.166.52.96 54.166.52.96	14618 (AMAZON-AES) (AMAZON-AES)
2 3	68.67.178.15 68.67.178.15	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2600:1f18:1c9... 2600:1f18:1c96:4102:98df:7314:c81c:e465	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
7 8	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
6 12	18.211.230.185 18.211.230.185	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 3	23.41.168.244 23.41.168.244	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.197.192.192 34.197.192.192	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1 1	18.205.214.32 18.205.214.32	14618 (AMAZON-AES) (AMAZON-AES)
1	34.206.47.24 34.206.47.24	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.233.246.214 18.233.246.214	14618 (AMAZON-AES) (AMAZON-AES)
8 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	192.35.249.120 192.35.249.120	11742 (SPOTX-IAD) (SPOTX-IAD)
186	48

1 52.62.81.96 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-81-96.ap-southeast-2.compute.amazonaws.com

arep.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 45.60.196.230 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

premier.ticketek.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ticketek.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:94f (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.100.147.231 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-100-147-231.deploy.static.akamaitechnologies.com

sadmin.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.206.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-206-71.phl50.r.cloudfront.net

d35kvm5iuwjt9t.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f011:8:face:b00c:0:1 (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.210.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-210-63.phl50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.208 (United States)

ASN54113 (FASTLY, US)

sdk.iad-06.braze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2001 (United States)

ASN15169 (GOOGLE, US)

3b1ae6e229f36c635cf65894aff1bac0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.208 (United States)

ASN54113 (FASTLY, US)

braze-images.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.210.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-210-65.phl50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f111:83:face:b00c:0:25de (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.210.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-210-105.phl50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

ticketek.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a872 (United States)

ASN13335 (CLOUDFLARENET, US)

ticketekau.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
segment.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.217.204.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-204-166.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:aa72 (United States)

ASN13335 (CLOUDFLARENET, US)

location.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.87.190 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-87-190.us-west-2.compute.amazonaws.com

tega.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.234.202.189 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-202-189.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:a772 (United States)

ASN13335 (CLOUDFLARENET, US)

hit.api.useinsider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.166.52.96 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-52-96.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.178.15 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 633.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:1c96:4102:98df:7314:c81c:e465 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.2 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.211.230.185 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-230-185.compute-1.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.41.168.244 (Edison, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-244.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.192.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1001 (Ashburn, United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.205.214.32 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-214-32.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.47.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-47-24.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.233.246.214 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-246-214.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.120 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	ticketek.com.au 2 redirects premier.ticketek.com.au www.ticketek.com.au	694 KB
28	everesttech.net 22 redirects cm.everesttech.net pixel.everesttech.net sync-tm.everesttech.net	10 KB
18	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	128 KB
12	demdex.net dpm.demdex.net tega.demdex.net	16 KB
10	google-analytics.com www.google-analytics.com	58 KB
7	googlesyndication.com 3b1ae6e229f36c635cf65894aff1bac0.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	38 KB
7	zdassets.com static.zdassets.com ekr.zdassets.com	326 KB
5	useinsider.com ticketekau.api.useinsider.com location.api.useinsider.com segment.api.useinsider.com hit.api.useinsider.com	60 KB
5	facebook.com www.facebook.com	935 B
5	googleapis.com fonts.googleapis.com	4 KB
4	google.com www.google.com	2 KB
4	zendesk.com ticketek.zendesk.com	2 KB
4	braze.com sdk.iad-06.braze.com	1 KB
4	facebook.net connect.facebook.net	197 KB
4	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	109 KB
3	casalemedia.com 2 redirects ssum.casalemedia.com dsum-sec.casalemedia.com	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	google.ca www.google.ca	762 B
3	fontawesome.com use.fontawesome.com	84 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	64 KB
3	cloudfront.net d35kvm5iuwjt9t.cloudfront.net	175 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	383 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	528 B
2	adsrvr.org 2 redirects match.adsrvr.org	937 B
2	tidaltv.com 2 redirects sync.tidaltv.com	673 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	gstatic.com fonts.gstatic.com	153 KB
2	brightcove.com sadmin.brightcove.com	18 KB
2	googletagservices.com www.googletagservices.com	63 KB
2	polyfill.io polyfill.io	732 B
1	pubmatic.com image2.pubmatic.com	547 B
1	rubiconproject.com pixel.rubiconproject.com	754 B
1	yahoo.com ads.yahoo.com	447 B
1	eyeota.net ps.eyeota.net	83 B
1	turn.com 1 redirects d.turn.com	402 B
1	googleadservices.com www.googleadservices.com	15 KB
1	braze-images.com braze-images.com	60 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	appboycdn.com js.appboycdn.com	49 KB
1	googletagmanager.com www.googletagmanager.com	114 KB
1	googleoptimize.com www.googleoptimize.com	35 KB
1	arep.cc 1 redirects arep.cc	635 B
186	44

	Domain	Requested by
63	premier.ticketek.com.au	1 redirects premier.ticketek.com.au
12	pixel.everesttech.net	6 redirects
10	dpm.demdex.net	premier.ticketek.com.au
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com premier.ticketek.com.au
8	sync-tm.everesttech.net	8 redirects
8	cm.g.doubleclick.net	7 redirects
8	cm.everesttech.net	8 redirects
6	static.zdassets.com	premier.ticketek.com.au static.zdassets.com
5	www.facebook.com	premier.ticketek.com.au connect.facebook.net
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net premier.ticketek.com.au
5	fonts.googleapis.com	premier.ticketek.com.au
4	www.google.com	tpc.googlesyndication.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ticketek.zendesk.com	static.zdassets.com
4	stats.g.doubleclick.net	www.google-analytics.com
4	sdk.iad-06.braze.com	js.appboycdn.com
4	connect.facebook.net	premier.ticketek.com.au connect.facebook.net
3	ib.adnxs.com	2 redirects
3	www.google.ca
3	use.fontawesome.com	js.appboycdn.com use.fontawesome.com
3	d35kvm5iuwjt9t.cloudfront.net	premier.ticketek.com.au
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.tidaltv.com	2 redirects
2	pm.w55c.net	2 redirects
2	tega.demdex.net	premier.ticketek.com.au
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	ticketekau.api.useinsider.com	www.googletagmanager.com ticketekau.api.useinsider.com
2	fonts.gstatic.com	fonts.googleapis.com
2	sadmin.brightcove.com	premier.ticketek.com.au
2	www.googletagservices.com	premier.ticketek.com.au securepubads.g.doubleclick.net
2	maxcdn.bootstrapcdn.com	premier.ticketek.com.au maxcdn.bootstrapcdn.com
2	polyfill.io	premier.ticketek.com.au
2	stackpath.bootstrapcdn.com	premier.ticketek.com.au
1	image2.pubmatic.com
1	dsum-sec.casalemedia.com
1	pixel.rubiconproject.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	ads.yahoo.com
1	ps.eyeota.net
1	d.turn.com	1 redirects
1	hit.api.useinsider.com	ticketekau.api.useinsider.com
1	segment.api.useinsider.com	ticketekau.api.useinsider.com
1	location.api.useinsider.com	ticketekau.api.useinsider.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	braze-images.com	premier.ticketek.com.au
1	3b1ae6e229f36c635cf65894aff1bac0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.hotjar.com	premier.ticketek.com.au
1	ekr.zdassets.com	static.zdassets.com
1	cdnjs.cloudflare.com	premier.ticketek.com.au
1	js.appboycdn.com	premier.ticketek.com.au
1	www.googletagmanager.com	premier.ticketek.com.au
1	www.googleoptimize.com	premier.ticketek.com.au
1	www.ticketek.com.au	1 redirects
1	arep.cc	1 redirects
186	62

This site contains links to these domains. Also see Links.

Domain
help.ticketek.com.au
hardwaregroup.com.au
www.artscentremelbourne.com.au
www.facebook.com
www.twitter.com
www.instagram.com
play.google.com
apps.apple.com
www.teg.com.au
premier.ticketek.co.nz
premier.ticketek.co.uk
premier.ticketek.com.sg
premier.ticketek.com.my
premier.ticketek.com.ph

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-21` - `2022-04-21`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sadmin.brightcove.com DigiCert SHA2 Secure Server CA	`2021-02-18` - `2022-02-22`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-26` - `2021-11-24`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.iad-06.braze.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
braze-images.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
ticketek.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
useinsider.com Cloudflare Inc ECC CA-3	`2021-09-20` - `2022-09-19`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Frame ID: 2E0B991316FC874597A17761DC511B68
Requests: 139 HTTP requests in this frame

Frame: https://3b1ae6e229f36c635cf65894aff1bac0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 143294A3ACB3FB0179CFE5DBF0AC6758
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufrSBQiAPOju5YcavzNH3DBz45EXcn9A_162ErFh-GGkoezOOs7VH6o7U8TQcC-DW6Fetgn1jdee4ASyfTRNFFe3I1ZV44Ovnuk3OWgJmSseEGx30bU-rF1GdmuSB_vj72HVrfRUQ7eaq4kxdl_uQGlD0k0kzTN0t9ctgI03_LGgcDF8gjy6cs3O91BIkYpFAz1519TFoZo2voXjrP6nQ8aejD2wkK3KYchnxo8PqYhTnxQDotff2FYOv6ijo5APND2oqMRzysvIHRZeZS78UlYxuJFIgtnnBE6lKsP14nA-NWM1wpTaFSEA3899Mvcy_EKg&sai=AMfl-YS9wQprmG8OKTtyp1OZXu5woaphimrx1KdHlGGur0k5PUq9PqBAozQXDGi_5ND9fPyoIK2Z9b1CfwRfua-yD6EA3TnjaLeuFFf0I8kR6U8iUJ9R_6J9sXmAsKWE3So&sig=Cg0ArKJSzEBxohlzOshWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8D7D383095248A1840CACE8BD4679010
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: BA5E0A3964558FB27E1BFF9E57BD999A
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js
Frame ID: 9EE594639A74D6B6DDA42A5573964A85
Requests: 9 HTTP requests in this frame

Frame: https://ticketekau.api.useinsider.com/worker-new.html
Frame ID: AC83F034DAD50DAFF1DED2D22C0D2499
Requests: 1 HTTP requests in this frame

Frame: https://tega.demdex.net/dest5.html?d_nsid=0
Frame ID: CD97629505233A88D44824231F903482
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DF505C1DD7368EDA92CBB28E4D5F9A23
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA0D64C392696CBA875E6A430C1E3FBC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Piknic Electronik tickets | Sidney Myer Music Bowl | Ticketek Australia

Page URL History Show full URLs

https://arep.cc/C6T1cRyTI8?e=aTZFYEjtd9eTAtZxlJG65djZSnzxubiscdo3hOppmHnvCWzDxklV0hGvtsxMM9Wu HTTP 301
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER Page URL
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER HTTP 302
http://www.ticketek.com.au/detection.aspx?rt=https%3a%2f%2fpremier.ticketek.com.au%2fshows%2fshow.aspx%... HTTP 302
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER Page URL

Page Statistics

186
Requests

86 %
HTTPS

45 %
IPv6

44
Domains

62
Subdomains

48
IPs

3
Countries

2473 kB
Transfer

7358 kB
Size

80
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://help.ticketek.com.au/hc/en-us/sections/1500000221602-Ticketek-Agencies
Title: Agencies

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/articles/360001880427-How-do-I-book-an-accessible-seat
Title: Accessible Seating

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/requests/new?ticket_form_id=360000134807
Title: here

Search URL Search Domain Scan URL

URL: https://hardwaregroup.com.au/
Title: www.hardwaregroup.com.au/

Search URL Search Domain Scan URL

URL: https://www.artscentremelbourne.com.au/visit/theatres-and-spaces/sidney-myer-music-bowl
Title: www.artscentremelbourne.com.au

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TicketekAustralia

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Ticketek_AU

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ticketekaustralia/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=au.com.ticketek&hl=en_AU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/au/app/ticketek/id454379421

Search URL Search Domain Scan URL

URL: https://www.teg.com.au/
Title: Corporate & Media Inquiries

Search URL Search Domain Scan URL

URL: https://www.teg.com.au/teg-careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://premier.ticketek.co.nz/
Title: Ticketek New Zealand

Search URL Search Domain Scan URL

URL: https://premier.ticketek.co.uk/
Title: Ticketek UK

Search URL Search Domain Scan URL

URL: https://premier.ticketek.com.sg/
Title: Ticketek Singapore

Search URL Search Domain Scan URL

URL: https://premier.ticketek.com.my/
Title: Ticketek Malaysia

Search URL Search Domain Scan URL

URL: https://premier.ticketek.com.ph/
Title: Ticketek Philippines

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/categories/360000150768-Frequently-Asked-Questions
Title: Frequently asked questions

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us?_ga=2.128894281.430885618.1607322929-817718009.1607322929
Title: Contact us

Search URL Search Domain Scan URL

URL: https://help.ticketek.com.au/hc/en-us/categories/360000153707-Events-Cancellation-Changes
Title: Cancelled & postponed events

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://arep.cc/C6T1cRyTI8?e=aTZFYEjtd9eTAtZxlJG65djZSnzxubiscdo3hOppmHnvCWzDxklV0hGvtsxMM9Wu HTTP 301
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER Page URL
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER HTTP 302
http://www.ticketek.com.au/detection.aspx?rt=https%3a%2f%2fpremier.ticketek.com.au%2fshows%2fshow.aspx%3fsh%3dPIKNICVI22%26eg%3dPRESALE%26ep%3dBORISFOREVER HTTP 302
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://arep.cc/C6T1cRyTI8?e=aTZFYEjtd9eTAtZxlJG65djZSnzxubiscdo3hOppmHnvCWzDxklV0hGvtsxMM9Wu HTTP 301
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Request Chain 137

https://cm.everesttech.net/cm/dd?d_uuid=01318236328110523672942051730373950678 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZUJ9AAAAMP7lAQL

Request Chain 155

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=rrIGYTJJ1MNlpW5

Request Chain 157

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=116649822844571462

Request Chain 160

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=38noredirect HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=38noredirect&s_h=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=2bdd78f2-0826-49b8-ba5d-ec9c8ec1f55d

Request Chain 163

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3519904876419611526

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDEzMTgyMzYzMjgxMTA1MjM2NzI5NDIwNTE3MzAzNzM5NTA2Nzg= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNWBHPaIPE3eilJOYqAqd0&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 165

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEMntxwfEsiK3MW6Ivdf1Jhw&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 166

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMntxwfEsiK3MW6Ivdf1Jhw&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 167

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEMntxwfEsiK3MW6Ivdf1Jhw&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 168

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEMntxwfEsiK3MW6Ivdf1Jhw&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 169

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMntxwfEsiK3MW6Ivdf1Jhw&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 170

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e327a4f0-75af-4a05-bffb-ffd68104efd3

Request Chain 171

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMntxwfEsiK3MW6Ivdf1Jhw&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 172

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YZUJ9p6WV7dwgHs.g2FNYQAA%26551

Request Chain 174

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YZUJ9AAAAMP7lAQL&sigv=1&esig=1~8028b97793f0229e5cfc3564150e1f26315c3dd5

Request Chain 175

https://usermatch.krxd.net/um/v2?partner=adobe&id=01318236328110523672942051730373950678 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=01318236328110523672942051730373950678

Request Chain 176

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=01318236328110523672942051730373950678?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=01318236328110523672942051730373950678?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=650ebdf6c659faddd4a91e430ebf2b22

Request Chain 177

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpVSjlBQUFBTVA3bEFRTA==

Request Chain 178

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZUJ9AAAAMP7lAQL&expires=90

Request Chain 179

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUJ9AAAAMP7lAQL

Request Chain 180

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YZUJ9AAAAMP7lAQL

Request Chain 181

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZUJ9AAAAMP7lAQL HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZUJ9AAAAMP7lAQL

Request Chain 182

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZUJ9AAAAMP7lAQL

Request Chain 183

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUJ9AAAAMP7lAQL&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUJ9AAAAMP7lAQL&img=1&__user_check__=1&sync_id=1c9f4124-47ae-11ec-8935-18834d520303

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZUJ9AAAAMP7lAQL&t=2592000&o=0

186 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

show.aspx Show response
premier.ticketek.com.au/shows/
Redirect Chain

https://arep.cc/C6T1cRyTI8?e=aTZFYEjtd9eTAtZxlJG65djZSnzxubiscdo3hOppmHnvCWzDxklV0hGvtsxMM9Wu
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

212 B
551 B

117ms
27ms

Document
text/html

45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

content-type: text/html
cache-control: no-cache, no-store
content-length: 212
x-iinfo: 3-19143895-0 0NNN RT(1637157360659 0) q(0 -1 -1 1) r(0 -1) B10(4,314,0) U18

Redirect headers

Server: nginx
Date: Wed, 17 Nov 2021 13:56:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Vary: Accept
Location: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, HEAD, OPTIONS, DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token,Accept,Origin,Content-Type
Access-Control-Expose-Headers: X-Auth-Token

GET
H2 200 _Incapsula_Resource Show response
premier.ticketek.com.au/ 182 KB
26 KB 35ms
35ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f55c42c4c2795fd7dc19f26a457a9ffe5ac88766809e16492f6ebed688441524

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 26659
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
premier.ticketek.com.au/ 29 B
56 B 25ms
25ms XHR
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/_Incapsula_Resource?SWHANEDL=4495673257248368404,10144916984919528879,14347515889876568051,185657
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 29
content-type: application/javascript

GET
H2

200

Primary Request show.aspx Show response
premier.ticketek.com.au/shows/
Redirect Chain

https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
http://www.ticketek.com.au/detection.aspx?rt=https%3a%2f%2fpremier.ticketek.com.au%2fshows%2fshow.aspx%3fsh%3dPIKNICVI22%26eg%3dPRESALE%26ep%3dBORISFOREVER
https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

47 KB
14 KB

297ms
297ms

Document
text/html

45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.196.230 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

632bb1dcbeceacf177c63a0f776b811c445e99cbe1009a6993a3533f78f4bb03

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-type: text/html; charset=utf-8
cache-control: private, no-store
pragma: no-cache
content-encoding: gzip
expires: Tue, 17 Nov 2020 13:56:02 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
x-cdn: Imperva
x-iinfo: 3-19144060-19143908 PNNy RT(1637157361671 0) q(0 0 0 -1) r(3 3) U12

Redirect headers

Date: Wed, 17 Nov 2021 13:56:02 GMT
Content-Type: text/html; charset=us-ascii
Content-Length: 213
Connection: keep-alive
Cache-Control: private
Location: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-FRAME-OPTIONS: SAMEORIGIN
X-CDN: Imperva
X-Iinfo: 6-10253097-10253098 NNNN CT(206 -1 0) RT(1637157361210 0) q(0 0 2 4) r(4 4) U5

GET
H2 200 _Incapsula_Resource
premier.ticketek.com.au/ 1 B
35 B 28ms
27ms Image
text/plain 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/_Incapsula_Resource?SWKMTFSR=1&e=0.38992702452559125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET _Incapsula_Resource
premier.ticketek.com.au/ 0
0

GET
H2 200 u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra Show response
premier.ticketek.com.au/ 127 KB
41 KB 74ms
72ms Script
text/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: d9f3be2abd33560c5876bb1ceb14550e44567d23082c8023df0932701196560a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:01 GMT
content-encoding: gzip
server: connector
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 3-19144096-19144097 NNNN CT(3 4 0) RT(1637157361990 0) q(0 0 0 -1) r(0 1) U18
cache-control: public, max-age=60
server-timing: bon, total;dur=1.132477
content-length: 41541
x-cdn: Imperva

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/ 150 KB
24 KB 56ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 2844903
cdn-cachedat: 2021-04-13 03:04:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9e419f45d40b754e7130ad8f3a9c64ac
cf-ray: 6af975cba9967138-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 16 KB
991 B 84ms
36ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8bc7150519c3bec8751de818bca8136134aff71a27cd65551e9a488f12e9340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 12:26:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 13:56:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
780 B 87ms
39ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700;800&display=swap

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a7b3e9d366f83e95798b36dad847a8b717d1065cf36e3da011ffd01fb60e335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:56:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 13:56:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
439 B 85ms
38ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:56:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 13:56:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
607 B 83ms
36ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway&display=swap

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3ec09caf051a4a00d410aceb3fdc24e14bf2ac99f68999d9371bae49f79f914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:25:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 13:56:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 main.css
premier.ticketek.com.au/assets/css/ 911 KB
250 KB 41ms
28ms Stylesheet
text/css 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/assets/css/main.css?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f367a88c9ea181a2be27c0b64727322b12c77e509deb5b13df0967e41f249b21

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 01:28:36 GMT
x-cdn: Imperva
etag: "03a80729bd6d71:0"
content-type: text/css
x-iinfo: 3-19144099-0 0CNN RT(1637157362000 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=2062, public
content-length: 255412
expires: Wed, 17 Nov 2021 14:30:24 GMT

GET
H2 200 conflictX.css
premier.ticketek.com.au/css/ 529 B
475 B 72ms
60ms Stylesheet
text/css 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/css/conflictX.css?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6324f69233f73f119979b489f5d32a2250b3bfeb7d24d8b2908b92bb6c1e2e09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: text/css
x-iinfo: 3-19144100-0 0CNN RT(1637157362003 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 314
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 87 KB
35 KB 93ms
37ms Script
application/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-PHMCZX3

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66829514f9f2a85657a2ce0c132cc2d891f3c8791f2e2f386f0d1fc76a4fabd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34859
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 messages_en.js Show response
premier.ticketek.com.au/js/ 17 KB
5 KB 78ms
66ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/messages_en.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 54977bd28e95c5d7f9aa476648978d4805fb1fbc7e56b4e3d8a4055d225919f4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:40 GMT
x-cdn: Imperva
etag: "0c4ae3f53d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144101-0 0CNN RT(1637157362006 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23838, public
content-length: 4855
expires: Wed, 17 Nov 2021 20:33:20 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
559 B 61ms
22ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=es6%2Ces7?features=es6%2Ces7

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1345814
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Nov 2021 07:23:43 GMT
date: Wed, 17 Nov 2021 13:56:02 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-latest.min.js Show response
premier.ticketek.com.au/js/jquery/ 87 KB
30 KB 95ms
84ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery/jquery-latest.min.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144102-0 0CNN RT(1637157362007 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46063, public
content-length: 30851
expires: Thu, 18 Nov 2021 02:43:45 GMT

GET
H2 200 jquery.greybox.js Show response
premier.ticketek.com.au/js/ 8 KB
3 KB 77ms
65ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.greybox.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d9925c1bef157e46012e2fb2dca5ac809e0c2ac2f15c28928974a495a48ee74f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144103-0 0CNN RT(1637157362008 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46061, public
content-length: 2735
expires: Thu, 18 Nov 2021 02:43:43 GMT

GET
H2 200 jquery.cookie.js Show response
premier.ticketek.com.au/js/ 2 KB
911 B 99ms
86ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.cookie.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e30a48a7615ba27b3d0f38babb6462da2e80f208d98b2baf8f6764b00f2a4066

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144104-0 0CNN RT(1637157362009 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 814
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 jquery.session.js Show response
premier.ticketek.com.au/js/ 2 KB
868 B 77ms
65ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.session.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: adc9f82fae77ea36e1f5ce4eae85110c306819e19cac85b12ab0f19130e87a85

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144105-0 0CNN RT(1637157362010 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 771
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 jquery-ui.js Show response
premier.ticketek.com.au/js/ 317 KB
76 KB 78ms
66ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery-ui.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 83b58afaf830ba51130ea7072344887fba421f8e0518686a49a89837f010c559

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144106-0 0CNN RT(1637157362011 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 77998
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 jquery.formatCurrency-1.3.0.pack.js Show response
premier.ticketek.com.au/js/ 3 KB
1 KB 89ms
77ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.formatCurrency-1.3.0.pack.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2d3e82a60eaa972e5fafba6741ac1357f01fa898f24fbe822058d19af621e16d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144107-0 0CNN RT(1637157362012 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 1186
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 Modernizr.js Show response
premier.ticketek.com.au/js/ 9 KB
4 KB 89ms
78ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/Modernizr.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 705ff70b643e209c697f93f0c42c84ea6dd64e35e9fead0caa1bc91bb60065d2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144108-0 0CNN RT(1637157362013 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 4197
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 Softix.Resources.js Show response
premier.ticketek.com.au/js/ 842 B
434 B 90ms
78ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/Softix.Resources.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6dcacfbeaa0e51a7ebd11eb147f18bf2263185e8620662020bafa6b9833ac895

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144109-0 0CNN RT(1637157362013 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 337
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 softixCommon.js Show response
premier.ticketek.com.au/js/ 83 KB
18 KB 100ms
89ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softixCommon.js?5.22.51.0-20210406
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c469f91bb3f5547f5e8f8feb99fe3d2c98c68f7d7ddcb2c4a4aab7447d588c53

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144110-0 0CNN RT(1637157362014 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 18075
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 softix.crypto.js Show response
premier.ticketek.com.au/js/ 7 KB
3 KB 92ms
81ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softix.crypto.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ddc90c6bde8cd1e78fa0c373dbf664b3ed4becf7e1224fe5510d96c46b17874a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144111-0 0CNN RT(1637157362015 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46063, public
content-length: 3158
expires: Thu, 18 Nov 2021 02:43:45 GMT

GET
H2 200 softix.analytics.js Show response
premier.ticketek.com.au/js/ 68 KB
14 KB 105ms
94ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softix.analytics.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c716b112c1f0deb92f52c52b6dc7502e4ac57a304c49a23609c39781a7e586f9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144112-0 0CNN RT(1637157362016 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46063, public
content-length: 13956
expires: Thu, 18 Nov 2021 02:43:45 GMT

GET
H2 200 accessibleseating.js Show response
premier.ticketek.com.au/js/ 1 KB
674 B 92ms
82ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/accessibleseating.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 93ab49bc6238f0f6212d5942e6c52be7eae398e84bd9d748803836199d0746e1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144113-0 0CNN RT(1637157362017 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46063, public
content-length: 577
expires: Thu, 18 Nov 2021 02:43:45 GMT

GET
H2 200 addmorebutton.js Show response
premier.ticketek.com.au/js/ 914 B
581 B 97ms
87ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/addmorebutton.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8b4a3652a32257df76398a8a4ab832a050423b7825fa33ab97366e0d83dd4862

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144114-0 0CNN RT(1637157362018 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 484
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 facevaluefee.js Show response
premier.ticketek.com.au/js/ 283 B
336 B 98ms
88ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/facevaluefee.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 34fe739dc619a4c6ba22e594e4d52f330b964918a25f59f145b9fcfb387998e4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144116-0 0CNN RT(1637157362022 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46063, public
content-length: 218
expires: Thu, 18 Nov 2021 02:43:45 GMT

GET
H2 200 paymentfixes.js Show response
premier.ticketek.com.au/js/ 3 KB
654 B 97ms
88ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/paymentfixes.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f9c39680773790fb7a554a7f9a70238e4a521cc3d8d8c82641d37c69cc740630

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144117-0 0CNN RT(1637157362024 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 557
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 socialdistancing.js Show response
premier.ticketek.com.au/js/ 3 KB
1 KB 103ms
93ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/socialdistancing.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d86885dfb06ed30648930452190eb91c85fe8a86c863c348078b1a8d48b81426

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144120-0 0CNN RT(1637157362030 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 1293
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 softix.analytics.adobewebtracking.js Show response
premier.ticketek.com.au/js/ 468 B
418 B 105ms
95ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softix.analytics.adobewebtracking.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e618c75852d3d3774a9ed489de8390b61fefa3730385d1fd71a3ae9718797b69

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144121-0 0CNN RT(1637157362034 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 322
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 jsencrypt.min.js Show response
premier.ticketek.com.au/js/ 56 KB
17 KB 106ms
96ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jsencrypt.min.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6f2f152b570d71ee4cbbe1274bfee67a7cb5193c7ab311ace97034ecfb947624

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144124-0 0CNN RT(1637157362039 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46063, public
content-length: 17207
expires: Thu, 18 Nov 2021 02:43:45 GMT

GET
H2 200 affiliate.js Show response
premier.ticketek.com.au/js/ 561 B
454 B 110ms
101ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/affiliate.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 94f301476f6e3bad1a2ac0c21895e078c1dbecf29d2a50dfad998c493b6eda0e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144125-0 0CNN RT(1637157362040 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46064, public
content-length: 316
expires: Thu, 18 Nov 2021 02:43:46 GMT

GET
H2 200 messages_en.js Show response
premier.ticketek.com.au/js/ 17 KB
5 KB 111ms
101ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/messages_en.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 54977bd28e95c5d7f9aa476648978d4805fb1fbc7e56b4e3d8a4055d225919f4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:40 GMT
x-cdn: Imperva
etag: "0c4ae3f53d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144126-0 0CNN RT(1637157362041 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 4855
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 louderAdUnits.js Show response
premier.ticketek.com.au/themes/anz-1/js/ 18 KB
3 KB 111ms
102ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/themes/anz-1/js/louderAdUnits.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: d0195a5a14c496c88b66f39b4bc500d41da7d1678814868f3671a52801645b9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:40 GMT
x-cdn: Imperva
etag: "0c4ae3f53d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144127-0 0CNN RT(1637157362042 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 2833
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 ecal-widget.js Show response
premier.ticketek.com.au/js/custom/ 7 KB
2 KB 112ms
103ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/custom/ecal-widget.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 09ca096b5dcefed31369c823f65ebb9b2836844fa0d5a6b9b4f97cb6625b0675

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144128-0 0CNN RT(1637157362043 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 2041
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 main.js Show response
premier.ticketek.com.au/assets/scripts/ 4 KB
1 KB 112ms
104ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/assets/scripts/main.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c991e57593efb95800ba1166ed6469e36146fcb1859566c8134964b3dde2eda1

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144129-0 0CNN RT(1637157362044 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 1107
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 stay22-map-widget.js Show response
premier.ticketek.com.au/js/custom/ 4 KB
2 KB 113ms
104ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/custom/stay22-map-widget.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: aaba6ddd7b3595332d3ba69f3b1ec88f6229d7277d0a71108f76c189c19614eb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144130-0 0CNN RT(1637157362047 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46062, public
content-length: 1874
expires: Thu, 18 Nov 2021 02:43:44 GMT

GET
H2 200 zendesk.js Show response
premier.ticketek.com.au/js/custom/ 578 B
427 B 113ms
105ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/custom/zendesk.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 55d44cd61ee84c79e7d910fc9c7c498fef7a6231efc1f343dba333d2246559d8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144131-0 0CNN RT(1637157362048 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46063, public
content-length: 330
expires: Thu, 18 Nov 2021 02:43:45 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 80ms
23ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=b5f04b59-a9b6-433a-9db0-27be35227c83

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: C5ZBEJVY3QYRNZPN
x-amz-id-2: xB3AMN/reIBL8PxTgoyrYnaJQnWxMm4AG9HLPYT+/tukBAuZngWOdZlzOSx9H9Qopr/sWy/6Fzc=
last-modified: Wed, 09 Jun 2021 00:08:59 GMT
server: cloudflare
etag: W/"cc904f41324148b571599b3b02fdec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaQuc4wvQ6d6edcZJg2MaKoaqgw7zScVDcb2waq8Edjacu2pZZo6UEJqIzCU6SmossbfJfvogRI4tKhlIT1O%2F3UcBxsHigTWNMLhWew5P3VgrVEF%2B6POcuS2QMQr3VCDxyy5dyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray: 6af975cbeff64bca-YUL

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/ 54 KB
15 KB 37ms
19ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 2844903
cdn-cachedat: 2021-06-08 14:31:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 38891cc35d4a304233ed660cdd6f5f30
cf-ray: 6af975cba9987138-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 custom-scripts.js Show response
premier.ticketek.com.au/js/ 6 KB
2 KB 113ms
106ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/custom-scripts.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: dc896af2c2c6ce8a2aa36619e5327e4e4e13830ad8670724d0a6e35687f2aa33

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144132-0 0CNN RT(1637157362049 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=21426, public
content-length: 1907
expires: Wed, 17 Nov 2021 19:53:08 GMT

GET
H2 200 jquery-calendar.js Show response
premier.ticketek.com.au/js/ 21 KB
6 KB 113ms
106ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery-calendar.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c1d384b1facfbbc3813492b60aa7fff6447b6db9253abe821043bd204ad5bc5e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144133-0 0CNN RT(1637157362050 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23853, public
content-length: 5680
expires: Wed, 17 Nov 2021 20:33:35 GMT

GET
H2 200 ios7ipad.js Show response
premier.ticketek.com.au/js/ 239 B
301 B 137ms
131ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/ios7ipad.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f36407993e16efb421a47f0915c29eb0c3171c99051ab7bb0810ba5869b315f5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144134-0 0CNN RT(1637157362050 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23864, public
content-length: 163
expires: Wed, 17 Nov 2021 20:33:46 GMT

GET
H2 200 AC_RunActiveContent.js Show response
premier.ticketek.com.au/js/ 2 KB
1 KB 114ms
108ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/AC_RunActiveContent.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 363da08842b371b115aed72a5eb403e1bea447df77d1a1f3892bab6cc4f759fc

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144135-0 0CNN RT(1637157362051 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23853, public
content-length: 906
expires: Wed, 17 Nov 2021 20:33:35 GMT

GET
H2 200 jquery.transit.min.js Show response
premier.ticketek.com.au/js/ 8 KB
3 KB 113ms
107ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.transit.min.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144136-0 0CNN RT(1637157362052 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23853, public
content-length: 2753
expires: Wed, 17 Nov 2021 20:33:35 GMT

GET
H2 200 JCalendar.css
premier.ticketek.com.au/css/ 3 KB
1 KB 100ms
94ms Stylesheet
text/css 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/css/JCalendar.css?060819
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1dc7dc002e2016f0628dc8262d8a803a5d7a0db57055a3e8cecdf7b1c948ba9a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: text/css
x-iinfo: 3-19144122-0 0CNN RT(1637157362035 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23875, public
content-length: 959
expires: Wed, 17 Nov 2021 20:33:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 416 B
833 B 73ms
35ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Waiting+for+the+Sunrise

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22be3b608d348c6fde6943128b3b85d447800263df2f30629026930384ae0b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:44:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 13:56:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
6 KB 68ms
29ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718, 718
age: 2846497
cdn-cachedat: 2021-04-13 02:36:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 357c5298f2849c0ce9712c57ec240f4e
cf-ray: 6af975cbdd127136-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 softix.braze.js Show response
premier.ticketek.com.au/js/ 8 KB
2 KB 114ms
108ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/softix.braze.js?5.22.51.0
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 307b9dbbe788513d426415296a1a0651d4aeb628e81cfa2873f32e8766c296f2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144137-0 0CNN RT(1637157362053 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=46063, public
content-length: 2431
expires: Thu, 18 Nov 2021 02:43:45 GMT

GET
H2 200 auOnly.css
premier.ticketek.com.au/css/ 96 B
268 B 101ms
96ms Stylesheet
text/css 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/css/auOnly.css?060819
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 249f06a35cb2786148c66d93b37f2173b54f6afc7e196d5e7500f2e1dba0ad79

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: text/css
x-iinfo: 3-19144123-0 0CNN RT(1637157362038 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23884, public
content-length: 108
expires: Wed, 17 Nov 2021 20:34:06 GMT

GET
H2 200 presale.js Show response
premier.ticketek.com.au/js/ 4 KB
1 KB 114ms
109ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/presale.js?v=130809
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 39ac6d1ed483472b163f001f9d17806fc32db5066145fade59f7f5644c963fdb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144138-0 0CNN RT(1637157362054 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23888, public
content-length: 940
expires: Wed, 17 Nov 2021 20:34:10 GMT

GET
H2 200 jquery.expander.js Show response
premier.ticketek.com.au/js/ 8 KB
3 KB 134ms
130ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.expander.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7d4a5ffa515caf0f5eae323a4d72c65f36c6de7ef722badcaaa832c7e2395572

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144139-0 0CNN RT(1637157362055 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23888, public
content-length: 2955
expires: Wed, 17 Nov 2021 20:34:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 395 KB
114 KB 109ms
62ms Script
application/javascript 2607:f8b0:4006:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N79SLR

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f33f3668f5735650281d8aef990def0094dd706773708f6352ba7bd72c2e9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115726
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 101 B
173 B 15ms
12ms Other
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=es6%2Ces7?features=es6%2Ces7

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1345814
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Nov 2021 07:23:43 GMT
date: Wed, 17 Nov 2021 13:56:02 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 94ms
36ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/themes/anz-1/js/louderAdUnits.js?5.22.51.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f45d503d1e9878318f854a834321163b2b434cf2521e89d6bd94eb8e9f38bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1046 / 962 of 1000 / last-modified: 1637150726"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26683
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 appboy.min.js Show response
js.appboycdn.com/web-sdk/3.1/ 183 KB
49 KB 67ms
22ms Script
application/javascript 2606:4700:10::6816:94f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/3.1/appboy.min.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/js/softix.braze.js?5.22.51.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:94f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad2e6bb3ac10b4da6dd0f1985d87364af3aa1a0dba6e88b749e38f4207f6ec7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 Feb 2021 00:22:35 GMT
server: cloudflare
age: 2553
etag: W/"1c3631b60e0fed888d7a4fcedb3e0448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6af975cdbad67156-YUL
x-amz-request-id: XZG4Q6BY420A996N
x-amz-id-2: nCE4vvnrLA8lFGG08owpVvL33xNMYtMdj35v8PuI88yfh9jEzW6lrVk+Cyr6CxYTFzAUIQh/Lac=

GET
H2 200 jquery.session.js Show response
premier.ticketek.com.au/js/ 2 KB
909 B 38ms
35ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery.session.js?150817
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: adc9f82fae77ea36e1f5ce4eae85110c306819e19cac85b12ab0f19130e87a85

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144155-0 0CNN RT(1637157362232 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23887, public
content-length: 771
expires: Wed, 17 Nov 2021 20:34:09 GMT

GET
H2 200 accordion.js Show response
premier.ticketek.com.au/js/ 406 B
317 B 39ms
36ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/accordion.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ad4bbdb8bc104ad6e09cf76b9f9725eb9d74cef7d3d8e9d593bd60c5bfb46dee

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144156-0 0CNN RT(1637157362235 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23884, public
content-length: 221
expires: Wed, 17 Nov 2021 20:34:06 GMT

GET
H2 200 swfobject.js Show response
premier.ticketek.com.au/js/ 6 KB
2 KB 38ms
35ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/swfobject.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f9d6eafcb51142ebbffdf3fdcd4643607b85b32c39987f1b6677396808cb9904

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144157-0 0CNN RT(1637157362237 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23884, public
content-length: 1998
expires: Wed, 17 Nov 2021 20:34:06 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/1.5.1/ 2 KB
1 KB 64ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/1.5.1/js.cookie.min.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7037190c446071a76c7adb272153f34d1366a185c269c2c4d86b8c5f042564c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2512264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 729
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvzEPsC8X%2FB6Nzc1QGd5HY2%2FriY2LLJBxIyxd%2FuIfmXWTLQRs7ucrb9wdQ36JFgeVqkeOXTlbbF20ZAiJ83xpgcB%2BrY1vPhOx%2FyvxQ033EBUKA70I4vhQ0RVim4jOjVozBUjxfNaLefcgRNXeEQI4vLo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6af975cd4cad714b-YUL
expires: Mon, 07 Nov 2022 13:56:02 GMT

GET
H2 200 WebResource.axd Show response
premier.ticketek.com.au/ 16 KB
4 KB 45ms
42ms Script
application/x-javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZB9yQQAH4aPm3RiCoAfdV4b7u5ZhZhVea3BiG1n5SpFKwAAVDA2&t=637322313357241717
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6924ff420cfd645667ff37d1b972f5a1412933427985f171eff1c011e06c3e9b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 03:35:35 GMT
x-cdn: Imperva
content-type: application/x-javascript
x-iinfo: 3-19144159-0 0CNN RT(1637157362242 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29521677, public
content-length: 4019
expires: Tue, 25 Oct 2022 06:23:59 GMT

GET
H2 200 ScriptResource.axd Show response
premier.ticketek.com.au/ 188 KB
40 KB 47ms
43ms Script
application/x-javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/ScriptResource.axd?d=yeSNAJTOPtPimTGCAo3LlUCn3jRAZse2oM66xWzIxAcji5d9C_LdDtq6B5LriTei2acIJl0gxT-6cUgzk3axgYD-GIx8SEt8Xj9frxf2FQTojZVo0&t=ffffffffec54f2d7
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a4904d50e40ada4976f45101cf460a93eb83a7e2feca91712e46ad622457e2e2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 07:29:16 GMT
x-cdn: Imperva
content-type: application/x-javascript
x-iinfo: 3-19144160-0 0CNN RT(1637157362244 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29525594, public
content-length: 40877
expires: Tue, 25 Oct 2022 07:29:16 GMT

GET
H2 200 ScriptResource.axd Show response
premier.ticketek.com.au/ 59 KB
12 KB 45ms
42ms Script
application/x-javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/ScriptResource.axd?d=DT3YJR8QaqV61-teuz0hglxhnid0W6BxGXYeDtIrFp6DOLbHXqrJwMlq_Ma5QqCtvGke5Xq0ToTh4S-opqGiw6Dpjj0DEE3yxO4UqMSCrP6wFymiZpje7DiHOYgzWtOKtZoCcg2&t=ffffffffec54f2d7
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 009c5e73bf6b01d1c8ed3dcb7da2ba322fa6edf5561c3b5eecbb339cea98ec60

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 07:35:31 GMT
x-cdn: Imperva
content-type: application/x-javascript
x-iinfo: 3-19144161-0 0CNN RT(1637157362245 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=29525969, public
content-length: 11747
expires: Tue, 25 Oct 2022 07:35:31 GMT

GET
H2 200 jquery-ui.js Show response
premier.ticketek.com.au/js/ 317 KB
76 KB 53ms
50ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/jquery-ui.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 83b58afaf830ba51130ea7072344887fba421f8e0518686a49a89837f010c559

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144162-0 0CNN RT(1637157362251 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23874, public
content-length: 77998
expires: Wed, 17 Nov 2021 20:33:56 GMT

GET
H/1.1 200
OK SmartPlayerAPI.js Show response
sadmin.brightcove.com/js/api/ 24 KB
6 KB 172ms
43ms Script
application/x-javascript 104.100.147.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sadmin.brightcove.com/js/api/SmartPlayerAPI.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.100.147.231 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-100-147-231.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

94942fad1063c2770548acc8fdc17cf8eaadc13738178d70dbd0d408d590e778

Security Headers

Name	Value
Strict-Transport-Security	max-age=3156000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jan 2014 21:32:56 GMT
Server: AkamaiNetStorage
ETag: "6066d423027073d6bc4740c234acb3f1:1390512780"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Strict-Transport-Security: max-age=3156000
Accept-Ranges: bytes
Content-Length: 5337

GET
H/1.1 200
OK BrightcoveExperiences.js Show response
sadmin.brightcove.com/js/ 48 KB
12 KB 185ms
52ms Script
application/x-javascript 104.100.147.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sadmin.brightcove.com/js/BrightcoveExperiences.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.100.147.231 Atlanta, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-100-147-231.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3156000

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 15:36:45 GMT
Server: AkamaiNetStorage
ETag: "08117b928b93481e76c055da3748401b:1528299406"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: max-age=300
Strict-Transport-Security: max-age=3156000
Accept-Ranges: bytes
Content-Length: 12140

GET
H2 200 Video.js Show response
premier.ticketek.com.au/js/ 9 KB
2 KB 60ms
58ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/Video.js?d=030620
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7720981f81c85f561162dd8889c443a22fca70e71e8d828170b68bfc26661540

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144163-0 0CNN RT(1637157362253 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23864, public
content-length: 2330
expires: Wed, 17 Nov 2021 20:33:46 GMT

GET
H/1.1 200
OK Ticketek-Logo-White.svg
d35kvm5iuwjt9t.cloudfront.net/images/ 2 KB
2 KB 86ms
24ms Image
image/svg+xml 13.224.206.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35kvm5iuwjt9t.cloudfront.net/images/Ticketek-Logo-White.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.206.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-206-71.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 273e6b9c3a93e545186527784a7ef95553b9e3c4f62a64e77638ca3d64b1d4b4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 19:44:02 GMT
Content-Encoding: gzip
Age: 5163121
Transfer-Encoding: chunked
x-amz-meta-sha256: 273e6b9c3a93e545186527784a7ef95553b9e3c4f62a64e77638ca3d64b1d4b4
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 07 Sep 2020 03:54:00 GMT
Server: AmazonS3
ETag: W/"cc24d34f951bd50165324b5086e032d2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 aed3f8ed29085c056c75452d71b07f7f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PHL50-C1
X-Amz-Cf-Id: 7-v-NC4nY2Ungr26YKo-7IKm5b92wnoEk0trJZ8E0NBpUtlRs0sPUA==
x-amz-meta-s3b-last-modified: 20200907T035304Z

GET
H2 200 RegionSelector.js Show response
premier.ticketek.com.au/js/ 802 B
428 B 48ms
42ms Script
application/javascript 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/js/RegionSelector.js
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f3613a8d1372261cb74d2a8b53eb117e32f8fdd2e3d9d72141610f06f9292d15

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:46 GMT
x-cdn: Imperva
etag: "04b424353d0d71:0"
content-type: application/javascript
x-iinfo: 3-19144170-0 0CNN RT(1637157362317 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23838, public
content-length: 291
expires: Wed, 17 Nov 2021 20:33:20 GMT

GET
H/1.1 200
OK sfx267787.jpg
d35kvm5iuwjt9t.cloudfront.net/dbimages/ 112 KB
113 KB 102ms
38ms Image
image/jpeg 13.224.206.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35kvm5iuwjt9t.cloudfront.net/dbimages/sfx267787.jpg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.206.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-206-71.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fbdea074ffc6f89f2a3421222f1b1223b698c79dc2624fd51b5730e1a348fe3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 22:12:38 GMT
Via: 1.1 53e905605490f05641e5a7bb370e4b1b.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Nov 2021 04:58:29 GMT
Server: AmazonS3
Age: 143005
ETag: "68669447e47c410cabf0a3ef11619c52"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: PHL50-C1
Accept-Ranges: bytes
Content-Length: 115190
X-Amz-Cf-Id: ti6Xss237M27NEmSl0dYzX6KUGFCPHLhFrrye3tMgK6JvhmP9DpGkw==

GET
H/1.1 200
OK sfx267785.jpg
d35kvm5iuwjt9t.cloudfront.net/dbimages/ 60 KB
60 KB 106ms
40ms Image
image/jpeg 13.224.206.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35kvm5iuwjt9t.cloudfront.net/dbimages/sfx267785.jpg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.206.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-206-71.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f094ef6c307dcb5714193d0b2e52c40979fe1970a86f974c1ba59bcd2f637044

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 22:12:40 GMT
Via: 1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Nov 2021 04:57:32 GMT
Server: AmazonS3
Age: 143003
ETag: "f0bece3df9fe924c10313613b67577fc"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: PHL50-C1
Accept-Ranges: bytes
Content-Length: 61072
X-Amz-Cf-Id: A76JhvDx_fxeWcwMLH83sZ5dibVb8FY4YVfn5lfGSVDqj4-a1XQshg==

GET
H2 200 facebook.svg
premier.ticketek.com.au/assets/images/icons/ 973 B
706 B 48ms
43ms Image
image/svg+xml 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/icons/facebook.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 58c436fa205315b39757504b283fa3cc7565d9966c18b09cb62f4e8a427a8670

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-19144171-0 0CNN RT(1637157362321 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23865, public
content-length: 533
expires: Wed, 17 Nov 2021 20:33:47 GMT

GET
H2 200 twitter.svg
premier.ticketek.com.au/assets/images/icons/ 1 KB
837 B 53ms
49ms Image
image/svg+xml 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/icons/twitter.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: bee9c546f0500189dc24f61b2c3ed05df0d2d989bf1891daba2fd293ba2f9cbe

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-19144172-0 0CNN RT(1637157362323 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23864, public
content-length: 740
expires: Wed, 17 Nov 2021 20:33:46 GMT

GET
H2 200 youtube.svg
premier.ticketek.com.au/assets/images/icons/ 1 KB
717 B 54ms
50ms Image
image/svg+xml 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/icons/youtube.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ce0277a9b955f3751687dc240a6221d7e5ae38353974d790c06e6abb154357d3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-19144173-0 0CNN RT(1637157362325 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23865, public
content-length: 621
expires: Wed, 17 Nov 2021 20:33:47 GMT

GET
H2 200 instagram.svg
premier.ticketek.com.au/assets/images/icons/ 1 KB
689 B 53ms
50ms Image
image/svg+xml 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/icons/instagram.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9400d1b122f8baa0c73c03abdc8007a2fe5780b64e33cc5faf3b5c2c15f6e020

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-19144174-0 0CNN RT(1637157362326 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23866, public
content-length: 551
expires: Wed, 17 Nov 2021 20:33:48 GMT

GET
H2 200 google-play-badge.png
premier.ticketek.com.au/assets/images/badges/ 4 KB
4 KB 54ms
51ms Image
image/png 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/badges/google-play-badge.png
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 48d1bf407ff7c247b27eff6eb1e2550b626e688807d353cdeae95c526e33c4e6

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/png
x-iinfo: 3-19144175-0 0CNN RT(1637157362327 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=24045, public
content-length: 3763
expires: Wed, 17 Nov 2021 20:36:47 GMT

GET
H2 200 app-store-badge.png
premier.ticketek.com.au/assets/images/badges/ 2 KB
3 KB 54ms
51ms Image
image/png 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/assets/images/badges/app-store-badge.png
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f070276771bf2bdfac5e7eff25db4361eebd2f38167df4d1974dac562932be47

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
last-modified: Wed, 03 Nov 2021 01:36:42 GMT
x-cdn: Imperva
etag: "0f1df4053d0d71:0"
content-type: image/png
x-iinfo: 3-19144176-0 0CNN RT(1637157362328 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=24044, public
content-length: 2435
expires: Wed, 17 Nov 2021 20:36:46 GMT

GET
H2 200 b5f04b59-a9b6-433a-9db0-27be35227c83 Show response
ekr.zdassets.com/compose/ 343 B
976 B 357ms
320ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/b5f04b59-a9b6-433a-9db0-27be35227c83

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b5f04b59-a9b6-433a-9db0-27be35227c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b8ef409c675e946b6f3120e6e36aff2491f46ee3d5bc89e84a37ce27c527b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 2f09ba88-2045-4c83-a688-3b6f2caea683
x-runtime: 0.002914
server: cloudflare
etag: W/"4b8ef409c675e946b6f3120e6e36aff2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsZrXQx9FjhB66UlN1h5FReA%2FaSxBuatlWKfBB8LRl39sEFljtkTWkLsuXg0yglGJFsPJJuRSvlZ5AEekrk4q3LvvDI9tjA3EFB1%2F8fuVInf84GE2D18N31Rc%2FT24CzmiBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6af975cd4a4a4bca-YUL

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 135ms
44ms Script
application/x-javascript 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd1f2c9587e46bd8a9f9da94c91cafd15a1188d95756c237fcf4e86b58df64ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: LQkvMa9tEnfbUg2oBCVUfw==
cross-origin-resource-policy: cross-origin
expires: Wed, 17 Nov 2021 14:00:17 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: FmWiWqRPxiYa5QkPoXyWOsYHkE6YOQm2sBT517TCfTeEPi+7+6rPOrBrZpkSoXJMetUYBwNARKkygt7ACmuD+w==
x-fb-trip-id: 1460883810
x-fb-content-md5: 2c6286119832e6b2e38602228331d8f1
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Nov 2021 13:56:02 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d4a7d5dd736ef255efaaf47df2f99840"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 pubads_impl_2021111101.js Show response
securepubads.g.doubleclick.net/gpt/ 343 KB
116 KB 107ms
46ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117937
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 103 B
729 B 92ms
34ms XHR
application/json 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=premier.ticketek.com.au

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

48cbe7bf69de732b7c252c9ad6074b4add98138de314100a0ca2e7e4f1c0422c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Wed, 17 Nov 2021 13:56:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
20ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N79SLR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1386
date: Wed, 17 Nov 2021 13:32:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Nov 2021 15:32:56 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 45ms
45ms Script
application/x-javascript 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 9dnFi599nOgtyZ0h7+6L3fDH7XzRys0dCgJbz/MjsI9IpbCxmmfFvyoPY2L1ry7Q1owNrenPM/X3e1FJJyemvg==
x-fb-trip-id: 1460883810
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Nov 2021 13:56:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2141843.js Show response
static.hotjar.com/c/ 7 KB
3 KB 205ms
103ms Script
application/javascript 13.224.210.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2141843.js?sv=6

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.210.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-210-63.phl50.r.cloudfront.net

Software

Resource Hash

689bf938f6c7fc714c5ab0939f435289ef62bc0866a67c6fef964e9fddc427cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: PHL50-C1
etag: W/3292a54c5168464e07ac2f818d28a14e
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: AR4SCzNIzlUWD5FKMy_LobSpr2_NT3d05mDOXJUg_2Clk1nlEKofpg==
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)

GET
H2 200 7f85a56ba4.css
use.fontawesome.com/ 1 KB
1 KB 76ms
22ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/7f85a56ba4.css
Requested by: Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.1/appboy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2644
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BVYXP7TCNFR50PYS
x-amz-id-2: DdOS9d1GSH/ri7hZhFHYSqtGqtDkGOREUYdttsn4BXyek+dIPg7cV0/+tIRrFDJAReqnW6gCIwc=
last-modified: Wed, 30 Jun 2021 21:14:33 GMT
server: cloudflare
etag: W/"8360eb270b919a1fb4776bc448d9ed14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6NvXdJr421hfiK9VDFkYkDfU9EvmOdCw%2FGWt8fuTSMbKeJxfkILM7vcvRnGvgpf%2FDirPpbz2l9lR3pzvGflriJloMgBO%2BSdLZ58Eiqgj7oEhxDze300%2FRcs8xMPBZYZDsoCp6rFJu383ljB%2F6mQ1Nfz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 6af975ce9b7f7142-YUL

POST
H2 201 / Show response
sdk.iad-06.braze.com/api/v3/data/ 2 KB
1 KB 173ms
172ms XHR
application/json 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.1/appboy.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3839a8ffad6e4c0c23fba0fe5111bf2c255688d5f298cd55b04c946a7ccc0918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 35e9ff84-9413-4d1a-853b-5cdeba1dfdef
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 52e08af0-e2cf-41a9-bc58-ebff19d04a9d
x-served-by: cache-yul12820-YUL
x-runtime: 0.143066
server: nginx
x-timer: S1637157363.022291,VS0,VE160
etag: W/"3839a8ffad6e4c0c23fba0fe5111bf2c"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.iad-06.braze.com/api/v3/data/ Frame 0
0 80ms
33ms Preflight 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Origin: https://premier.ticketek.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Wed, 17 Nov 2021 13:56:03 GMT
via: 1.1 varnish
x-served-by: cache-yul12820-YUL
x-cache: MISS
x-cache-hits: 0
x-timer: S1637157363.988210,VS0,VE15
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v115/ 115 KB
115 KB 105ms
34ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v115/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff98a3721641d17bb9ffd57a411430956d49f407e645a856f13a2906cbbf44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://premier.ticketek.com.au
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 19:39:06 GMT
x-content-type-options: nosniff
age: 411417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117988
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:58:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 19:39:06 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 37 KB
38 KB 88ms
20ms Font
font/woff2 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://premier.ticketek.com.au
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 16:21:37 GMT
x-content-type-options: nosniff
age: 77666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 16:21:37 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 285 KB
82 KB 145ms
48ms Script
application/x-javascript 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=93093e9c4ae9f27af4f0425398ad52c3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a6b77936937b1a925dec328cb50c0972fbee6b57cf314dc904752e937404875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://premier.ticketek.com.au/
Origin: https://premier.ticketek.com.au
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JeRAwR9Wah9Ils+IQzVDBw==
cross-origin-resource-policy: cross-origin
expires: Thu, 17 Nov 2022 13:35:09 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82915
x-fb-rlafr: 0
x-fb-debug: LigE/rfMKV1GhZvc7LJ/vSgxCMrGeD5DgkaRjwr0TUqtEUvkwitcEbVwLWcN2Mqsek8H4Ik4jRoQiFH3zh4c8Q==
x-fb-trip-id: 1460883810
x-fb-content-md5: fb52c92d4f251cf3de4c6e2111570d6d
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 17 Nov 2021 13:56:03 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "33f74c592d571322cea1e7f096857fe1"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 angel-arrow-down.svg
premier.ticketek.com.au/images/icons/ 349 B
417 B 44ms
43ms Image
image/svg+xml 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/images/icons/angel-arrow-down.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/assets/css/main.css?5.22.51.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 4df3d519156036cf37a97d62b2344e99f37581584f9f6350b463675007be4ebf

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/assets/css/main.css?5.22.51.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:44 GMT
x-cdn: Imperva
etag: "01e114253d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-19144191-0 0CNN RT(1637157362484 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23867, public
content-length: 256
expires: Wed, 17 Nov 2021 20:33:49 GMT

GET
H2 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 64 KB
64 KB 19ms
18ms Font
font/woff 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin: https://premier.ticketek.com.au
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 674, 617, 617, 617
age: 295775
cdn-cachedat: 2021-06-08 10:16:01
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65452
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0f022779ec5fff6e16647223029e4fb5
accept-ranges: bytes
cf-ray: 6af975ce9dc97138-YUL
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1615462762065567 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 47ms
46ms Script
application/x-javascript 2a03:2880:f011:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1615462762065567?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f011:8:face:b00c:0:1 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e44308861f5dbec0f708c01a42054ffb44a330afcf9f7bfc808f55db249fbca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88890
x-xss-protection: 0
pragma: public
x-fb-debug: Dxf5mowIOJHekD6njh08jA13KpQKzNzaxhS2ZS5mbaytAQSnpLiOoe3YSOOrCFJbSGP5A/fmuPo5zl/Uo8qSYQ==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Wed, 17 Nov 2021 13:56:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 28ms
27ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://use.fontawesome.com/7f85a56ba4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11555318
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: K7K0THYQ96VNEJP7
x-amz-id-2: rU/viUmgijuqli49HvCaXbrtIiMj5zQGFnS2WqhEgix7uS9L0RUR7kqVRw89/FXc+PfAJfy/Kdc=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rgg3y9Z3Nz%2BtulczJYFY10oNxkUmUUsDBCWTIGi9sQv5MJFEjxskM0Q9k3dpI61VrATW3W49%2Bxlk5TUUWjDjDPmyPj8BSkhsMiJjJNFvvWIevl%2B0DYeAyP4oYyJ8XEtTw%2BWeFpAAmu2rOEkRT%2FQWiBEq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6af975ceebd67142-YUL

GET
H2 200 angel-arrow-up.svg
premier.ticketek.com.au/images/icons/ 348 B
393 B 31ms
31ms Image
image/svg+xml 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://premier.ticketek.com.au/images/icons/angel-arrow-up.svg
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/assets/css/main.css?5.22.51.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 7fc8615d4ec68caca566e256a5d03e76d36f7dee7073f1cda988cd2d20121fe8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/assets/css/main.css?5.22.51.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:02 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 01:36:44 GMT
x-cdn: Imperva
etag: "01e114253d0d71:0"
content-type: image/svg+xml
x-iinfo: 3-19144195-0 0CNN RT(1637157362533 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=23970, public
content-length: 254
expires: Wed, 17 Nov 2021 20:35:32 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 38ms
37ms Script
application/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PHMCZX3&t=gtm5&cid=1183983333.1637157363

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

280b8ad3b63032156ff0c8104a2f5ad91f9a78d3b2650445237d84a570c545df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34947
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Nov 2021 13:56:03 GMT

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 43ms
19ms Font
application/font-woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/7f85a56ba4.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/7f85a56ba4.css
Origin: https://premier.ticketek.com.au
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48314
cf-ray: 6af975d05ed7ca53-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
x-amz-id-2: EesNieAOXEIfc4ji8g3H/l/AUf4tclbGrpey608G1O+n/AqSju3P9IRwLRXFY4huSVODMv89/i4=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XrEnBLwn8jezVeBuyNQfvkiFPURjbVDwahxFvykPhzKWgTJQV14sf%2FcYsjOo8POJ7d1ekwDfCMVDIS0oIUgFtJMDZH9VUL2QBuvBbxDuBha3YzTPgvTnhhaL1agXs0IPUvoARRbeG3nfm9iRgk9Wa2P"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: QACPEFTQS3FD5F2X
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: application/font-woff2

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 80ms
79ms XHR
text/plain 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=126975479738842&correlator=2809658378741503&output=ldjh&impl=fifs&eid=31060438%2C44754276%2C31062931&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211117&iu_parts=315659751%2CROS_leaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=url%3Dsh%253DPIKNICVI22%2526eg%253DPRESALE%2526ep%253DBORISFOREVER%26mt%3DCONTMU%26mst%3DFOLK%26pst%3DFullShow%26psh%3DPIKNICVI22%26sh%3DPIKNICVI22%26rgn%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1637157363&dt=1637157363260&dlt=1637157362461&idt=746&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=20&adks=1497453722&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=1183983333.1637157363&ga_sid=1637157363&ga_hid=836072045&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

e5deef5b7d99e2c39dcb441fbfd361b1028dca83276b2d8b605aa05dc52b423d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8404
x-xss-protection: 0
google-lineitem-id: 5746300795
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138357532255
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3b1ae6e229f36c635cf65894aff1bac0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1432 6 KB
4 KB 114ms
36ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3b1ae6e229f36c635cf65894aff1bac0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 17 Nov 2021 13:56:03 GMT
expires: Thu, 17 Nov 2022 13:56:03 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 sync
sdk.iad-06.braze.com/api/v3/content_cards/ Frame 0
0 27ms
26ms Preflight 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/content_cards/sync

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Origin: https://premier.ticketek.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Wed, 17 Nov 2021 13:56:03 GMT
via: 1.1 varnish
x-served-by: cache-yul12820-YUL
x-cache: MISS
x-cache-hits: 0
x-timer: S1637157363.324739,VS0,VE16
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 sync Show response
sdk.iad-06.braze.com/api/v3/content_cards/ 85 B
224 B 62ms
60ms XHR
application/json 151.101.1.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.iad-06.braze.com/api/v3/content_cards/sync

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/3.1/appboy.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c4ba148170fedff35a4f1ee897e9e094f740aaa3e94a142ce1657b02bcfdad36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: 35e9ff84-9413-4d1a-853b-5cdeba1dfdef
X-Braze-DataRequest: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
X-Requested-With: XMLHttpRequest
X-Braze-ContentCardsRequest: true

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
access-control-max-age: 7200
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: b312c5f5-9de3-4198-8945-47bebbced5ea
x-served-by: cache-yul12820-YUL
x-runtime: 0.025473
server: nginx
x-timer: S1637157363.354979,VS0,VE42
etag: W/"c4ba148170fedff35a4f1ee897e9e094"
vary: Origin,Accept-Encoding
access-control-allow-methods: POST, GET
content-type: application/json
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 original.jpg
braze-images.com/appboy/communication/marketing/slide_up/slide_up_message_parameters/images/6046fd8cd3d4dd2e7972f0c9/73d57eb3a7efa9a12a2b0c798f128f23c0479a18/ 59 KB
60 KB 44ms
12ms Image
image/jpeg 151.101.193.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://braze-images.com/appboy/communication/marketing/slide_up/slide_up_message_parameters/images/6046fd8cd3d4dd2e7972f0c9/73d57eb3a7efa9a12a2b0c798f128f23c0479a18/original.jpg?1615265167
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.208 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a63ab6b6a02156b3421de98ddc7ebf33c260684c6dde172181c6cfb28431d8a9

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 574126
x-cache: HIT, HIT
content-length: 60524
x-amz-id-2: uMKrcevVLSd6/thtlnGvi9um3qnrBDwkdITLSET2XWwqx2GzLBh+SFU6qciPkZGbX854UHAggVQ=
server: AmazonS3
x-served-by: cache-bwi5134-BWI, cache-yul12827-YUL
last-modified: Tue, 09 Mar 2021 04:46:08 GMT
x-ab-reg-test: yes
x-timer: S1637157363.363022,VS0,VE1
etag: "80bdeec4b5031c9a934452b9b973d7c5"
access-control-allow-methods: GET
x-amz-request-id: 1VEBDX551A78X84A
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: ab-app-group-id
x-cache-hits: 1, 1

GET
H2 200 modules.1810afb089b838b62ed8.js Show response
script.hotjar.com/ 226 KB
60 KB 90ms
30ms Script
application/javascript 13.224.210.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.1810afb089b838b62ed8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2141843.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.210.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-210-65.phl50.r.cloudfront.net

Software

Resource Hash

2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1857
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60615
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 13:25:01 GMT
etag: "1f23634605f98b007e0df34e60106bb8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cf88880413082302757828626cf7b021.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PHL50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: fUd3CRl5_HHYOufx4P3pP9QQnEZ0qyuo6LHAupEIzLDs16xqHt4fwQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 135ms
45ms Image
image/gif 2a03:2880:f111:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1615462762065567&ev=PageView&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&rl=&if=false&ts=1637157363388&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.2.1637157363382.1105551406&it=1637157363008&coo=false&exp=p1&rqm=GET

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f111:83:face:b00c:0:25de Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 13:56:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D7D 0
0 47ms
47ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufrSBQiAPOju5YcavzNH3DBz45EXcn9A_162ErFh-GGkoezOOs7VH6o7U8TQcC-DW6Fetgn1jdee4ASyfTRNFFe3I1ZV44Ovnuk3OWgJmSseEGx30bU-rF1GdmuSB_vj72HVrfRUQ7eaq4kxdl_uQGlD0k0kzTN0t9ctgI03_LGgcDF8gjy6cs3O91BIkYpFAz1519TFoZo2voXjrP6nQ8aejD2wkK3KYchnxo8PqYhTnxQDotff2FYOv6ijo5APND2oqMRzysvIHRZeZS78UlYxuJFIgtnnBE6lKsP14nA-NWM1wpTaFSEA3899Mvcy_EKg&sai=AMfl-YS9wQprmG8OKTtyp1OZXu5woaphimrx1KdHlGGur0k5PUq9PqBAozQXDGi_5ND9fPyoIK2Z9b1CfwRfua-yD6EA3TnjaLeuFFf0I8kR6U8iUJ9R_6J9sXmAsKWE3So&sig=Cg0ArKJSzEBxohlzOshWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 13:56:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Nov 2021 13:56:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D7D 119 KB
37 KB 347ms
46ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 13:56:03 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 58ms
55ms Fetch
text/plain 2a03:2880:f111:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=266866476780552&input_token&origin=1&redirect_uri=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=93093e9c4ae9f27af4f0425398ad52c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f111:83:face:b00c:0:25de Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: i0e9NKug0UlgsFCRvz2DX29e3Jv32aijSZtL+KsL1hLcrvo4SYB9okvbBY1UWC6D7EkJ5nXX6eg4TplMr8uFsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Wed, 17 Nov 2021 13:56:03 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://premier.ticketek.com.au
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 132ms
54ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43862537-1&cid=1183983333.1637157363&jid=456691903&gjid=572977341&_gid=1213387790.1637157363&_u=aGDAgEADQAAAAE~&z=1279132906

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Nov 2021 13:56:03 GMT
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
192 B 20ms
20ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=836072045&t=pageview&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&ul=en-us&de=UTF-8&dt=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=456691903&gjid=572977341&cid=1183983333.1637157363&tid=UA-43862537-1&_gid=1213387790.1637157363&z=523934992

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 09:36:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15569
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame BA5E 2 KB
1 KB 79ms
21ms Document
text/html 13.224.210.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2141843.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.210.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-210-105.phl50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL50-C1
x-amz-cf-id: ZEJfx_I6S9uGbcuxyOvp9jHvNnRzSH2l02SoKFEWoYoVGZU_spWL9Q==
age: 95997

GET
H2 200 web-widget-framework-7efa792099c7f4ce5b6d.js Show response
static.zdassets.com/web_widget/latest/ Frame 9EE5 240 KB
80 KB 32ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b5f04b59-a9b6-433a-9db0-27be35227c83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e00a81dfe57e896a546362e23a81d3a5c04a62b246f32c2ddd99871281d7d744

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46749
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 4Y6ARY65FS9XTPAK
x-amz-id-2: /o2w17goXze137klj8mNjdh4qtuVxJurHhD9vezOHxuinYsN0YT5KIeeAxhSlX0mMFRpP5IyBXs=
last-modified: Tue, 16 Nov 2021 23:43:32 GMT
server: cloudflare
etag: W/"7b7dd7cc39c87acc086f91c378266f45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7R2ZLeRp0baaCr59JdqHqZrhM%2FSW9hkvM1BpKyYxc6YDXOqET8s%2F36FG9TKaoAHkV0vz0s6AYah%2FxlqpHuT0wKmPNNX8BQKgEBd7j3liKLgFtoTmzRWBtzpbSSvtSai8neJjcdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: UpqZuE53reZiEitfDBX4fP_K7geVdo_o
cf-ray: 6af975d33a4c4bca-YUL
expires: Wed, 16 Nov 2022 23:43:31 GMT

POST
H2 200 u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra Show response
premier.ticketek.com.au/ 627 B
794 B 54ms
54ms Fetch
application/json 45.60.196.230
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://premier.ticketek.com.au/u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra?d=premier.ticketek.com.au
Requested by: Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/u-vnfesse-Giue-Vpon-vulgd-tunaturnes-we-feare-Ra
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.196.230 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: e728f73ce4e974cc593d0e26aa49f0a60bdcecb608704a292d639eaa6f514879

Request headers

Accept: application/json; charset=utf-8
Referer: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Wed, 17 Nov 2021 13:56:03 GMT
content-encoding: gzip
server: connector
content-type: application/json
access-control-allow-origin: *
x-iinfo: 3-19144326-19144097 PNYN RT(1637157363434 0) q(0 0 0 -1) r(0 0) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=22.552470000000003
x-cdn: Imperva

GET
H2 200 config Show response
ticketek.zendesk.com/embeddable/ Frame 9EE5 473 B
1 KB 386ms
347ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f696637e5a40eb203de8678ee6350211263cafba9239290a1f1e54440839b762

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-6776c74645-5pqc7
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 6af975d4ef334bbf-NRT
x-runtime: 0.002518
last-modified: Wed, 17 Nov 2021 13:44:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ2DjOjcn%2BTIquVK59o1ASw1qv8kQffXYKI3Mhy5b7atrkEZG8Gg%2BcGivNKDrOhVi3QmNA2IfO9caNol%2BgzUI8yKpQRuhqvA%2FBJN27kKGUlAM4LKV4uxKyLQRV5iMGugO899xtbQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6af975d4ef334bbf-YUL

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D7D 0
0 73ms
44ms Fetch
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssofZM5BuZ7vTMiN3-oxWOga4H0QLPUAKF4hj3UZrn3FqzxwIKKQseaxBLfmlQ3SKBJHP2FgfWBmHD0YaRGvkV6D8S6uI4QFoyl9cHAn0DSS91CSIMTnU8nniWXqwE4PZlEm6Zq2xnH2kmxfQqxiKH-yp_lbfyiLfP-HH_9-G7k2nftZp8p-P_EzvBLg7jOeLeweFiS_UHKcBQhfGpdYve0qksqnjZ0dcMK4G_H0WkrVuXW8NTCpYsRbm6BGIfaSwHjsTrt06NWK27Zx2khpcikqozXzA66rzTVnPXlJrmDCZiNbNC294prNn4h7yvx1gJJNth8&sai=AMfl-YRUmIlSW83_jBMohcskvfW4OYGvXzsM6UOR9IE3g5MVywsJd6GH9Ns_ZT9YOknW44dhEdACx49u8ZYMJBryyGr14cJ2lziNvcLwKgHGKuE4U7b2TRYRJLv80xabI6k&sig=Cg0ArKJSzF8jY-SWv3JSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 17 Nov 2021 13:56:04 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 19ms
19ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Nov 2021 14:42:14 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 101ms
52ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N79SLR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14383
x-xss-protection: 0
server: cafe
etag: 8922484703547193234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 13:56:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 91ms
42ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c4b1de278ac2eba429077663aa541bd7dab1b6b30b094ca93d9b34bfa851e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9334
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 347ms
45ms Image
image/gif 2a03:2880:f111:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1615462762065567&ev=Microdata&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&rl=&if=false&ts=1637157364042&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Cn%20%20%20%20%5Cn%5CtPiknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20%5Cn%5CtTicketek%20Australia%5Cn%5Cn%5Cn%22%2C%22meta%3Adescription%22%3A%22Buy%20official%20Piknic%20Electronik%20tickets%20for%20Sidney%20Myer%20Music%20Bowl.%20Get%20your%20official%20tickets%20from%20Ticketek%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Piknic%20Electronik%22%2C%22og%3Atype%22%3A%22activity%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fpremier.ticketek.com.au%2Fdbimages%2Fsfx267785.jpg%22%2C%22og%3Adescription%22%3A%22Piknic%20%C3%89lectronik%20Melbourne%20are%20adding%20a%20very%20special%20encore%20event%20to%20their%20Season%206%20series%2C%20headlined%20by%20Peggy%20Gou.%22%2C%22og%3Asite_name%22%3A%22%20Ticketek%20%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.2.1637157363382.1105551406&it=1637157363008&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f111:83:face:b00c:0:25de Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 13:56:04 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
950 B 19ms
19ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Nov 2021 14:42:13 GMT

GET
H2 200 ins.js Show response
ticketekau.api.useinsider.com/ 187 KB
55 KB 79ms
34ms Script
application/javascript 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N79SLR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c13488ad44fb3c979306129a36cdd21e4b75d58cdc6f55e9aebf5c0a114f242

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 862
x-amz-request-id: B4XJEYQMWEE4ARKV
x-amz-id-2: UlHTnAerpBSsK4s/iSn9RdiYb85lwIcDJIXLIs8U1lVj3XViMoqYGLCTyU+9wU1FszF5hxUdpLU=
last-modified: Thu, 04 Feb 2021 09:58:50 GMT
server: cloudflare
etag: W/"a66eeb7c4a2df137cc9cf106204ffab9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-version-id: ehqZn5JzPG_DOImCWGdVAVdfua.sZ3NM
cf-ray: 6af975d5a898714e-YUL
expires: Wed, 17 Nov 2021 14:01:04 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 6 KB
2 KB 111ms
30ms XHR
application/json 3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=495479CA584AB1B90A495EEA%40AdobeOrg&d_nsid=0&ts=1637157364071

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

d94aeca34201888b36db49c8041c6dc5fba1cd8650c3ef35e46c466f480939c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-va6-1-v019-02addfd88.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: hyKM9SlHSQ8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://premier.ticketek.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1644
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 310ms
46ms Image
image/gif 2a03:2880:f111:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1615462762065567&ev=ViewContent&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&rl=&if=false&ts=1637157364055&cd[content_name]=PIKNICVI22&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.2.1637157363382.1105551406&it=1637157363008&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f111:83:face:b00c:0:25de Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 17 Nov 2021 13:56:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
123 B 34ms
33ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=836072045&t=pageview&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&ul=en-us&de=UTF-8&dt=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDACEArRAAAAG~&jid=252406907&gjid=1249090931&cid=1183983333.1637157363&tid=UA-63445827-1&_gid=1213387790.1637157363&_r=1&gtm=2wgba1N79SLR&cd11=normal&cd12=advertising&cd13=FullShow&cd30=PRESALE&cd33=Normal%20Mode&cd35=0&cd37=New&cd38=1&cd39=d48aa089-28d3-4d92-8536-990a8fff5d9f&cd40=&pa=detail&pr1ca=CONTMU%2FFOLK&pr1id=PIKNICVI22&pr1nm=Piknic%20Electronik&pr1cd5=CONTMU&pr1cd6=FOLK&pr1cd7=normal&pr1cd8=available&pr1cd9=PIKNICVI22&z=450957736

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 24ms
23ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=836072045&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&ul=en-us&de=UTF-8&dt=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ShowPage%20M-Type&ea=CONTMU%2FFOLK&el=PIKNICVI22&_u=aHDACEArRAAAAG~&jid=&gjid=&cid=1183983333.1637157363&tid=UA-63445827-1&_gid=1213387790.1637157363&gtm=2wgba1N79SLR&cd31=CONTMU%2FFOLK&z=1824641053

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 09:36:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15570
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 24ms
24ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=836072045&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&ul=en-us&de=UTF-8&dt=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=BrowseShow&ea=view%20%7C%20%2Fshows%2Fshow.aspx&el=Other&_u=aHHACEArRAAAAG~&jid=&gjid=&cid=1183983333.1637157363&tid=UA-63445827-1&_gid=1213387790.1637157363&gtm=2wgba1N79SLR&z=1516235625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 09:36:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15570
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 356ms
53ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=%5Bobject%20Object%5D&cid=1183983333.1637157363&jid=1240898009&gjid=1939319749&_gid=1213387790.1637157363&_u=aHHAiEArRAAAAG~&z=1344166100

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Nov 2021 13:56:04 GMT
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
19ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=836072045&t=pageview&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&ul=en-us&de=UTF-8&dt=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHHAiEArRAAAAG~&jid=1240898009&gjid=1939319749&cid=1183983333.1637157363&tid=%5Bobject%20Object%5D&_gid=1213387790.1637157363&gtm=2wgba1N79SLR&pa=detail&pr1ca=CONTMU%2FFOLK&pr1id=PIKNICVI22&pr1nm=Piknic%20Electronik&pr1cd5=CONTMU&pr1cd6=FOLK&pr1cd7=normal&pr1cd8=available&pr1cd9=PIKNICVI22&cd4=0&z=1644833615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 09:36:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15570
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 117ms
100ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 17 Nov 2021 13:56:04 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978929700/ 2 KB
2 KB 96ms
44ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978929700/?random=1637157364129&cv=9&fst=1637157364129&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&tiba=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4292f55113a9fb1fa354300edf89a7c7ef94b90ec482161280207a47a876b0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 341ms
55ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63445827-1&cid=1183983333.1637157363&jid=252406907&gjid=1249090931&_gid=1213387790.1637157363&_u=aHDACEArRAAAAG~&z=2112552816

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Nov 2021 13:56:04 GMT
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 worker-new.html Show response
ticketekau.api.useinsider.com/ Frame AC83 8 KB
3 KB 23ms
22ms Document
text/html 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticketekau.api.useinsider.com/worker-new.html
Requested by: Host: ticketekau.api.useinsider.com
URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-type: text/html
access-control-allow-origin: *
last-modified: Tue, 16 Nov 2021 04:01:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 861
expires: Fri, 03 Dec 2021 13:56:04 GMT
cache-control: public, max-age=1382400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6af975d62964714e-YUL
content-encoding: br

GET
H2 200 / Show response
location.api.useinsider.com/ 260 B
482 B 461ms
417ms XHR
application/json 2606:4700::6811:aa72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://location.api.useinsider.com/?v=2&pId=10004098&
Requested by: Host: ticketekau.api.useinsider.com
URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:aa72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6b1c0d7e8c9e4703a8250f73bd65fb23d7cda5857302cfee92b8de23cf440e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 6af975d689357138-YUL
content-type: application/json

GET
H2 200 1637157364222398dea4bae.44d01c26 Show response
segment.api.useinsider.com/v4/segments/ 927 B
661 B 465ms
419ms XHR
application/json 2606:4700::6811:a872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://segment.api.useinsider.com/v4/segments/1637157364222398dea4bae.44d01c26?partnerid=10004098&fields=544da21d7e6756ee1860fc0228be4b5e,bdf571d0636fbb118c2b6e611c1bb789&
Requested by: Host: ticketekau.api.useinsider.com
URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69268e71e60dad8d5d2697364594d6e01fd1698f6ec0ace20b721acb1c617afe

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 6af975d68bb4ecfe-YUL

GET
H/1.1 200
OK dest5.html Show response
tega.demdex.net/ Frame CD97 7 KB
3 KB 459ms
111ms Document
text/html 54.187.87.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tega.demdex.net/dest5.html?d_nsid=0

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.87.190 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-87-190.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 17 Nov 2021 13:56:04 GMT
DCS: dcs-prod-usw2-1-v016-00c4c063b.edge-usw2.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 10:47:07 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: WEMTf0ERT8M=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YZUJ9AAAAMP7lAQL
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=01318236328110523672942051730373950678
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZUJ9AAAAMP7lAQL

42 B
949 B

36ms
35ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZUJ9AAAAMP7lAQL

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcscanary-prod-va6-1-v022-087444861.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fNrfqhgWT34=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZUJ9AAAAMP7lAQL
Date: Wed, 17 Nov 2021 13:56:04 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 hit Show response
hit.api.useinsider.com/ 16 B
285 B 451ms
399ms XHR
text/plain 2606:4700::6811:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hit.api.useinsider.com/hit
Requested by: Host: ticketekau.api.useinsider.com
URL: https://ticketekau.api.useinsider.com/ins.js?id=10004098
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
request-id: e85faf3f-0343-472d-bfe0-95e370d6f309
cf-ray: 6af975d6bd49714a-YUL
content-length: 16

GET
H2 200 /
www.google.com/pagead/1p-user-list/978929700/ 42 B
548 B 92ms
39ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978929700/?random=1637157364129&cv=9&fst=1637154000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&tiba=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&async=1&fmt=3&is_vtc=1&random=1329237889&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/978929700/ 42 B
548 B 92ms
40ms Image
image/gif 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/978929700/?random=1637157364129&cv=9&fst=1637154000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&tiba=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&async=1&fmt=3&is_vtc=1&random=1329237889&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DF50 12 KB
5 KB 323ms
22ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 17 Nov 2021 00:15:39 GMT
expires: Thu, 17 Nov 2022 00:15:39 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 49225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA0D 783 B
951 B 89ms
46ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35f89ce3cdafcdc950bdc375ef6e912ab54e97afe06817a029aec5a907e9dfe4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eJav6ZoHr2l/RmOObtJXaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 17 Nov 2021 13:56:04 GMT
date: Wed, 17 Nov 2021 13:56:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-eJav6ZoHr2l/RmOObtJXaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 web-widget-67799-2adf134350609e966f7b.js Show response
static.zdassets.com/web_widget/latest/ Frame 9EE5 354 KB
109 KB 30ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-67799-2adf134350609e966f7b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dd23b2673ae42ed5b5ba1bbad427b0588a65075f75e31852560867fba322fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142753
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 7MMSRN634AD7KCDH
x-amz-id-2: bI5isa7gZ42hOwvNfdtQRlCOCKkzgbUFZKFvReWFlVY470ytfhCiFHN9xvZNI6Uh6olNm4rhLKg=
last-modified: Mon, 15 Nov 2021 06:33:55 GMT
server: cloudflare
etag: W/"6bf4b1745ee2e4dbb9bfafb394d0d563"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6U%2BZJwl1bqBSgA4a89QczNCG3YaGWQd8jNHL92CfLJM7eNfK%2BoEsMJourFBxG7FbrMjYuX6GKP7Fj88zGOp6w28CNwE%2BBmu%2FDBxwhhVl4qLXbNJ%2BakU3yKPIwoxF21WoxXlYGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: yVlUGSIWc8ZcDh3TZsHOx69P6xVarFTc
cf-ray: 6af975d71fa84bca-YUL
expires: Tue, 15 Nov 2022 06:33:54 GMT

GET
H2 200 web-widget-30479-86fc8c4050324462398a.js Show response
static.zdassets.com/web_widget/latest/ Frame 9EE5 85 KB
23 KB 62ms
62ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-30479-86fc8c4050324462398a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dc631929b37c52e5c8c6756aec7e13ba291b28ef8673fede20ba821c4b4b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142753
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 7MMRNCXNW7KKFEA0
x-amz-id-2: dQcFDj1lWLrpwrhPnQOy8W94qXSbQenpN9Zbwv0zUbVqZtnfsA5vAd6WfnB765zqstlCtA4m4eU=
last-modified: Mon, 15 Nov 2021 06:33:55 GMT
server: cloudflare
etag: W/"5f57433092f84eafe5fad167b6fe11de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lxg4%2BHoWRG6sXSvTDd8lqLvCouflJHnuQNUwj8aMyh7sbZ0TPuRvOX2MDfyYu4FjBXktYegGBnGF9XeoFOrNm1jDIY1c%2BORJlsHSSwlC%2BIw4ScPVglbsLz2xz9mn8ye8j17EmKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 7_4378C6vSN9usRNFWJIUzkiaphTq2lP
cf-ray: 6af975d72fa94bca-YUL
expires: Tue, 15 Nov 2022 06:33:54 GMT

GET
H2 200 web_widget-8d917e979cfd3f90a9e0.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 9EE5 462 KB
102 KB 50ms
50ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-8d917e979cfd3f90a9e0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc0eb414b67db276521379833adf920d7c6b47e6ac3737540201b27b3c705454

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46749
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: DQRDP1DFWRSRN5DZ
x-amz-id-2: vHiaureiO6WfzidnHBxqRX9fHaazE6pDPozWd6LN53FLa++4BSrLmWIScoSZ1zJcawb68Lg3RhY=
last-modified: Tue, 16 Nov 2021 23:40:15 GMT
server: cloudflare
etag: W/"bed106fe52fe5c1abe7c454f9b99e60d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abyFQ9wKtwh1amdBIzPO34wi7g2a6jvT1hqwsWUW66voa4kP66%2BGDRalywpXUlw9wOu9r%2FazvNabW4Q7u6jp93NLFwyPL%2FfTFwc9Gd5a%2BTHEgGU8lXerUSyye6jXjchUVp7JxE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: MQ_.EgoooAmwwqbiFTTOTa086LoU43Md
cf-ray: 6af975d72fab4bca-YUL
expires: Wed, 16 Nov 2022 23:40:14 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA0D 0
0 95ms
43ms Image
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111101&jk=126975479738842&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 embeddable_blip Show response
ticketek.zendesk.com/ Frame 9EE5 0
281 B 283ms
282ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJlbi1DQSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZW4tY2EiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTUuMC40NjM4LjU0IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiI3MGVmZDlmNzZjZmUxNDQ5OGUwZTA1YTllZWQ0YjBlZSIsInN1aWQiOiIzMmViNzQzN2JmYWY5YWU4ZDViMGI2M2Q4MmQyYjU4ZCIsInZlcnNpb24iOiJiZWNkYWQ2IiwidGltZXN0YW1wIjoiMjAyMS0xMS0xN1QxMzo1NjowNC41MDVaIiwidXJsIjoiaHR0cHM6Ly9wcmVtaWVyLnRpY2tldGVrLmNvbS5hdS9zaG93cy9zaG93LmFzcHg%2Fc2g9UElLTklDVkkyMiZlZz1QUkVTQUxFJmVwPUJPUklTRk9SRVZFUiJ9

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 17 Nov 2021 13:56:04 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyPBSGDUAt9BtablNvZM7Aes%2FJzlqkIgRNK94hwyCMiJKbhgvSfn6LzLXncCUKzXPw3jMqK5crpyIvPsOu2rQigvWw9c3auVDaWNrR867pC0NGBIEiM7ENK%2BRqR2ciw6IXGnvzO2"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://premier.ticketek.com.au
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6af975d83bd44bbf-YUL
vary: Accept-Encoding
content-length: 0
x-request-id: 63a22f660af2558d3dc235757b356755

GET
H2 200 embeddable_blip Show response
ticketek.zendesk.com/ Frame 9EE5 0
366 B 250ms
249ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY2hhdCI6eyJzdXBwcmVzcyI6dHJ1ZX0sImhlbHBDZW50ZXIiOnsic3VwcHJlc3MiOmZhbHNlfX19LCJidWlkIjoiNzBlZmQ5Zjc2Y2ZlMTQ0OThlMGUwNWE5ZWVkNGIwZWUiLCJzdWlkIjoiMzJlYjc0MzdiZmFmOWFlOGQ1YjBiNjNkODJkMmI1OGQiLCJ2ZXJzaW9uIjoiYmVjZGFkNiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMTdUMTM6NTY6MDQuNTE5WiIsInVybCI6Imh0dHBzOi8vcHJlbWllci50aWNrZXRlay5jb20uYXUvc2hvd3Mvc2hvdy5hc3B4P3NoPVBJS05JQ1ZJMjImZWc9UFJFU0FMRSZlcD1CT1JJU0ZPUkVWRVIifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 17 Nov 2021 13:56:04 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RfSGcaVhpnEOojPcb29XEzxmOymO4O61j8ZYD4%2Fz1h9ljEkAONJmS9C6zDXDjmJpr9pKiYWnfofPUElwVrak9jYD1gtyG%2BWVW4JltJouyWd3p7Da3YYh7HnSX8fk9BGH9JooQPx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://premier.ticketek.com.au
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6af975d84bfb4bbf-YUL
vary: Accept-Encoding
content-length: 0
x-request-id: 071abbda51280c3cce6c59fc60abbc2c

GET
H2 200 en-ca-json-d6fc82df7cb0d31db7fe.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame 9EE5 26 KB
6 KB 27ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/en-ca-json-d6fc82df7cb0d31db7fe.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8a9a335801ed833a2ca90e59cfd99852ccb2ebdf4a976fcc8c77f79678773b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1165268
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 3TR3V6GMNHDDQRHK
x-amz-id-2: FnqFzVT1iXCoEBurCLx571YpWHAohgsaetF2DID+KZTJ9H+tWG8zvWkKrf5vCJY2xcO7fu4MMM4=
last-modified: Wed, 03 Nov 2021 23:47:20 GMT
server: cloudflare
etag: W/"53de576d797e3e3cf94d4f51ed040486"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3NFDrZajREYXklvBMrkJczW80EBQudGs3N%2FA%2FtbeQhCjA8xP9mPRuT6Wp4bmJk9%2BHl%2BlhSOomFERGJrevS%2FeKdlsTyQHM7xF4ZPrhD2x7pyNIH3LnxZyAzHSFRK9asVUFdk8qU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: _TIStzf6Sy1g4OGAKWVdgVxX_Lx2H.an
cf-ray: 6af975d849c04bca-YUL
expires: Thu, 03 Nov 2022 23:47:19 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 339ms
38ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63445827-1&cid=1183983333.1637157363&jid=252406907&_u=aHDACEArRAAAAG~&z=1488464094

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 337ms
37ms Image
image/gif 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63445827-1&cid=1183983333.1637157363&jid=252406907&_u=aHDACEArRAAAAG~&z=1488464094

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embeddable_blip Show response
ticketek.zendesk.com/ Frame 9EE5 0
287 B 270ms
270ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketek.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9wcmVtaWVyLnRpY2tldGVrLmNvbS5hdS9zaG93cy9zaG93LmFzcHg%2Fc2g9UElLTklDVkkyMiZlZz1QUkVTQUxFJmVwPUJPUklTRk9SRVZFUiIsInRpbWUiOjg1LCJsb2FkVGltZSI6NTUuNjAwMDAwMzgxNDY5NzMsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJQaWtuaWMgRWxlY3Ryb25payB0aWNrZXRzIHwgU2lkbmV5IE15ZXIgTXVzaWMgQm93bCB8IFRpY2tldGVrIEF1c3RyYWxpYSIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSwgbWluaW11bS1zY2FsZT0xLCBzaHJpbmstdG8tZml0PW5vIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiI3MGVmZDlmNzZjZmUxNDQ5OGUwZTA1YTllZWQ0YjBlZSIsInN1aWQiOiIzMmViNzQzN2JmYWY5YWU4ZDViMGI2M2Q4MmQyYjU4ZCIsInZlcnNpb24iOiJiZWNkYWQ2IiwidGltZXN0YW1wIjoiMjAyMS0xMS0xN1QxMzo1NjowNC41OTBaIiwidXJsIjoiaHR0cHM6Ly9wcmVtaWVyLnRpY2tldGVrLmNvbS5hdS9zaG93cy9zaG93LmFzcHg%2Fc2g9UElLTklDVkkyMiZlZz1QUkVTQUxFJmVwPUJPUklTRk9SRVZFUiJ9

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7efa792099c7f4ce5b6d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 17 Nov 2021 13:56:04 GMT
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPhRxZgtKglh2bR%2FzdTYugE%2Ff9%2FRXAR5FkLzZKUW053SlkcVOXn2ynraVTNL8jhkkk4%2BXxc3TJFTO3qjL5Air2K%2FODtN8fAovtE%2BtjarAYjaxQMqiPcKujreyZ%2Bn5ldC4YFEcwTH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://premier.ticketek.com.au
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6af975d8bcab4bbf-YUL
vary: Accept-Encoding
content-length: 0
x-request-id: ce9bfc91344248db05d0cdad6670ed33

POST
H/1.1 200
OK event Show response
tega.demdex.net/ 5 KB
2 KB 168ms
115ms XHR
application/json 54.187.87.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tega.demdex.net/event?d_dil_ver=9.5&_ts=1637157364612

Requested by

Host: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/shows/show.aspx?sh=PIKNICVI22&eg=PRESALE&ep=BORISFOREVER

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.87.190 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-87-190.us-west-2.compute.amazonaws.com

Software

Resource Hash

768043ba9e60101487b3d711fc0a07431073152f72cee311db7a42f1c491e618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v016-0b04b19aa.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: QjOJH0qhSLQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://premier.ticketek.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1556
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame DF50 35 KB
13 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 16:33:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 16:33:07 GMT

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=rrIGYTJJ1MNlpW5
dpm.demdex.net/ Frame CD97
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=rrIGYTJJ1MNlpW5

42 B
943 B

28ms
28ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=rrIGYTJJ1MNlpW5

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v019-05293fb50.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: jjWPzbfJQVo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 13:56:04 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0e3a4646887bbc65e@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=rrIGYTJJ1MNlpW5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 45ms
44ms Image
image/gif 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111101&jk=126975479738842&bg=!Dg2lDUnNAAZQLpa_UC47ACkAdvg8WjAhPuNa-TI4A90EcSqVMftuZM9biCtd1TBpFs9X8_5WFXuq-wIAAAB6UgAAAAdoAQcKAG0WIzk7LaZbgdV24sXH4lW1C5N1wjZ0aOJwoD1YR4c9SZF675JzB7nMKtmJ5xe0jiCqdaros9syU2ApKs8RVRK9xjC9h4JyWmOLegypzivNDuo8lxBIeA_bgouDMLQo4dvCRlLW9powKZ_u_CBomQK5amQyZxmZL-PgI0A_w8dGdQ4Z4JUuOwVMmUYG9He0UZ76Ech0C6cXKQ3Vvpkp3nITFPLfPZyTMKRaukfSQBuM7mISF7wOWv3YDkQyv9EsIC4pxO72qLmlugrF5njP1Xa9sJ6vEUlJ6oDpnSFeoWaFO3gu-ZDLB-GB9TAxNnL5YWOian5efaaNZscMIu48osOt7SyFwPVqNd39nk3EyNJQFm3QQeZS7F9oYyXYeEyNj19gy9SjUhtYWZQuRoFaMutqb745wIZlR4jT8_G6o6no_0HTB1j9RmGeVKMkqQ85nsAbVy4ZMzY97uVm2gLd42wKuSryKhaIzJzeeGITX30ZuVfVEVFCiiR5C8NWCJU0jR-t6UCMc7cU9ck8-Nwopp78tC8y9TDRfHxv0DLy2xvNJFcqhnAHY0vYDQ4wYE5sOaHx0JRivRNj3odxxoXBlqgqn6Rntp9aupi2F2fK3-pomP_MqPnG5eckt1z4uVrGk47FMgbaJuwd_pb4Y37gnv8gU-0C0j9ibvB3tjj0X4SdkWdcZc9Y8-43V1CyYm802oidSopDuxC6BjAN2gwDFZ7DFih47DSVKfJ36_1VZ8lkcIHruuAIFkSE0UUhgDZJiWqaZLfQV06xl71L-mbZjKTVzV660l7ElgJqJQLLZ_R1ZmRFyRw9-uRK0sK6_kp9M1LYEkQwbK1ppN3-NBW8xMn56WqRCijuXj0_CTiVMq6-i2BUK-1LzYMW1xSCrd4dj-Z15TpHZWnFQRVhPYpIJTKEgurd-wWLSFcwlFpPc4vsnm9DqLfSdPEMtLc_gc8fRzimMw3_P0jTulL7QXNr0qqcsB5MgrxkTSr7_JX-AT_KnZ7EgaB_8-x6ZeJxBwfHA5bxhPN0yBnWIyotwPHXXoUNG7PO8vfFE1XmBv_SQkjPcletLMjrqChw1A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=116649822844571462
dpm.demdex.net/ Frame CD97
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=116649822844571462

42 B
943 B

27ms
27ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=116649822844571462

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v019-0226f3e7f.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lae7bfVPSJo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 13:56:04 GMT
X-Proxy-Origin: 37.120.205.150; 37.120.205.150; 633.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 7a1e6205-fe9d-42dd-ac1f-118d0ab09a51
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=116649822844571462
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 53ms
52ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63445827-1&cid=1183983333.1637157363&jid=1733722717&gjid=1496760977&_gid=1213387790.1637157363&_u=aHHAiEArRAAAAG~&z=162177648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://premier.ticketek.com.au/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Nov 2021 13:56:04 GMT
content-type: text/plain
access-control-allow-origin: https://premier.ticketek.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 19ms
19ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=836072045&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpremier.ticketek.com.au%2Fshows%2Fshow.aspx%3Fsh%3DPIKNICVI22%26eg%3DPRESALE%26ep%3DBORISFOREVER&ul=en-us&de=UTF-8&dt=Piknic%20Electronik%20tickets%20%7C%20Sidney%20Myer%20Music%20Bowl%20%7C%20Ticketek%20Australia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ConversionFunnel%2FPrimaryShow&ea=A-ShowPage&el=PIKNICVI22&_u=aHHAiEArRAAAAG~&jid=1733722717&gjid=1496760977&cid=1183983333.1637157363&tid=UA-63445827-1&_gid=1213387790.1637157363&gtm=2wgba1N79SLR&z=1219773869

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 09:36:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15570
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=445&dpuuid=2bdd78f2-0826-49b8-ba5d-ec9c8ec1f55d
dpm.demdex.net/ Frame CD97
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=38noredirect
https://sync.tidaltv.com/genericusersync.ashx?dpid=38noredirect&s_h=1
https://dpm.demdex.net/ibs:dpid=445&dpuuid=2bdd78f2-0826-49b8-ba5d-ec9c8ec1f55d

42 B
943 B

28ms
28ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=445&dpuuid=2bdd78f2-0826-49b8-ba5d-ec9c8ec1f55d

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v019-00cb42950.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: COKSJkawT50=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:05 GMT
server: Apache-Coyote/1.1
location: https://dpm.demdex.net/ibs:dpid=445&dpuuid=2bdd78f2-0826-49b8-ba5d-ec9c8ec1f55d
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 38ms
38ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63445827-1&cid=1183983333.1637157363&jid=1733722717&_u=aHHAiEArRAAAAG~&z=1347806977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 36ms
36ms Image
image/gif 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63445827-1&cid=1183983333.1637157363&jid=1733722717&_u=aHHAiEArRAAAAG~&z=1347806977

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://premier.ticketek.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3519904876419611526
dpm.demdex.net/ Frame CD97
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3519904876419611526

42 B
943 B

27ms
27ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3519904876419611526

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v019-009340581.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xgfS5efKTqo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3519904876419611526
pragma: no-cache
date: Wed, 17 Nov 2021 13:56:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPNWBHPaIPE3eilJOYqAqd0&google_cver=1
dpm.demdex.net/ Frame CD97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDEzMTgyMzYzMjgxMTA1MjM2NzI5NDIwNTE3MzAzNzM5NTA2Nzg=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNWBHPaIPE3eilJOYqAqd0&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

29ms
29ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNWBHPaIPE3eilJOYqAqd0&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v019-0faadf7f7.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: aJX0BnlqRyo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNWBHPaIPE3eilJOYqAqd0&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame CD97
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEMntxwfEsiK3MW6Ivdf1Jhw&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

24ms
23ms

Image
image/png

18.211.230.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 18.211.230.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-230-185.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:05 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 17 Nov 2021 13:56:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame CD97
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEM...
https://pixel.everesttech.net/1x1

128 B
691 B

23ms
23ms

Image
image/png

18.211.230.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 18.211.230.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-230-185.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:05 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 17 Nov 2021 13:56:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame CD97
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

24ms
24ms

Image
image/png

18.211.230.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 18.211.230.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-230-185.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:05 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 17 Nov 2021 13:56:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame CD97
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

24ms
23ms

Image
image/png

18.211.230.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 18.211.230.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-230-185.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:05 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 17 Nov 2021 13:56:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame CD97
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

23ms
23ms

Image
image/png

18.211.230.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 18.211.230.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-230-185.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:05 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 17 Nov 2021 13:56:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=e327a4f0-75af-4a05-bffb-ffd68104efd3
dpm.demdex.net/ Frame CD97
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=e327a4f0-75af-4a05-bffb-ffd68104efd3

42 B
943 B

28ms
27ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=e327a4f0-75af-4a05-bffb-ffd68104efd3

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v019-0226f3e7f.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: UTNtZutfQ1E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=e327a4f0-75af-4a05-bffb-ffd68104efd3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame CD97
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WVpVSjlBQUFBTVA3bEFRTA&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

24ms
24ms

Image
image/png

18.211.230.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 18.211.230.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-230-185.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:05 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 17 Nov 2021 13:56:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YZUJ9p6WV7dwgHs.g2FNYQAA%26551
dpm.demdex.net/ Frame CD97
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YZUJ9p6WV7dwgHs.g2FNYQAA%26551

42 B
943 B

28ms
27ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YZUJ9p6WV7dwgHs.g2FNYQAA%26551

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v019-045445ab2.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Px2eFImKSr8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 13:56:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YZUJ9p6WV7dwgHs.g2FNYQAA%26551
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 263
Expires: Wed, 17 Nov 2021 13:56:06 GMT

GET
H/1.1 204
No Content match
ps.eyeota.net/ Frame CD97 0
83 B 112ms
25ms Image
text/plain 34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=6j5b2cv&uid=01318236328110523672942051730373950678&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:06 GMT
Content-Length: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame CD97
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YZUJ9AAAAMP7lAQL&sigv=1&esig=1~8028b97793f0229e5cfc3564150e1f26315c3dd5

0
447 B

106ms
32ms

Image
text/plain

2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YZUJ9AAAAMP7lAQL&sigv=1&esig=1~8028b97793f0229e5cfc3564150e1f26315c3dd5

Protocol

Server

2001:4998:14:800::1001 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:06 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YZUJ9AAAAMP7lAQL&sigv=1&esig=1~8028b97793f0229e5cfc3564150e1f26315c3dd5
Date: Wed, 17 Nov 2021 13:56:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame CD97
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=01318236328110523672942051730373950678
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=01318236328110523672942051730373950678

0
338 B

82ms
23ms

Image
text/plain

34.206.47.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=01318236328110523672942051730373950678
Protocol: H2
Server: 34.206.47.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-47-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:56:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1637157366
x-served-by: beacon-n031-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=01318236328110523672942051730373950678
date: Wed, 17 Nov 2021 13:56:06 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a003-ash-prod.krxd.net

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=650ebdf6c659faddd4a91e430ebf2b22
dpm.demdex.net/ Frame CD97
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=01318236328110523672942051730373950678?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=01318236328110523672942051730373950678?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=650ebdf6c659faddd4a91e430ebf2b22

42 B
943 B

28ms
28ms

Image
image/gif

3.217.204.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=650ebdf6c659faddd4a91e430ebf2b22

Protocol

HTTP/1.1

Server

3.217.204.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-217-204-166.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v019-00cb42950.edge-va6.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /ppXuzcdRnk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:06 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=650ebdf6c659faddd4a91e430ebf2b22
cache-control: no-cache
x-server: 10.40.7.151
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpVSjlBQUFBTVA3bEFRTA==

170 B
188 B

36ms
36ms

Image
image/png

142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpVSjlBQUFBTVA3bEFRTA==

Protocol

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637157366.481121,VS0,VE0
x-served-by: cache-yul12823-YUL
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpVSjlBQUFBTVA3bEFRTA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame CD97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZUJ9AAAAMP7lAQL&expires=90

42 B
754 B

141ms
28ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZUJ9AAAAMP7lAQL&expires=90
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 9a0c641c0479142b55591fdf2031b15f
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637157367.543975,VS0,VE0
x-served-by: cache-yul12823-YUL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZUJ9AAAAMP7lAQL&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CD97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUJ9AAAAMP7lAQL

43 B
881 B

69ms
26ms

Image
image/gif

23.41.168.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUJ9AAAAMP7lAQL
Protocol: HTTP/1.1
Server: 23.41.168.244 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 13:56:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Nov 2021 13:56:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637157367.644255,VS0,VE0
x-served-by: cache-yul12823-YUL
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZUJ9AAAAMP7lAQL
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CD97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YZUJ9AAAAMP7lAQL

43 B
1010 B

20ms
19ms

Image
image/gif

68.67.178.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YZUJ9AAAAMP7lAQL

Protocol

HTTP/1.1

Server

68.67.178.15 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

633.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Nov 2021 13:56:06 GMT
X-Proxy-Origin: 37.120.205.150; 37.120.205.150; 633.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 826723e3-b9a7-420d-b7a3-5a91c08ae5ff
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637157367.745552,VS0,VE0
x-served-by: cache-yul12823-YUL
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YZUJ9AAAAMP7lAQL
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame CD97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZUJ9AAAAMP7lAQL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZUJ9AAAAMP7lAQL

43 B
61 B

43ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZUJ9AAAAMP7lAQL
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:06 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZUJ9AAAAMP7lAQL
date: Wed, 17 Nov 2021 13:56:06 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CD97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZUJ9AAAAMP7lAQL

1 B
547 B

77ms
21ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZUJ9AAAAMP7lAQL
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 12:58:05 GMT
cache-control: no-store, no-cache, private
x-lat: njrpug021:0:404
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637157367.947783,VS0,VE0
x-served-by: cache-yul12823-YUL
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZUJ9AAAAMP7lAQL
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame CD97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUJ9AAAAMP7lAQL&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUJ9AAAAMP7lAQL&img=1&__user_check__=1&sync_id=1c9f4124-47ae-11ec-8935-18834d520303

43 B
549 B

37ms
37ms

Image
image/gif

192.35.249.120
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZUJ9AAAAMP7lAQL&img=1&__user_check__=1&sync_id=1c9f4124-47ae-11ec-8935-18834d520303
Protocol: HTTP/1.1
Server: 192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:56:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 183
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 17 Nov 2021 13:56:07 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YZUJ9AAAAMP7lAQL&img=1&__user_check__=1&sync_id=1c9f4124-47ae-11ec-8935-18834d520303
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 36
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame CD97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZUJ9AAAAMP7lAQL&t=2592000&o=0

43 B
280 B

55ms
55ms

Image
image/gif

2a03:2880:f111:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZUJ9AAAAMP7lAQL&t=2592000&o=0

Protocol

Server

2a03:2880:f111:83:face:b00c:0:25de Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tega.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:56:07 PST
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: FtK0puCBv1VSwadF2fheku9JPfJ4iB+E3kgytOTfWS7BZBOz/+Zgf1DTm2Q99l8PY3BgFHIeBrhLS4uvKdABhw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
expires: Wed, 17 Nov 2021 05:56:07 PST

Redirect headers

pragma: no-cache
date: Wed, 17 Nov 2021 13:56:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637157367.151117,VS0,VE0
x-served-by: cache-yul12823-YUL
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZUJ9AAAAMP7lAQL&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: premier.ticketek.com.au
URL: https://premier.ticketek.com.au/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A1%2Cc%3A31%2Cr%3A1185)

Verdicts & Comments Add Verdict or Comment

409 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
premier.ticketek.com.au/shows	1969-12-31 23:59:59	Name: myCookie Value:
.ticketek.com.au/	1970-01-20 07:31:20	Name: visid_incap_2399871 Value: z6/+25NmR0W527wHKNjwa/AJlWEAAAAAQUIPAAAAAADvY1emCYSiYW7LVUmpQncq
.ticketek.com.au/	1969-12-31 23:59:59	Name: incap_ses_483_2399871 Value: 4s4KD0Lg8yo6xC+cdfazBvAJlWEAAAAADJiyPDH9+RCFIQsP8U6Dxw==
.ticketek.com.au/	1969-12-31 23:59:59	Name: ticketek.com.au+cookies Value: true
.ticketek.com.au/	1969-12-31 23:59:59	Name: nlbi_2399871 Value: 786WN+gNbHAT7LSdROFu0QAAAAAmNtTjdj+Q8NmUKG6nCURQ
.ticketek.com.au/	1970-01-20 07:31:20	Name: visid_incap_2408402 Value: IkSTCVSGRXSaofrQbe8w+PEJlWEAAAAAQUIPAAAAAAA212Hhn698X8//MOGD2+mb
.ticketek.com.au/	1969-12-31 23:59:59	Name: nlbi_2408402 Value: GIujUsUh3gHVkCq+YGdm3wAAAAA1N5aLgwdcGlKgrzjnQ9lf
.ticketek.com.au/	1969-12-31 23:59:59	Name: incap_ses_483_2408402 Value: MAbqF8GowSK9xC+cdfazBvEJlWEAAAAADLkJ9AHhsFkOEqeVEmJVFg==
premier.ticketek.com.au/	1970-01-19 22:56:02	Name: AWSALBTG Value: uAGcoDoGzlX5xDdD3dyPwcbBT9uQ7j6Gck+8TFbmKPkEOyFgKJ9WUB2aCHKzsRHqCiH+//LUAx13mi1URu8y+EnJ0rrHSGw1SA+nTtrfB4JTWjn+6PdZneKgjMc+6GX7oiH6JwoYTRGJ8rTMzttOkOieeCf9ib1lzLiDkvA2gKPY6NJk/70=
premier.ticketek.com.au/	1970-01-19 22:56:02	Name: AWSALBTGCORS Value: uAGcoDoGzlX5xDdD3dyPwcbBT9uQ7j6Gck+8TFbmKPkEOyFgKJ9WUB2aCHKzsRHqCiH+//LUAx13mi1URu8y+EnJ0rrHSGw1SA+nTtrfB4JTWjn+6PdZneKgjMc+6GX7oiH6JwoYTRGJ8rTMzttOkOieeCf9ib1lzLiDkvA2gKPY6NJk/70=
.ticketek.com.au/	1969-12-31 23:59:59	Name: ticketek.com.au+cp.id Value: dec8666e-8e72-4262-b8d5-0746a14421d9
.ticketek.com.au/	1969-12-31 23:59:59	Name: ticketek.com.au+cp.ex Value: 2021-11-18+00%3a59%3a32
.ticketek.com.au/	1969-12-31 23:59:59	Name: ticketek.com.au+cp.st Value: 2021-11-18+00%3a56%3a02
premier.ticketek.com.au/	1969-12-31 23:59:59	Name: ep Value: DBjtYNKSR4cZi9onHyOqaGuk5qP9O5ai4wiMYgEW7MqPiLRksWfX9R-sCusN-vl6QDKgONuatPaPn85V5XiwwqrpC172xOL.jo1KCY82RxStU.72ptlttLBEXu.TU5wSEfHA6G4lGCPwS8bi8lVGPMNJtMsk4P8kk778iNO0fLUBoDzVx52go53plT9NmI9ZTDRqvW9VKiCGyuPSoyhYmA==
premier.ticketek.com.au/	1969-12-31 23:59:59	Name: eg Value: PRESALE
premier.ticketek.com.au/	1970-01-19 22:45:57	Name: __session:0.9815884014387968: Value: https:
premier.ticketek.com.au/	1969-12-31 23:59:59	Name: softix.affiliate Value: Ticketek%20Au%20Website
.premier.ticketek.com.au/	1969-12-31 23:59:59	Name: originalReferrer Value:
.ticketek.com.au/	1970-01-20 07:31:54	Name: ab.storage.deviceId.35e9ff84-9413-4d1a-853b-5cdeba1dfdef Value: %7B%22g%22%3A%22782b690d-7703-9d90-7d8f-4ee5290b0047%22%2C%22c%22%3A1637157362918%2C%22l%22%3A1637157362918%7D
.ticketek.com.au/	1970-01-20 16:17:09	Name: _ga Value: GA1.3.1183983333.1637157363
.ticketek.com.au/	1970-01-19 22:47:23	Name: _gid Value: GA1.3.1213387790.1637157363
premier.ticketek.com.au/	1970-01-20 07:31:33	Name: myCookie Value:
.ticketek.com.au/	1970-01-20 00:55:33	Name: _fbp Value: fb.2.1637157363382.1105551406
.ticketek.com.au/	1970-01-20 08:07:33	Name: __gads Value: ID=4bd96a9d2d58867a-225d4683c1cc0016:T=1637157363:S=ALNI_MaFjmjVV8jwVtm7uj_0aDSL_a7KoQ
.doubleclick.net/	1970-01-20 16:17:09	Name: IDE Value: AHWqTUnH4gmqPLhKq3dd_y2LPTvUmigWfBCSVvFyhECNyjef0O57h_EZ_eu36SxDNVo
.ticketek.com.au/	1970-01-19 22:45:57	Name: _gat Value: 1
.ticketek.com.au/	1970-01-20 07:31:54	Name: ab.storage.sessionId.35e9ff84-9413-4d1a-853b-5cdeba1dfdef Value: %7B%22g%22%3A%22eeeb2095-d478-b64d-39ce-7606c7336255%22%2C%22e%22%3A1637159163521%2C%22c%22%3A1637157362916%2C%22l%22%3A1637157363521%7D
.facebook.com/	1970-01-20 00:55:33	Name: fr Value: 003kmIS5KHdwiiS4k..BhlQnz...1.0.BhlQnz.
.ticketek.com.au/	1970-01-20 07:31:33	Name: _hjSessionUser_2141843 Value: eyJpZCI6IjVmZjNmNDY4LWEyNWEtNWIwZS05ZGI4LTBjN2IzZjI3ODYyOCIsImNyZWF0ZWQiOjE2MzcxNTczNjM3MjEsImV4aXN0aW5nIjpmYWxzZX0=
.ticketek.com.au/	1970-01-19 22:45:59	Name: _hjFirstSeen Value: 1
.ticketek.com.au/	1970-01-19 22:45:59	Name: _hjSession_2141843 Value: eyJpZCI6IjkwZWNmM2UyLTc2YjAtNDY4Mi04NDUzLTA1NThmNzNjNTc0NiIsImNyZWF0ZWQiOjE2MzcxNTczNjM4NDl9
premier.ticketek.com.au/	1970-01-19 22:45:57	Name: _hjIncludedInSessionSample Value: 0
.ticketek.com.au/	1970-01-19 22:45:59	Name: _hjAbsoluteSessionInProgress Value: 0
.ticketek.com.au/	1969-12-31 23:59:59	Name: nlbi_2399871_2147483646 Value: f46/Hzu2WUSfQP7YROFu0QAAAACvMDVIZcqJl6pdjDTyAPuI
.ticketek.com.au/	1970-01-20 00:55:33	Name: _gcl_au Value: 1.1.1551646930.1637157364
.ticketek.com.au/	1970-01-19 23:29:09	Name: reese84 Value: 3:Nk3ExqVDYbPGwPEADVLfSQ==:djYV3WNA3TIHN8sS3ZVFTh0O21LrgLHV7D3HJ1RbHUa6cuyrb1ns81t8wI90eLEdQUeFBjuCnmjF7DwtPnH986dYk2oomcf4Qa4gqUfh2LhspLN/bmtgxeSSq4NUwf+9BbvjRVAnlStxBLzav8mBEU14MYLlxzx8nwOhDyGV9UN8Bg2fOMfkdod28+GBYLdAL7Q2xQebvSa1AM1c3YuCE5mEq0VH5s88h3MWhdYhuOSizi5EgpXzdXzMrFlGcHogbFbAqMJVaQZLbV9Ah70yzDLLUKMCXz0rVbDXVTVZb/ldfgoue8oqap1yQCHoyy0BJLdQ4nDPWCe0HX7lGkVauuFeiJm0IJiviPshGjL2uc4pTFxBs7zXPEuk+pX73FXv7E737Oa1riNDAxA6UlAC687m3OPVMbyiqbUdAOUmhzFWWRZ3jfSbmY5Qbgec9z2FYKuvYVXrFbkAP47slnlz7Q5zSow+AeWRkxsOzW9iWEc=:x4pQxqXfnLFvtmeJ3qy0xyBgJCWuCAEjGubHM8hspvI=
.ticketek.com.au/	1970-01-19 22:45:57	Name: _gat_UA-63445827-1 Value: 1
.premier.ticketek.com.au/	1970-01-20 16:17:09	Name: _ga Value: GA1.4.1183983333.1637157363
.premier.ticketek.com.au/	1970-01-19 22:47:23	Name: _gid Value: GA1.4.1213387790.1637157363
.premier.ticketek.com.au/	1970-01-19 22:45:57	Name: _dc_gtm_objectObject Value: 1
.demdex.net/	1970-01-20 03:05:09	Name: demdex Value: 01318236328110523672942051730373950678
.premier.ticketek.com.au/	1970-01-20 07:31:33	Name: ins-storage-version Value: 1
.ticketek.com.au/	1969-12-31 23:59:59	Name: AMCVS_495479CA584AB1B90A495EEA%40AdobeOrg Value: 1
.ticketekau.api.useinsider.com/	1970-01-19 22:47:23	Name: insdrPushCookieStatus Value: true
.everesttech.net/	1970-01-20 07:31:33	Name: everest_g_v2 Value: g_surferid~YZUJ9AAAAMP7lAQL
.dpm.demdex.net/	1970-01-20 03:05:09	Name: dpm Value: 01318236328110523672942051730373950678
.ticketek.com.au/	1970-01-20 16:17:09	Name: AMCV_495479CA584AB1B90A495EEA%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18949%7CMCMID%7C00992619450426573952909526182297604586%7CMCAAMLH-1637762164%7C7%7CMCAAMB-1637762164%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1637164564s%7CNONE%7CMCSYNCSOP%7C411-18956%7CvVersion%7C5.2.0
.premier.ticketek.com.au/	1970-01-19 23:29:09	Name: aam_uuid Value: 01318236328110523672942051730373950678
.w55c.net/	1970-01-20 08:14:45	Name: wfivefivec Value: rrIGYTJJ1MNlpW5
.w55c.net/	1970-01-19 23:29:09	Name: matchdmx Value: 5
.premier.ticketek.com.au/	1970-01-19 22:45:57	Name: _dc_gtm_UA-63445827-1 Value: 1
.adnxs.com/	1970-01-20 00:55:33	Name: uuid2 Value: 116649822844571462
.tidaltv.com/	1970-01-20 07:31:33	Name: tidal_ttid Value: 2bdd78f2-0826-49b8-ba5d-ec9c8ec1f55d
.tidaltv.com/	1970-01-20 07:31:33	Name: sync-his Value: "H4sIAAAAAAAAADM0sjS2tDI0tAAABPPvXwkAAAA="
.turn.com/	1970-01-20 03:05:09	Name: uid Value: 3519904876419611526
.everesttech.net/	1970-01-19 23:30:35	Name: ev_sync_ax Value: 20211117
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: YZUJ9QAAAX0EYWYM
.adsrvr.org/	1970-01-20 07:31:33	Name: TDID Value: e327a4f0-75af-4a05-bffb-ffd68104efd3
.adsrvr.org/	1970-01-20 07:31:33	Name: TDCPM Value: CAESEgoDYWFtEgsIxIv-hIH3lDoQBRgFIAEoAjILCIKm2rGX95Q6EAU4AQ..
.casalemedia.com/	1970-01-20 07:31:33	Name: CMID Value: YZUJ9p6WV7dwgHs.g2FNYQAA
.casalemedia.com/	1970-01-20 00:55:33	Name: CMPS Value: 133
.casalemedia.com/	1970-01-20 00:55:33	Name: CMPRO Value: 551
.casalemedia.com/	1970-01-19 22:47:23	Name: CMST Value: YZUJ9mGVCfYA
.everesttech.net/	1970-01-19 23:30:35	Name: ev_sync_yh Value: 20211117
.yahoo.com/	1970-01-20 07:31:54	Name: A3 Value: d=AQABBPYJlWECEKSG_up0VbBj4hf8fD96zPMFEgEBAQFblmGeYQAAAAAA_eMAAA&S=AQAAAiVWKRLxxOgcPrggNhuW3VY
.krxd.net/	1970-01-20 03:05:09	Name: _kuid_ Value: OfL52VbW
.crwdcntrl.net/	1970-01-20 05:14:42	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 05:14:42	Name: _cc_id Value: 650ebdf6c659faddd4a91e430ebf2b22
.crwdcntrl.net/	1970-01-20 05:14:45	Name: _cc_cc Value: "ACZ4XmNQMDM1SE1KSTNLNjO1TEtMSUkxSbQ0TDUxBoqmGSUZGTEAQeJUzm8gGgoAcyYLkg%3D%3D"
.crwdcntrl.net/	1970-01-20 05:14:45	Name: _cc_aud Value: "ABR4XmNgYGBInMr5DUhBAQAX7wH2"
.rubiconproject.com/	1970-01-20 07:31:33	Name: khaos Value: KW3L84UT-Q-JX3E
.rubiconproject.com/	1970-01-20 07:31:33	Name: audit Value: 1\|bNjjMDy+AOmIzF5nb3JRKW4H7LjHUy4eMaaeN8JjJkGXzu0U2rFvUAyNeb9oyxqqxfkTmcySc+tw0S94mtzOH8KpNY8iiICuy2N1KCI2/MrBmsRwsoc/IWLswaOGNlh10ELqH74TH/QtEmqSeSDxemm1SoXrMY+RsqlSNZOaaDQ=
.casalemedia.com/	1970-01-20 07:31:33	Name: CMRUM3 Value: 58619509f62760YZUJ9AAAAMP7lAQL
.adnxs.com/	1970-01-20 00:55:33	Name: anj Value: dTM7k!M4.FErk#WF']wIg2Ilcv54W(!]tbPl1MwL(!R7qUY$*a[3fB-(KULxp?[aF$cn.mZ5'hx.g4dkXm)zyobcmx5FjFLpAsnTR!wA?%q)3RbLa6%
.openx.net/	1970-01-20 07:31:33	Name: i Value: 948ca4b6-434a-44a8-baae-95a5473ab840\|1637157366
.pubmatic.com/	1970-01-20 00:55:33	Name: KRTBCOOKIE_218 Value: 4056-YZUJ9AAAAMP7lAQL&KRTB&22978-YZUJ9AAAAMP7lAQL&KRTB&23194-YZUJ9AAAAMP7lAQL&KRTB&23209-YZUJ9AAAAMP7lAQL
.pubmatic.com/	1970-01-19 23:29:09	Name: PugT Value: 1637153885
.pubmatic.com/	1970-01-20 00:55:33	Name: PUBMDCID Value: 2
.demdex.net/	1970-01-20 03:05:09	Name: dextp Value: 359-1-1637157364713\|358-1-1637157364815\|445-1-1637157364916\|470-1-1637157365018\|771-1-1637157365119\|1083-1-1637157365221\|1085-1-1637157365323\|1086-1-1637157365424\|1087-1-1637157365525\|1088-1-1637157365626\|903-1-1637157365728\|19913-1-1637157365829\|23728-1-1637157365930\|30064-1-1637157366031\|83349-1-1637157366133\|66757-1-1637157366234\|121998-1-1637157366335\|144230-1-1637157366437\|144231-1-1637157366538\|144232-1-1637157366639\|144233-1-1637157366740\|144234-1-1637157366841\|144235-1-1637157366942\|144236-1-1637157367043\|144237-1-1637157367145
.spotxchange.com/	1970-01-20 07:31:37	Name: audience Value: 1c9f40a7-47ae-11ec-8935-18834d520303

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b1ae6e229f36c635cf65894aff1bac0.safeframe.googlesyndication.com
ads.yahoo.com
arep.cc
beacon.krxd.net
braze-images.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d.turn.com
d35kvm5iuwjt9t.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hit.api.useinsider.com
ib.adnxs.com
image2.pubmatic.com
js.appboycdn.com
location.api.useinsider.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
polyfill.io
premier.ticketek.com.au
ps.eyeota.net
sadmin.brightcove.com
script.hotjar.com
sdk.iad-06.braze.com
securepubads.g.doubleclick.net
segment.api.useinsider.com
ssum.casalemedia.com
stackpath.bootstrapcdn.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
sync.tidaltv.com
tega.demdex.net
ticketek.zendesk.com
ticketekau.api.useinsider.com
tpc.googlesyndication.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.ticketek.com.au
premier.ticketek.com.au
104.100.147.231
104.16.53.111
104.18.70.113
104.36.115.109
13.224.206.71
13.224.210.105
13.224.210.63
13.224.210.65
142.250.65.226
142.250.80.2
142.250.80.34
151.101.1.208
151.101.193.208
151.101.66.49
18.205.214.32
18.211.230.185
18.233.246.214
192.35.249.120
2001:4998:14:800::1001
23.41.168.244
2600:1f18:1c96:4102:98df:7314:c81c:e465
2606:4700:10::6816:94f
2606:4700:3031::ac43:d645
2606:4700::6810:135e
2606:4700::6811:a772
2606:4700::6811:a872
2606:4700::6811:aa72
2606:4700::6812:acf
2607:f8b0:4006:807::2003
2607:f8b0:4006:807::200e
2607:f8b0:4006:808::2008
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81e::200e
2607:f8b0:4006:822::2004
2607:f8b0:4006:824::2002
2607:f8b0:4023:1404::9a
2620:112:f002:bbbb::23
2a03:2880:f011:8:face:b00c:0:1
2a03:2880:f111:83:face:b00c:0:25de
2a04:4e42:a00::282
3.217.204.166
3.234.202.189
34.197.192.192
34.206.47.24
35.244.159.8
45.60.196.230
52.223.40.198
52.62.81.96
54.166.52.96
54.187.87.190
68.67.178.15
69.173.151.100
009c5e73bf6b01d1c8ed3dcb7da2ba322fa6edf5561c3b5eecbb339cea98ec60
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09ca096b5dcefed31369c823f65ebb9b2836844fa0d5a6b9b4f97cb6625b0675
0a6b77936937b1a925dec328cb50c0972fbee6b57cf314dc904752e937404875
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
17c4b1de278ac2eba429077663aa541bd7dab1b6b30b094ca93d9b34bfa851e1
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a7b3e9d366f83e95798b36dad847a8b717d1065cf36e3da011ffd01fb60e335
1dc7dc002e2016f0628dc8262d8a803a5d7a0db57055a3e8cecdf7b1c948ba9a
1f33f3668f5735650281d8aef990def0094dd706773708f6352ba7bd72c2e9f2
2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7
22be3b608d348c6fde6943128b3b85d447800263df2f30629026930384ae0b3d
249f06a35cb2786148c66d93b37f2173b54f6afc7e196d5e7500f2e1dba0ad79
273e6b9c3a93e545186527784a7ef95553b9e3c4f62a64e77638ca3d64b1d4b4
280b8ad3b63032156ff0c8104a2f5ad91f9a78d3b2650445237d84a570c545df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d3e82a60eaa972e5fafba6741ac1357f01fa898f24fbe822058d19af621e16d
307b9dbbe788513d426415296a1a0651d4aeb628e81cfa2873f32e8766c296f2
316bda79ebc11f2ec6c4654f6b0fe4ecdaea2382f1cdc27035972eb9e877b2ff
34fe739dc619a4c6ba22e594e4d52f330b964918a25f59f145b9fcfb387998e4
35f89ce3cdafcdc950bdc375ef6e912ab54e97afe06817a029aec5a907e9dfe4
363da08842b371b115aed72a5eb403e1bea447df77d1a1f3892bab6cc4f759fc
3839a8ffad6e4c0c23fba0fe5111bf2c255688d5f298cd55b04c946a7ccc0918
39ac6d1ed483472b163f001f9d17806fc32db5066145fade59f7f5644c963fdb
3e44308861f5dbec0f708c01a42054ffb44a330afcf9f7bfc808f55db249fbca
4292f55113a9fb1fa354300edf89a7c7ef94b90ec482161280207a47a876b0f4
44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3
48cbe7bf69de732b7c252c9ad6074b4add98138de314100a0ca2e7e4f1c0422c
48d1bf407ff7c247b27eff6eb1e2550b626e688807d353cdeae95c526e33c4e6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8ef409c675e946b6f3120e6e36aff2491f46ee3d5bc89e84a37ce27c527b05
4df3d519156036cf37a97d62b2344e99f37581584f9f6350b463675007be4ebf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f45d503d1e9878318f854a834321163b2b434cf2521e89d6bd94eb8e9f38bd1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54977bd28e95c5d7f9aa476648978d4805fb1fbc7e56b4e3d8a4055d225919f4
55d44cd61ee84c79e7d910fc9c7c498fef7a6231efc1f343dba333d2246559d8
58c436fa205315b39757504b283fa3cc7565d9966c18b09cb62f4e8a427a8670
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5c13488ad44fb3c979306129a36cdd21e4b75d58cdc6f55e9aebf5c0a114f242
5dd23b2673ae42ed5b5ba1bbad427b0588a65075f75e31852560867fba322fbd
604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8
62bb02fa91c1537efbce823d5d1981982d3925bcdaac667dc6ca64f8469e2284
6324f69233f73f119979b489f5d32a2250b3bfeb7d24d8b2908b92bb6c1e2e09
632bb1dcbeceacf177c63a0f776b811c445e99cbe1009a6993a3533f78f4bb03
66829514f9f2a85657a2ce0c132cc2d891f3c8791f2e2f386f0d1fc76a4fabd8
689bf938f6c7fc714c5ab0939f435289ef62bc0866a67c6fef964e9fddc427cd
6924ff420cfd645667ff37d1b972f5a1412933427985f171eff1c011e06c3e9b
69268e71e60dad8d5d2697364594d6e01fd1698f6ec0ace20b721acb1c617afe
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dcacfbeaa0e51a7ebd11eb147f18bf2263185e8620662020bafa6b9833ac895
6f2f152b570d71ee4cbbe1274bfee67a7cb5193c7ab311ace97034ecfb947624
6fbdea074ffc6f89f2a3421222f1b1223b698c79dc2624fd51b5730e1a348fe3
705ff70b643e209c697f93f0c42c84ea6dd64e35e9fead0caa1bc91bb60065d2
768043ba9e60101487b3d711fc0a07431073152f72cee311db7a42f1c491e618
7720981f81c85f561162dd8889c443a22fca70e71e8d828170b68bfc26661540
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d4a5ffa515caf0f5eae323a4d72c65f36c6de7ef722badcaaa832c7e2395572
7e58212a834825aaa684963bfbb592ac5e3d698c44a0778bbbd101ae40f214db
7fc8615d4ec68caca566e256a5d03e76d36f7dee7073f1cda988cd2d20121fe8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b58afaf830ba51130ea7072344887fba421f8e0518686a49a89837f010c559
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b4a3652a32257df76398a8a4ab832a050423b7825fa33ab97366e0d83dd4862
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93ab49bc6238f0f6212d5942e6c52be7eae398e84bd9d748803836199d0746e1
9400d1b122f8baa0c73c03abdc8007a2fe5780b64e33cc5faf3b5c2c15f6e020
94942fad1063c2770548acc8fdc17cf8eaadc13738178d70dbd0d408d590e778
94f301476f6e3bad1a2ac0c21895e078c1dbecf29d2a50dfad998c493b6eda0e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4904d50e40ada4976f45101cf460a93eb83a7e2feca91712e46ad622457e2e2
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a63ab6b6a02156b3421de98ddc7ebf33c260684c6dde172181c6cfb28431d8a9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaba6ddd7b3595332d3ba69f3b1ec88f6229d7277d0a71108f76c189c19614eb
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
ad4bbdb8bc104ad6e09cf76b9f9725eb9d74cef7d3d8e9d593bd60c5bfb46dee
adc9f82fae77ea36e1f5ce4eae85110c306819e19cac85b12ab0f19130e87a85
b0dc631929b37c52e5c8c6756aec7e13ba291b28ef8673fede20ba821c4b4b18
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bee9c546f0500189dc24f61b2c3ed05df0d2d989bf1891daba2fd293ba2f9cbe
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c1d384b1facfbbc3813492b60aa7fff6447b6db9253abe821043bd204ad5bc5e
c469f91bb3f5547f5e8f8feb99fe3d2c98c68f7d7ddcb2c4a4aab7447d588c53
c4ba148170fedff35a4f1ee897e9e094f740aaa3e94a142ce1657b02bcfdad36
c716b112c1f0deb92f52c52b6dc7502e4ac57a304c49a23609c39781a7e586f9
c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c991e57593efb95800ba1166ed6469e36146fcb1859566c8134964b3dde2eda1
cc0eb414b67db276521379833adf920d7c6b47e6ac3737540201b27b3c705454
ce0277a9b955f3751687dc240a6221d7e5ae38353974d790c06e6abb154357d3
ce8a9a335801ed833a2ca90e59cfd99852ccb2ebdf4a976fcc8c77f79678773b
d0195a5a14c496c88b66f39b4bc500d41da7d1678814868f3671a52801645b9b
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d3ec09caf051a4a00d410aceb3fdc24e14bf2ac99f68999d9371bae49f79f914
d86885dfb06ed30648930452190eb91c85fe8a86c863c348078b1a8d48b81426
d94aeca34201888b36db49c8041c6dc5fba1cd8650c3ef35e46c466f480939c1
d9925c1bef157e46012e2fb2dca5ac809e0c2ac2f15c28928974a495a48ee74f
d9f3be2abd33560c5876bb1ceb14550e44567d23082c8023df0932701196560a
dad2e6bb3ac10b4da6dd0f1985d87364af3aa1a0dba6e88b749e38f4207f6ec7
dc896af2c2c6ce8a2aa36619e5327e4e4e13830ad8670724d0a6e35687f2aa33
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
dd6b1c0d7e8c9e4703a8250f73bd65fb23d7cda5857302cfee92b8de23cf440e
ddc90c6bde8cd1e78fa0c373dbf664b3ed4becf7e1224fe5510d96c46b17874a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00a81dfe57e896a546362e23a81d3a5c04a62b246f32c2ddd99871281d7d744
e30a48a7615ba27b3d0f38babb6462da2e80f208d98b2baf8f6764b00f2a4066
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5deef5b7d99e2c39dcb441fbfd361b1028dca83276b2d8b605aa05dc52b423d
e618c75852d3d3774a9ed489de8390b61fefa3730385d1fd71a3ae9718797b69
e728f73ce4e974cc593d0e26aa49f0a60bdcecb608704a292d639eaa6f514879
e8bc7150519c3bec8751de818bca8136134aff71a27cd65551e9a488f12e9340
e92913c2b11fc1e9e7c4f84628362d1c9660e7f7e88904d124c9ebbbef9d4e48
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff98a3721641d17bb9ffd57a411430956d49f407e645a856f13a2906cbbf44
f070276771bf2bdfac5e7eff25db4361eebd2f38167df4d1974dac562932be47
f094ef6c307dcb5714193d0b2e52c40979fe1970a86f974c1ba59bcd2f637044
f3613a8d1372261cb74d2a8b53eb117e32f8fdd2e3d9d72141610f06f9292d15
f36407993e16efb421a47f0915c29eb0c3171c99051ab7bb0810ba5869b315f5
f367a88c9ea181a2be27c0b64727322b12c77e509deb5b13df0967e41f249b21
f55c42c4c2795fd7dc19f26a457a9ffe5ac88766809e16492f6ebed688441524
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f696637e5a40eb203de8678ee6350211263cafba9239290a1f1e54440839b762
f7037190c446071a76c7adb272153f34d1366a185c269c2c4d86b8c5f042564c
f9c39680773790fb7a554a7f9a70238e4a521cc3d8d8c82641d37c69cc740630
f9d6eafcb51142ebbffdf3fdcd4643607b85b32c39987f1b6677396808cb9904
fd1f2c9587e46bd8a9f9da94c91cafd15a1188d95756c237fcf4e86b58df64ca

premier.ticketek.com.au Open in urlscan Pro 45.60.196.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

186 Requests

86 %HTTPS

45 %IPv6

44 Domains

62 Subdomains

48 IPs

3 Countries

2473 kBTransfer

7358 kBSize

80 Cookies

21 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

premier.ticketek.com.au Open in urlscan Pro
45.60.196.230 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

86 %
HTTPS

45 %
IPv6

44
Domains

62
Subdomains

48
IPs

3
Countries

2473 kB
Transfer

7358 kB
Size

80
Cookies

186 HTTP transactions
0 data transactions