URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backl...
Submission: On November 30 via api from PL — Scanned from DE

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 47 HTTP transactions. The main IP is 2600:9000:214f:6600:b:ee9a:1d00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.tmz.com. The Cisco Umbrella rank of the primary domain is 35843.
TLS certificate: Issued by Amazon on February 23rd 2022. Valid for: a year.
This is the only time www.tmz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
29 tmz.com
www.tmz.com — Cisco Umbrella Rank: 35843
static.tmz.com — Cisco Umbrella Rank: 62718
imagez.tmz.com — Cisco Umbrella Rank: 49686
smetrics.tmz.com — Cisco Umbrella Rank: 62854
1 MB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 251
fox.demdex.net — Cisco Umbrella Rank: 22152
6 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 142
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
131 KB
2 foxnews.com
static.foxnews.com — Cisco Umbrella Rank: 9918
19 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 192
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
161 KB
2 fox.com
strike.fox.com — Cisco Umbrella Rank: 17142
150 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1124
517 B
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 1514
501 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2321
345 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
27 KB
47 12
Domain Requested by
15 imagez.tmz.com www.tmz.com
8 static.tmz.com www.tmz.com
static.tmz.com
4 smetrics.tmz.com www.tmz.com
3 dpm.demdex.net 1 redirects
2 static.foxnews.com strike.fox.com
2 securepubads.g.doubleclick.net www.googletagservices.com
2 sb.scorecardresearch.com www.tmz.com
2 www.googletagmanager.com www.tmz.com
2 strike.fox.com www.tmz.com
strike.fox.com
2 www.tmz.com static.tmz.com
1 cm.everesttech.net 1 redirects
1 fox.demdex.net www.tmz.com
1 www.google.co.uk www.tmz.com
1 www.google-analytics.com www.tmz.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.googletagservices.com www.tmz.com
47 17
Subject Issuer Validity Valid
tmz.com
Amazon
2022-02-23 -
2023-03-24
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
strike.fox.com
DigiCert ECC Secure Server CA
2022-02-19 -
2023-02-22
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.tmz.com
R3
2022-10-20 -
2023-01-18
3 months crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
www.google.co.uk
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.foxnews.com
R3
2022-11-29 -
2023-02-27
3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
smetrics.tmz.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-13 -
2023-09-13
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Frame ID: FC0E04AFED0E251919359BFB8DC5D64D
Requests: 63 HTTP requests in this frame

Frame: https://fox.demdex.net/dest5.html?d_nsid=0
Frame ID: D7DEA228700FECF07771BB176B6C06E5
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

47
Requests

96 %
HTTPS

65 %
IPv6

12
Domains

17
Subdomains

17
IPs

5
Countries

1968 kB
Transfer

4424 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504
Request Chain 59
  • https://cm.everesttech.net/cm/dd?d_uuid=06043338941043347300065006098973212309 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/
389 KB
391 KB
Document
General
Full URL
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6600:b:ee9a:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
511902df92a5c5d2929fc536cafc1eaa432e3a7370511ae3ef43246e2be6c86d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, public, s-maxage=120
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Wed, 30 Nov 2022 13:44:29 GMT
link
<https://imagez.tmz.com>; rel="preconnect"; crossorigin="anonymous",<https://static.tmz.com>; rel="preconnect"; crossorigin="anonymous"
referrer-policy
unsafe-url
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
CloudFront-Viewer-Country
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-id
gzi-wYUKg-JSm6NF0qLC7YRS06366nXzRIEnJOA1PA3_P2IdKmcPOA==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-fpc
miss
x-fpc-key
0ae917b729d1808c6b5c652727aa7f7e6b8459788d5d4effd37283372b16ceb5
x-frame-options
SAMEORIGIN
x-node-ref
tmz:article:32f4793f-256a-43c6-90d5-e17fc33407b3
x-node-updated-at
1669798858
x-xss-protection
1; mode=block
main.desktop.73842676f4c328c670a5.css
static.tmz.com/tmz-web/client/v3.5/
782 KB
272 KB
Stylesheet
General
Full URL
https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d54f95f3cdb1a8f496fd932d57ba91fbdee0fd8e4498b7edd66a2bf27055820

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:07:54 GMT
x-amz-version-id
AGaxM7F5VbHck7U69E0AG.cF9z7EeLI9
content-encoding
gzip
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1096596
x-amz-meta-app-version
3.5.5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified
Thu, 17 Nov 2022 21:02:26 GMT
server
AmazonS3
etag
W/"933ada21f779d6d207d2c1e421219f54"
vary
Accept-Encoding
content-type
text/css
x-amz-meta-app-build
15b91a1
cache-control
max-age=31536000
x-amz-meta-app-id
tmz-web
x-amz-cf-id
evBSbS1KU31_2smIF9BkuP6nkxEKsgFyzwYUayymXUuQ4Q43zNPANg==
main.desktop.b0a68d90.js
static.tmz.com/tmz-web/client/v3.5/
534 KB
161 KB
Script
General
Full URL
https://static.tmz.com/tmz-web/client/v3.5/main.desktop.b0a68d90.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9a541b8309a9c98a210d8a2f67b057e91e15337bd7b7bfb80ff99ed53aa20b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:07:54 GMT
x-amz-version-id
bFPEa.tXdq_jAxLaZ48k8VraqKLtxGuV
content-encoding
gzip
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1096596
x-amz-meta-app-version
3.5.5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified
Thu, 17 Nov 2022 21:02:26 GMT
server
AmazonS3
etag
W/"43fad11f1f7184349c19125c2e8b88a4"
vary
Accept-Encoding
content-type
application/javascript
x-amz-meta-app-build
15b91a1
cache-control
max-age=31536000
x-amz-meta-app-id
tmz-web
x-amz-cf-id
zYiySNVzPc9vfLJ5HV5iOil-U7z0t22_hf33Kvj4yy_4VyDkUI9JIg==
gpt.js
www.googletagservices.com/tag/js/
79 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e8e8c9964a446fba9a9473662b21fae9b3b9b54a391f5d637e5e7e6b426aa5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27287
x-xss-protection
0
server
sffe
etag
"1407 / 746 of 1000 / last-modified: 1669810420"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 30 Nov 2022 13:44:30 GMT
loader.js
strike.fox.com/static/tmz/display/
26 KB
3 KB
Script
General
Full URL
https://strike.fox.com/static/tmz/display/loader.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4596b8f70765ac359440801b4366c45c43dc9d80a0eef302eb98c2536e2a516
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
eQS5Ig.VqH3q8pBnu99jU505LTrS_CcX
content-encoding
gzip
date
Wed, 30 Nov 2022 13:44:30 GMT
strict-transport-security
max-age=15768000 ; preload
x-amz-request-id
8BYK49C51H17QA72
content-length
2355
x-amz-id-2
iAktYgIgZ8RAeKeNrUuRK0mNCK92OrwS//EPswJv56S4dGksv19G+jhZtunSN6rswGUl0D5uwDc=
last-modified
Mon, 28 Nov 2022 18:11:30 GMT
server
AmazonS3
etag
"09a5934cfdc36aa5a5918a1b06a0f618"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
expires
Wed, 30 Nov 2022 13:54:30 GMT
js
www.googletagmanager.com/gtag/
219 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
144a7eca00a40bd37ae2e0658b51423c4914918f392c0034cc5a1c5daf2dab5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77496
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 30 Nov 2022 13:44:30 GMT
gtm.js
www.googletagmanager.com/
264 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTN543J&gtm_cookies_win=x
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be274931bfd06793da33557f7e0f099a0ff8b5ccceea5609752a11341f2cd590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87132
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Nov 2022 13:44:30 GMT
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f87e0dcba2abd16cb866b949dd143edfa89dbc536b48a8d612b5a38365a256e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/jpeg
SourceSansPro-Regular.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/
13 KB
13 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/SourceSansPro-Regular.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin
https://www.tmz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:08:04 GMT
x-amz-version-id
S.Vk6c4Pb8E8H6.m_8hjPo_WXe6sP99z
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age
1096587
x-amz-cf-pop
FRA6-C1
x-amz-meta-app-version
3.5.5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12960
x-amz-meta-app-deployment-id
last-modified
Thu, 17 Nov 2022 21:02:25 GMT
server
AmazonS3
etag
"967c60da0742e7f2bdfbde13accaf519"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
15b91a1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id
tmz-web
x-amz-cf-id
RXdYKOKmWu40-l6wC11oUp4EdgfmtIPcPgb-XyqTS6aGnlBEcyOHPA==
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bec0ffd165ea083d019c7eaf6751df04c44f23fedf9f003ee93abec9549890e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd8aa6afb1cb32a958af8de7a67bb5ba03bdf396b38fcdb760510728937f700a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7012c52e94ac1bbe1e1b1cd8246e3ef624d303cc53e76a11be2b10a65c0f1119

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef355ff29a5e65e0a41ae3aaff2d13fef94f38ff30c69090c6f89acb6752e50d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7fcd7819c44473cbd40aabdc1295459afceecd0ddb53f73494f7d964a5ee519

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
black-webfont.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/proxima-nova-extra-condensed/
17 KB
18 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.5/fonts/proxima-nova-extra-condensed/black-webfont.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b36f3075218f2b29c578581c453b28827b8621643878c86bd87aa9f6a1f5082a

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin
https://www.tmz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:07:47 GMT
x-amz-version-id
ZO92ZUpJoGFhCVyyMHtSol_xyM1IhLDU
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age
1096604
x-amz-cf-pop
FRA6-C1
x-amz-meta-app-version
3.5.5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
17880
x-amz-meta-app-deployment-id
last-modified
Thu, 17 Nov 2022 21:02:25 GMT
server
AmazonS3
etag
"66e7b6660a29694e64c02561f9e14490"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
15b91a1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id
tmz-web
x-amz-cf-id
HzzSmbw7HWG1MVDHmznXKz4QkenRS68XTWdkPXoi6M_lytTZX9FsGw==
Cousine-Regular.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/cousine/
9 KB
9 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.5/fonts/cousine/Cousine-Regular.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
498cdc663af8386da9619e180dac64083911a0eda94f0aad30af3195f88f30c3

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin
https://www.tmz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:07:47 GMT
x-amz-version-id
WfZxZ8igEYOI6qhANMsqu.IiKSEiy1R_
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age
1096604
x-amz-cf-pop
FRA6-C1
x-amz-meta-app-version
3.5.5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8748
x-amz-meta-app-deployment-id
last-modified
Thu, 17 Nov 2022 21:02:25 GMT
server
AmazonS3
etag
"c417ddf1b447836f9e8274339f6dfaeb"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
15b91a1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id
tmz-web
x-amz-cf-id
STyvqjmHymlEuZy7jn5INAmdnI3Htd-k2cNgEQ0gaASx62YWnb_F0w==
truncated
/
968 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a94387ee27cfd20bff92b62976e9664f14abe8b1c09c81d49f18de24a2324bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
604 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4770f1d988a9ee981ecf5db15f5aa20f166bdbe225f4466715c2da29b938171d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
SourceSansPro-Bold.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/
12 KB
13 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/SourceSansPro-Bold.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin
https://www.tmz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:08:04 GMT
x-amz-version-id
R5C3TFKvm82QdYMlUiVJgB7vfE2_E8NT
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age
1096587
x-amz-cf-pop
FRA6-C1
x-amz-meta-app-version
3.5.5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12600
x-amz-meta-app-deployment-id
last-modified
Thu, 17 Nov 2022 21:02:25 GMT
server
AmazonS3
etag
"35c8f8dfc61f476426607c74422b7d17"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
15b91a1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id
tmz-web
x-amz-cf-id
UMf4tJN3_pnlvJaKcUZL71PFXgezuUeaMHf99r2XFIHo23B97bes-Q==
SourceSansPro-Semibold.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/
11 KB
12 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/SourceSansPro-Semibold.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
115ea8ccc77135e889658e3922a3ce4747db8cd8a9ffc82286d4b48c771c4da0

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin
https://www.tmz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:08:04 GMT
x-amz-version-id
Ulvif4v6MaYaiA6aStneLxqOr8Csx9nk
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age
1096587
x-amz-cf-pop
FRA6-C1
x-amz-meta-app-version
3.5.5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11256
x-amz-meta-app-deployment-id
last-modified
Thu, 17 Nov 2022 21:02:25 GMT
server
AmazonS3
etag
"e80eefb2e693f982ade7d2f9c41c59ea"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
15b91a1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id
tmz-web
x-amz-cf-id
MxO-h8f9golRBvDPoTyT4i8NrlV_deQLPoc9X4KPpgamxrptqscrIQ==
57a5c0a1cda7439fb88332eb9451cf02_xs.jpg
imagez.tmz.com/image/57/16by9/2022/11/29/
7 KB
7 KB
Image
General
Full URL
https://imagez.tmz.com/image/57/16by9/2022/11/29/57a5c0a1cda7439fb88332eb9451cf02_xs.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a65b248a606ee896694873795575b70e93e0c7c5377a666ca982f60c03e44c01
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 cd3b189d4dff15bd0a2ccf14f97ffda2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
76780
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=542509 idim=1200x900 ifmt=jpeg ofsz=6960 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
6960
x-served-by
cache-iad-kcgs7200145-IAD, cache-bog2260035-BOG
x-timer
S1669815871.659836,VS0,VE0
etag
"nCLHbEBb5hQYqkI04xGdSpvcxJFpYr/J5kfxGJS7ySo"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
63, 4
d5413a24c04e437bab11790909d8bf58_xs.jpg
imagez.tmz.com/image/d5/16by9/2022/11/29/
14 KB
15 KB
Image
General
Full URL
https://imagez.tmz.com/image/d5/16by9/2022/11/29/d5413a24c04e437bab11790909d8bf58_xs.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef404db25db2be8b7b0c5e4e9f61f44d22b55308b24486d8b042e52baef8a2b5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
70048
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=139547 idim=700x397 ifmt=jpeg ofsz=14352 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
14352
x-served-by
cache-iad-kcgs7200050-IAD, cache-bog2260035-BOG
x-timer
S1669815871.659845,VS0,VE0
etag
"Ph4sSfKfEy1emDs/g3aq3nqK5fqyQF2e8ah7Zi7Y/Q0"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
80, 3
e40e2ff265914bc9820eb814f403c25b_xs.png
imagez.tmz.com/image/e4/16by9/2022/11/29/
39 KB
39 KB
Image
General
Full URL
https://imagez.tmz.com/image/e4/16by9/2022/11/29/e40e2ff265914bc9820eb814f403c25b_xs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d625f275ead52b0b3740fc732756a53aa620ecf5af0b79d4e5094dd292e7fe96
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 795fca0399f361701665c0d9fab45324.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
48817
x-cache
Hit from cloudfront, HIT, HIT
fastly-io-info
ifsz=400927 idim=1200x900 ifmt=png ofsz=39666 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
39666
x-served-by
cache-iad-kcgs7200044-IAD, cache-bog2260035-BOG
x-timer
S1669815871.660558,VS0,VE1
etag
"9y1DD6u5iBCXMnDnL5ZctX1jLG86EwIsllkzq2Jsok0"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
86, 1
c89e39eb376d442fabcf9a1913a2a5c0_xs.jpg
imagez.tmz.com/image/c8/16by9/2022/11/29/
16 KB
16 KB
Image
General
Full URL
https://imagez.tmz.com/image/c8/16by9/2022/11/29/c89e39eb376d442fabcf9a1913a2a5c0_xs.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
188443415e8991f998cb10a0d9014f5d5d78b72d1e106ed0093fc6032dcf2abd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 17d601c1a37e4e7f1ee73eac5ce62cf4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
69707
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=159314 idim=700x397 ifmt=jpeg ofsz=16390 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
16390
x-served-by
cache-iad-kiad7000086-IAD, cache-bog2260035-BOG
x-timer
S1669815871.660497,VS0,VE0
etag
"wG2QdEhoY80cGl6nqD4u4/1TPNBqUx1ksVBr8CIcr+Y"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
105, 3
fe1919f2f23244db941c4d434d9d5e14_xs.png
imagez.tmz.com/image/fe/16by9/2022/11/29/
65 KB
65 KB
Image
General
Full URL
https://imagez.tmz.com/image/fe/16by9/2022/11/29/fe1919f2f23244db941c4d434d9d5e14_xs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4888de9727a5eff309b0da178876456cd57adec176daa97f988d1167e88031dd
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
51538
x-cache
Miss from cloudfront, MISS, HIT
fastly-io-info
ifsz=569722 idim=1200x900 ifmt=png ofsz=66240 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
66240
x-served-by
cache-iad-kcgs7200065-IAD, cache-bog2260035-BOG
x-timer
S1669815871.660075,VS0,VE1
etag
"vGcuNxc9G3QJCRPPvDgOBQiTn6uEbAjVoNz7QcdV+ik"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
0, 86
truncated
/
1017 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df9d59befe3cdcdcb635da58ddbcf2cb780968aae5d8eedb828e1a1ee6ff77f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
309 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23aa2477d57f3c5e361191e56e891751ecebb1e90fbf4bbce66316d21f6d321e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
SourceSansPro-Black.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/
12 KB
12 KB
Font
General
Full URL
https://static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/SourceSansPro-Black.woff2
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe1fd2390971d20586c515c99cbdf53ed0f3a9e4ddb091222dfafeae3a5eabff

Request headers

Referer
https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin
https://www.tmz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 21:08:11 GMT
x-amz-version-id
nV3aSYxeb36VMTceJ5ByckXcWpUS2JDI
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age
1096580
x-amz-cf-pop
FRA6-C1
x-amz-meta-app-version
3.5.5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12148
x-amz-meta-app-deployment-id
last-modified
Thu, 17 Nov 2022 21:02:25 GMT
server
AmazonS3
etag
"435f7b2523c3412a713b3560e07e5f72"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control
max-age=31536000
x-amz-meta-app-build
15b91a1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id
tmz-web
x-amz-cf-id
XVCyMU9jTGqDA2q3s1GgJ1I7ceGPZuYkZza8U5G6xH9NBFWIiOXLAA==
ab13676869ef47a5b48366b60e9eb3f7_md.jpg
imagez.tmz.com/image/ab/4by3/2022/11/29/
57 KB
57 KB
Image
General
Full URL
https://imagez.tmz.com/image/ab/4by3/2022/11/29/ab13676869ef47a5b48366b60e9eb3f7_md.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
875a1c49674ff80c8b511c4853f7321c13a9a88f45eff5356c42384f28625175
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 2e8c2e7cad8a51072f754f4edb4b5714.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
54656
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=592116 idim=1200x900 ifmt=jpeg ofsz=58020 odim=728x546 ofmt=webp
fastly-stats
io=1
content-length
58020
x-served-by
cache-iad-kiad7000173-IAD, cache-bog2260035-BOG
x-timer
S1669815871.660070,VS0,VE0
etag
"ECWwdUxHANQF0rDp2dw4q9vvQkEDkzAbwaerClJEnCM"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
107, 3
057da00fd83d47ff85a59298cb779180_md.jpg
imagez.tmz.com/image/05/4by3/2022/11/29/
25 KB
25 KB
Image
General
Full URL
https://imagez.tmz.com/image/05/4by3/2022/11/29/057da00fd83d47ff85a59298cb779180_md.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e89590be51bdcf7b28b7d028f10be05aff19d8062a919d8c5c6b52162990bad6
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 2159b07a5dc01058f6b0620d8e160fea.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
55597
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=386411 idim=1200x900 ifmt=jpeg ofsz=25422 odim=728x546 ofmt=webp
fastly-stats
io=1
content-length
25422
x-served-by
cache-iad-kcgs7200173-IAD, cache-bog2260035-BOG
x-timer
S1669815871.671604,VS0,VE0
etag
"3kMjs8kBkPtwD4OE5QmHWVDAWvpbmvmiQg00KIC2hKg"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
107, 3
01cf92b507814cb294e6e0048d2e1a90_xxs.png
imagez.tmz.com/image/01/1by1/2022/11/15/
23 KB
23 KB
Image
General
Full URL
https://imagez.tmz.com/image/01/1by1/2022/11/15/01cf92b507814cb294e6e0048d2e1a90_xxs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6c7de739d39cb6ee98ca7bdb101ca6f222d8355c1a4ef4166523b0c428c7e33
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
223385
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=1842542 idim=1200x900 ifmt=png ofsz=23554 odim=125x125 ofmt=webp
fastly-stats
io=1
content-length
23554
x-served-by
cache-iad-kjyo7100023-IAD, cache-bog2260035-BOG
x-timer
S1669815871.671590,VS0,VE0
etag
"lCV6V0Q2934pRVlX44AXatEGTFHTyN0jsgBJBa7ZS78"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
122, 8
412c134bd59e437fadcda8a5a7fc78bf_md.jpg
imagez.tmz.com/image/41/4by3/2022/11/24/
62 KB
62 KB
Image
General
Full URL
https://imagez.tmz.com/image/41/4by3/2022/11/24/412c134bd59e437fadcda8a5a7fc78bf_md.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa55d4034609787cfef2b64b76240aacab9e4b0cdb255ce25d78033ec5536e64
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
516194
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=590790 idim=1200x900 ifmt=jpeg ofsz=63486 odim=728x546 ofmt=webp
fastly-stats
io=1
content-length
63486
x-served-by
cache-iad-kiad7000151-IAD, cache-bog2260035-BOG
x-timer
S1669815871.836296,VS0,VE0
etag
"Wuyfk9Xi5TiumfTow1YHRVvS1CxGbRujjZA0cTHgDVs"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
5291, 4
124838206fc745d3b5fce83505048b89_xs.jpg
imagez.tmz.com/image/12/16by9/2022/11/26/
10 KB
11 KB
Image
General
Full URL
https://imagez.tmz.com/image/12/16by9/2022/11/26/124838206fc745d3b5fce83505048b89_xs.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c9fa4f8032a53ae19f17d3acd80de773e1b357d9360dcaf37542895c175dac81
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 c5bb940b2890383b4ca2d8b74b68699a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
313298
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=274758 idim=1200x900 ifmt=jpeg ofsz=10652 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
10652
x-served-by
cache-iad-kcgs7200026-IAD, cache-bog2260035-BOG
x-timer
S1669815871.835744,VS0,VE0
etag
"0Gq2C3a4KlQeu/7hcpfjE8tBHi5TUD+q2CGoada8oZM"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
68, 381
86045e8c759f482e869a803fd37a30c5_xs.jpg
imagez.tmz.com/image/86/16by9/2021/10/03/
4 KB
5 KB
Image
General
Full URL
https://imagez.tmz.com/image/86/16by9/2021/10/03/86045e8c759f482e869a803fd37a30c5_xs.jpg
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
918be1459c6e2b7f56a69b4fea6daec0a395623d26e7ac692b3464c2a2f36c85
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 28601bc57104f7fc6c8886bc07b5e7bc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
1873764
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=409681 idim=1200x900 ifmt=jpeg ofsz=4550 odim=300x169 ofmt=webp
fastly-stats
io=1
content-length
4550
x-served-by
cache-iad-kjyo7100160-IAD, cache-bog2260035-BOG
x-timer
S1669815871.835729,VS0,VE0
etag
"1umBmHBp7Du2AakFyw1qMCDxFAS8qqNGiHnCAY/V0lU"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
117, 3
truncated
/
309 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
885986bfdfa66051cdd230317d32e32825bfc0555028dbfb4c7b0cf8ffe62f32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
127 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f5edf0a6fa9c455c21ce1d529e63ae18bf76aced3f563ce0457af25bea55f40

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
468 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18db706e6d0a4507c3931ad24000f6e1049c8b15f1e8378965d21a2bc33fa1e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33b376131cb7d939491f5112b411e6cd804c1d003810a388e9217af1122f4e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6f5be3b0b673d35437fd786f930a0e03fb3361f09919841681fb986ea0bcfd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4b3d838fac35e2bab26cdcfb3d24d43a506f527f1876b618021a52c0a0fc755

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-32.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 13:45:34 GMT
content-encoding
gzip
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
86337
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
4vRpPEMSUGLXpWxndqJA9eQWcm7xVKOW_os1aPmz0FM_UwQlcdbboA==
collect
region1.analytics.google.com/g/
0
345 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NCN9V8PMQF&gtm=2oebs0&_p=1536333135&_gaz=1&cid=2125111719.1669815870&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669815870&sct=1&seg=0&dl=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&dt=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 13:44:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
345 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NCN9V8PMQF&cid=2125111719.1669815870&gtm=2oebs0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 13:44:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tmz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Nov 2022 13:24:43 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1187
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 30 Nov 2022 15:24:43 GMT
sidebar.json
www.tmz.com/_/promotion/news-sidebar/
147 KB
148 KB
Fetch
General
Full URL
https://www.tmz.com/_/promotion/news-sidebar/sidebar.json
Requested by
Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.b0a68d90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:214f:6600:b:ee9a:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
04ba07a3779e487247d64a0ba5df072138949a702cbc47b8ee09b8cad2190629
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:42:47 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
age
103
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
unsafe-url
server
Apache
x-fpc-key
84988ea07d915ab597f19d0c3afb9b79d60d44a751183df4f5384ab8eb95f6dd
x-frame-options
SAMEORIGIN
vary
CloudFront-Viewer-Country
content-type
application/json
cache-control
max-age=304, public, s-maxage=304
x-robots-tag
noindex
x-fpc
miss
x-amz-cf-id
7O4Nf9QKBWFulK19Pix0-BSb8c6T4kOZ5pPaBhfJtjIDHHr2JVFNLg==
ga-audiences
www.google.co.uk/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NCN9V8PMQF&cid=2125111719.1669815870&gtm=2oebs0&aip=1&z=2105449904
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 13:44:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/
381 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 30 Nov 2023 13:09:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
428 B
800 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tmz.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e58f6ebff6e8fbaa831eca08ab13f80675e103737a814e5ee3f0d54cc09e51f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164
x-xss-protection
0
expires
Wed, 30 Nov 2022 13:44:30 GMT
app.v84.js
strike.fox.com/static/tmz/display/ver/
982 KB
147 KB
Script
General
Full URL
https://strike.fox.com/static/tmz/display/ver/app.v84.js
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0dbe80906b65b8ffb777e6fd51da0f5a74eb1cbc8f282530fa3a441eeff32dc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id
p.oemVt1mBZenOYaU0z1g6jap83RqF9V
content-encoding
gzip
date
Wed, 30 Nov 2022 13:44:30 GMT
strict-transport-security
max-age=15768000 ; preload
x-amz-request-id
NMWXCQQW1T5BETHG
x-amz-id-2
fcHmhREYVqAdEyHA4JxeiTcqKFNZXxONdfnW7mn6CRwM/KZk55hIkuckNY3aKxv+adxIjnIVwps=
last-modified
Mon, 28 Nov 2022 18:11:30 GMT
server
AmazonS3
etag
"a72d09774058b0b6fd822d4e8ac16cd7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
expires
Wed, 30 Nov 2022 13:54:30 GMT
b
sb.scorecardresearch.com/
0
189 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=3000013&cs_ucfr=0&cs_it=b3&cv=3.8.0.210223&ns__t=1669815870408&ns_c=UTF-8&c7=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&c8=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&c9=
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-32.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
-5ai3UXGwTV8JUcYW9vgJfQCbZkR-5mh_6XjDFJbM_D6xHqjaPzOZA==
x-cache
Miss from cloudfront
truncated
/
101 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbc9fb5c776718322e4bf5201090fe5d5daf040d9c393c1b11011da1f190347b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
01cf92b507814cb294e6e0048d2e1a90_xxs.png
imagez.tmz.com/image/01/4by3/2022/11/15/
17 KB
18 KB
Image
General
Full URL
https://imagez.tmz.com/image/01/4by3/2022/11/15/01cf92b507814cb294e6e0048d2e1a90_xxs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
18588d2387972bde966c4697995fe564454d2939ab80c5b170fbb0eac3634b89
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
129113
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=1842542 idim=1200x900 ifmt=png ofsz=17506 odim=125x94 ofmt=webp
fastly-stats
io=1
content-length
17506
x-served-by
cache-iad-kjyo7100023-IAD, cache-bog2260035-BOG
x-timer
S1669815871.835747,VS0,VE0
etag
"ve8V8dFkGhkQ11YMnxWpwK1A9d9yKGlzhY+zfM5sjBE"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
30, 2
6088406dea98462fb3e127104d0bde91_xxs.png
imagez.tmz.com/image/60/4by3/2022/11/27/
15 KB
15 KB
Image
General
Full URL
https://imagez.tmz.com/image/60/4by3/2022/11/27/6088406dea98462fb3e127104d0bde91_xxs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca5a32846cac806920c1094d4450e0369d7e33c2719356471e99076206683709
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
243809
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=731398 idim=1200x900 ifmt=png ofsz=15440 odim=125x94 ofmt=webp
fastly-stats
io=1
content-length
15440
x-served-by
cache-iad-kiad7000038-IAD, cache-bog2260035-BOG
x-timer
S1669815871.835700,VS0,VE1
etag
"4PaT6yE9/pYo13HriDcSjDaOPfNsQtF0W8B3WEuRTyE"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
72, 1
52b1ba80edb54db0b0c88dd0fc9a1004_xxs.png
imagez.tmz.com/image/52/4by3/2022/11/29/
19 KB
19 KB
Image
General
Full URL
https://imagez.tmz.com/image/52/4by3/2022/11/29/52b1ba80edb54db0b0c88dd0fc9a1004_xxs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ebccb57aefb788cec5cca1c6ec2318050c0ff378b8a2a1362248102e8a5c3b5a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 b3e6aa6408d9b27acff39fa80612846a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
77547
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=1188807 idim=1200x900 ifmt=png ofsz=19360 odim=125x94 ofmt=webp
fastly-stats
io=1
content-length
19360
x-served-by
cache-iad-kjyo7100091-IAD, cache-bog2260035-BOG
x-timer
S1669815871.835689,VS0,VE1
etag
"rcwkR5JFTcaGcnTZuSG+opOs2FkuvqRQABLuR+iuifs"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
124, 1
23d608d28aa149b3acb909ab91a79515_xxs.png
imagez.tmz.com/image/23/4by3/2022/11/28/
23 KB
23 KB
Image
General
Full URL
https://imagez.tmz.com/image/23/4by3/2022/11/28/23d608d28aa149b3acb909ab91a79515_xxs.png
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1920de40914bc145251834621741e07e76d43e49481a21b9450c846f6237d50
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
age
139322
x-cache
Miss from cloudfront, HIT, HIT
fastly-io-info
ifsz=604051 idim=1200x900 ifmt=png ofsz=23650 odim=125x94 ofmt=webp
fastly-stats
io=1
content-length
23650
x-served-by
cache-iad-kcgs7200058-IAD, cache-bog2260035-BOG
x-timer
S1669815871.835680,VS0,VE0
etag
"F4gTnBV2LyVKz5c9p9UNee1sxjIBZwWPyqbf/iMwYxY"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
access-control-allow-credentials
false
vary
Accept
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
329, 2
geo.js
static.foxnews.com/static/orion/scripts/core/utils/
5 KB
5 KB
Script
General
Full URL
https://static.foxnews.com/static/orion/scripts/core/utils/geo.js?cb=1669815870458&v=v84
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d011bb2cd622a1ec295f6a23f0a0e86d67f87acb0532b3e4337e86b9cc5f46b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by
cache-hhn4055-HHN
date
Wed, 30 Nov 2022 13:44:30 GMT
via
1.1 varnish
strict-transport-security
max-age=31557600
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST
x-cache
HIT
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
5164
retry-after
0
x-cache-hits
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504
362 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504
Protocol
HTTP/1.1
Server
34.248.30.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-30-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0bd9552a2c654d1cca8e9195b6ebfd6119a4538faec2cee558cb0e0593352a8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-06ebc79ba.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
M9pBAajYTx4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.tmz.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-0a888e68a.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
D/9Sju6lSi0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.tmz.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
lodash.js
static.foxnews.com/static/strike/scripts/libs/
37 KB
13 KB
Script
General
Full URL
https://static.foxnews.com/static/strike/scripts/libs/lodash.js?v=v84
Requested by
Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v84.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
695f451e4fc7dcd1cf77c4bb26f4b8bfd64dcee1b35f7f131d08bd0017044064
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 13:44:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
72819
x-cache
HIT, HIT
content-length
13367
x-served-by
cache-iad-kiad7000029-IAD, cache-hhn4055-HHN
last-modified
Tue, 15 Nov 2022 21:13:16 GMT
x-timer
S1669815871.579736,VS0,VE1
etag
"e5b73a0c7c56d44909a07f7f0cd37c3d"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
x-debug-path
/static/strike/scripts/libs/lodash.js
access-control-allow-headers
*
x-cache-hits
1, 30
dest5.html
fox.demdex.net/ Frame D7DE
7 KB
3 KB
Document
General
Full URL
https://fox.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.137.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-137-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
bhf+kzgkS8o=
content-encoding
gzip
date
Wed, 30 Nov 2022 13:44:31 GMT
last-modified
Fri, 28 Oct 2022 11:22:24 GMT
vary
accept-encoding
id
smetrics.tmz.com/
48 B
455 B
XHR
General
Full URL
https://smetrics.tmz.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&mid=00853450629233735470696580386397418740&ts=1669815871131
Requested by
Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a7334889d220f7f70d2c8d599509a347b12f17e5dc70c35fbdbde531598aa6ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 30 Nov 2022 13:44:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.tmz.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=06043338941043347300065006098973212309
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-
Protocol
HTTP/1.1
Server
34.248.30.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-30-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6paqI58zSkc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-
Date
Wed, 30 Nov 2022 13:44:31 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s25471027606283
smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/
43 B
311 B
Image
General
Full URL
https://smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/s25471027606283?AQB=1&ndh=1&pf=1&t=30%2F10%2F2022%2013%3A44%3A31%203%200&mid=00853450629233735470696580386397418740&aamlh=6&ce=UTF-8&cdp=3&pageName=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&g=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&cc=USD&v0=share-tw&events=event6%2Cevent3%3D321&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=tmz-web&v1=tmz-web&c2=article&v2=article&c3=news&v3=news&c5=legal&v5=legal&c6=n%2Fa&v6=n%2Fa&c7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&v7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&c13=321&v13=321&c14=n%2Fa&v14=n%2Fa&c15=5%3A00AM&v15=5%3A00AM&c16=Wednesday&v16=Wednesday&c17=Weekday&v17=Weekday&c18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&v18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&c20=9%3A00AM&v20=9%3A00AM&c21=Wednesday&v21=Wednesday&c22=Weekday&v22=Weekday&c23=2022-11-30T09%3A00%3A58.896Z&v23=2022-11-30T09%3A00%3A58.896Z&c27=New&v27=New&c34=desktop&v34=desktop&c43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&v43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&c44=32f4793f-256a-43c6-90d5-e17fc33407b3&v44=32f4793f-256a-43c6-90d5-e17fc33407b3&c45=share-tw&v45=share-tw&c51=9%3A00AM&v51=9%3A00AM&c52=Wednesday&v52=Wednesday&c53=Weekday&v53=Weekday&c54=2022-11-30T09%3A00%3A44.000Z&v54=2022-11-30T09%3A00%3A44.000Z&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 13:44:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 01 Dec 2022 13:44:31 GMT
server
jag
etag
3585902279363297280-4619635397719159181
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 29 Nov 2022 13:44:31 GMT
s28656928944118
smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/
43 B
299 B
Image
General
Full URL
https://smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/s28656928944118?AQB=1&ndh=1&pf=1&t=30%2F10%2F2022%2013%3A44%3A31%203%200&mid=00853450629233735470696580386397418740&aamlh=6&ce=UTF-8&cdp=3&pageName=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&g=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&cc=USD&events=event15%3D389.29999923706055%2Cevent3%3D321&c1=tmz-web&v1=tmz-web&c2=article&v2=article&c3=news&v3=news&c5=legal&v5=legal&c6=n%2Fa&v6=n%2Fa&c7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&v7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&c13=321&v13=321&c14=n%2Fa&v14=n%2Fa&c18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&v18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&c20=9%3A00AM&v20=9%3A00AM&c21=Wednesday&v21=Wednesday&c22=Weekday&v22=Weekday&c23=2022-11-30T09%3A00%3A58.896Z&v23=2022-11-30T09%3A00%3A58.896Z&c34=desktop&v34=desktop&c43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&v43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&c44=32f4793f-256a-43c6-90d5-e17fc33407b3&v44=32f4793f-256a-43c6-90d5-e17fc33407b3&c51=9%3A00AM&v51=9%3A00AM&c52=Wednesday&v52=Wednesday&c53=Weekday&v53=Weekday&c54=2022-11-30T09%3A00%3A44.000Z&v54=2022-11-30T09%3A00%3A44.000Z&c60=389.29999923706055&v60=389.29999923706055&pe=lnk_o&pev2=track%20web%20vitals&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 13:44:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 01 Dec 2022 13:44:32 GMT
server
jag
etag
3585902282409902080-4619785848807051914
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 29 Nov 2022 13:44:32 GMT
s26074066193462
smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/
43 B
231 B
Image
General
Full URL
https://smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/s26074066193462?AQB=1&ndh=1&pf=1&t=30%2F10%2F2022%2013%3A44%3A31%203%200&mid=00853450629233735470696580386397418740&aamlh=6&ce=UTF-8&cdp=3&pageName=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&g=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&cc=USD&events=event16%3D223.39999961853027%2Cevent3%3D321&c1=tmz-web&v1=tmz-web&c2=article&v2=article&c3=news&v3=news&c5=legal&v5=legal&c6=n%2Fa&v6=n%2Fa&c7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&v7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&c13=321&v13=321&c14=n%2Fa&v14=n%2Fa&c18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&v18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&c20=9%3A00AM&v20=9%3A00AM&c21=Wednesday&v21=Wednesday&c22=Weekday&v22=Weekday&c23=2022-11-30T09%3A00%3A58.896Z&v23=2022-11-30T09%3A00%3A58.896Z&c34=desktop&v34=desktop&c43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&v43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&c44=32f4793f-256a-43c6-90d5-e17fc33407b3&v44=32f4793f-256a-43c6-90d5-e17fc33407b3&c51=9%3A00AM&v51=9%3A00AM&c52=Wednesday&v52=Wednesday&c53=Weekday&v53=Weekday&c54=2022-11-30T09%3A00%3A44.000Z&v54=2022-11-30T09%3A00%3A44.000Z&c61=223.39999961853027&v61=223.39999961853027&pe=lnk_o&pev2=track%20web%20vitals&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Nov 2022 13:44:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 01 Dec 2022 13:44:32 GMT
server
jag
etag
3585902281968779264-4619364857646252756
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 29 Nov 2022 13:44:32 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| SITE_BASE_URL string| STATIC_BASE_URL string| CLIENT_PUBLIC_PATH string| AMP_BASE_URL string| DAM_DEFAULT_BASE_URL string| DAM_IMAGE_BASE_URL string| DAM_VIDEO_BASE_URL string| SHARE_BASE_URL string| WEB_BASE_URL string| DEVICE_VIEW string| VIEWER_COUNTRY boolean| GDPR_APPLIES string| APP_ENV string| APP_VENDOR string| APP_NAME string| APP_VERSION string| APP_BUILD string| APP_DEPLOYMENT_ID string| CLOUD_PROVIDER string| CLOUD_REGION string| CLOUD_ZONE boolean| IS_STAFF object| CLIENT_PRELOADED_STATE object| dataLayer object| wbq object| googletag object| foxstrike object| google_tag_manager object| google_tag_data function| gtmVisitorApi function| gtmLoadAppMeasurement function| onYouTubeIframeAPIReady object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime function| __uspapi function| consentsTo function| watchConsent object| wbabt function| jQuery function| $ object| TMZ object| s object| asq object| _comscore function| gtag object| gaGlobal string| GoogleAnalyticsObject function| ga number| ttfb string| fcp string| lcp string| fid string| cls object| ggeac object| google_js_reporting_queue object| COMSCORE function| udm_ object| ns_p object| gaplugins object| gaData function| _typeof undefined| google_measure_js_timing object| adobe function| Visitor object| s_c_il number| s_c_in function| e function| AppMeasurement_Module_Media number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| gtm string| s_account object| LOC_START_TIME boolean| CUSTOM_ANNOUNCED object| FNC function| lodash string| x string| y object| s_i_wbrostmz

15 Cookies

Domain/Path Name / Value
.tmz.com/ Name: _ga_NCN9V8PMQF
Value: GS1.1.1669815870.1.0.1669815870.60.0.0
.tmz.com/ Name: _ga
Value: GA1.2.2125111719.1669815870
.tmz.com/ Name: _gid
Value: GA1.2.187454983.1669815870
www.tmz.com/ Name: FXN_flk
Value: 1
.demdex.net/ Name: demdex
Value: 06043338941043347300065006098973212309
.tmz.com/ Name: AMCVS_69AD1D725DDBE4560A495ECF%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y4dePwAAAKpZxAN-
.dpm.demdex.net/ Name: dpm
Value: 06043338941043347300065006098973212309
.tmz.com/ Name: s_ecid
Value: MCMID%7C00853450629233735470696580386397418740
.tmz.com/ Name: AMCV_69AD1D725DDBE4560A495ECF%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19327%7CMCMID%7C00853450629233735470696580386397418740%7CMCAAMLH-1670420671%7C6%7CMCAAMB-1670420671%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1669823071s%7CNONE%7CMCSYNCSOP%7C411-19334%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.www.tmz.com/ Name: s_campaign
Value: share-tw
.www.tmz.com/ Name: s_ppn
Value: Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim
.www.tmz.com/ Name: s_cc
Value: true
.www.tmz.com/ Name: s_nrv
Value: 1669815871803-New
.smetrics.tmz.com/ Name: s_ecid
Value: MCMID%7C00853450629233735470696580386397418740

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
dpm.demdex.net
fox.demdex.net
imagez.tmz.com
region1.analytics.google.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smetrics.tmz.com
static.foxnews.com
static.tmz.com
stats.g.doubleclick.net
strike.fox.com
www.google-analytics.com
www.google.co.uk
www.googletagmanager.com
www.googletagservices.com
www.tmz.com
15.188.95.229
151.101.130.132
2001:4860:4802:32::36
2600:9000:2057:ce00:a:ddda:cf00:93a1
2600:9000:214f:6600:b:ee9a:1d00:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c0c::9d
2a02:26f0:1700:d::1737:6ebe
2a04:4e42:400::644
3.248.137.172
34.248.30.105
54.77.60.152
99.86.4.32
04ba07a3779e487247d64a0ba5df072138949a702cbc47b8ee09b8cad2190629
0bd9552a2c654d1cca8e9195b6ebfd6119a4538faec2cee558cb0e0593352a8c
0d54f95f3cdb1a8f496fd932d57ba91fbdee0fd8e4498b7edd66a2bf27055820
115ea8ccc77135e889658e3922a3ce4747db8cd8a9ffc82286d4b48c771c4da0
144a7eca00a40bd37ae2e0658b51423c4914918f392c0034cc5a1c5daf2dab5c
18588d2387972bde966c4697995fe564454d2939ab80c5b170fbb0eac3634b89
188443415e8991f998cb10a0d9014f5d5d78b72d1e106ed0093fc6032dcf2abd
18db706e6d0a4507c3931ad24000f6e1049c8b15f1e8378965d21a2bc33fa1e9
1d011bb2cd622a1ec295f6a23f0a0e86d67f87acb0532b3e4337e86b9cc5f46b
23aa2477d57f3c5e361191e56e891751ecebb1e90fbf4bbce66316d21f6d321e
33b376131cb7d939491f5112b411e6cd804c1d003810a388e9217af1122f4e35
3e8e8c9964a446fba9a9473662b21fae9b3b9b54a391f5d637e5e7e6b426aa5d
3f5edf0a6fa9c455c21ce1d529e63ae18bf76aced3f563ce0457af25bea55f40
4770f1d988a9ee981ecf5db15f5aa20f166bdbe225f4466715c2da29b938171d
4888de9727a5eff309b0da178876456cd57adec176daa97f988d1167e88031dd
498cdc663af8386da9619e180dac64083911a0eda94f0aad30af3195f88f30c3
511902df92a5c5d2929fc536cafc1eaa432e3a7370511ae3ef43246e2be6c86d
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
695f451e4fc7dcd1cf77c4bb26f4b8bfd64dcee1b35f7f131d08bd0017044064
7012c52e94ac1bbe1e1b1cd8246e3ef624d303cc53e76a11be2b10a65c0f1119
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
875a1c49674ff80c8b511c4853f7321c13a9a88f45eff5356c42384f28625175
885986bfdfa66051cdd230317d32e32825bfc0555028dbfb4c7b0cf8ffe62f32
8a94387ee27cfd20bff92b62976e9664f14abe8b1c09c81d49f18de24a2324bf
918be1459c6e2b7f56a69b4fea6daec0a395623d26e7ac692b3464c2a2f36c85
9f87e0dcba2abd16cb866b949dd143edfa89dbc536b48a8d612b5a38365a256e
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
a0dbe80906b65b8ffb777e6fd51da0f5a74eb1cbc8f282530fa3a441eeff32dc
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a65b248a606ee896694873795575b70e93e0c7c5377a666ca982f60c03e44c01
a7334889d220f7f70d2c8d599509a347b12f17e5dc70c35fbdbde531598aa6ad
b1920de40914bc145251834621741e07e76d43e49481a21b9450c846f6237d50
b36f3075218f2b29c578581c453b28827b8621643878c86bd87aa9f6a1f5082a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6c7de739d39cb6ee98ca7bdb101ca6f222d8355c1a4ef4166523b0c428c7e33
b9a541b8309a9c98a210d8a2f67b057e91e15337bd7b7bfb80ff99ed53aa20b1
be274931bfd06793da33557f7e0f099a0ff8b5ccceea5609752a11341f2cd590
bec0ffd165ea083d019c7eaf6751df04c44f23fedf9f003ee93abec9549890e1
c9fa4f8032a53ae19f17d3acd80de773e1b357d9360dcaf37542895c175dac81
ca5a32846cac806920c1094d4450e0369d7e33c2719356471e99076206683709
cd8aa6afb1cb32a958af8de7a67bb5ba03bdf396b38fcdb760510728937f700a
d625f275ead52b0b3740fc732756a53aa620ecf5af0b79d4e5094dd292e7fe96
df9d59befe3cdcdcb635da58ddbcf2cb780968aae5d8eedb828e1a1ee6ff77f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f6ebff6e8fbaa831eca08ab13f80675e103737a814e5ee3f0d54cc09e51f4
e6f5be3b0b673d35437fd786f930a0e03fb3361f09919841681fb986ea0bcfd0
e89590be51bdcf7b28b7d028f10be05aff19d8062a919d8c5c6b52162990bad6
ebccb57aefb788cec5cca1c6ec2318050c0ff378b8a2a1362248102e8a5c3b5a
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef355ff29a5e65e0a41ae3aaff2d13fef94f38ff30c69090c6f89acb6752e50d
ef404db25db2be8b7b0c5e4e9f61f44d22b55308b24486d8b042e52baef8a2b5
f4596b8f70765ac359440801b4366c45c43dc9d80a0eef302eb98c2536e2a516
f4b3d838fac35e2bab26cdcfb3d24d43a506f527f1876b618021a52c0a0fc755
f7fcd7819c44473cbd40aabdc1295459afceecd0ddb53f73494f7d964a5ee519
fa55d4034609787cfef2b64b76240aacab9e4b0cdb255ce25d78033ec5536e64
fbc9fb5c776718322e4bf5201090fe5d5daf040d9c393c1b11011da1f190347b
fe1fd2390971d20586c515c99cbdf53ed0f3a9e4ddb091222dfafeae3a5eabff