www.tmz.com
2600:9000:214f:6600:b:ee9a:1d00:93a1

Go To Rescan
Add Verdict Report

URL:
https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backl...
Submission: On November 30 via api (November 30th 2022, 1:44:29 pm UTC) from PL — Scanned from DE

Summary HTTP 47 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 47 HTTP transactions. The main IP is 2600:9000:214f:6600:b:ee9a:1d00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.tmz.com. The Cisco Umbrella rank of the primary domain is 35843.
TLS certificate: Issued by Amazon on February 23rd 2022. Valid for: a year.

This is the only time www.tmz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:9000:214... 2600:9000:214f:6600:b:ee9a:1d00:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:205... 2600:9000:2057:ce00:a:ddda:cf00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:d::1737:6ebe	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
15	2a04:4e42:400... 2a04:4e42:400::644	54113 (FASTLY) (FASTLY)
2	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1 3	34.248.30.105 34.248.30.105	16509 (AMAZON-02) (AMAZON-02)
1	3.248.137.172 3.248.137.172	16509 (AMAZON-02) (AMAZON-02)
4	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	54.77.60.152 54.77.60.152	16509 (AMAZON-02) (AMAZON-02)
47	17

2 2600:9000:214f:6600:b:ee9a:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.tmz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2057:ce00:a:ddda:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.tmz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:d::1737:6ebe (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

strike.fox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)

imagez.tmz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

static.foxnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.248.30.105 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-30-105.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.137.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-137-172.eu-west-1.compute.amazonaws.com

fox.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.tmz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.60.152 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-60-152.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	tmz.com www.tmz.com — Cisco Umbrella Rank: 35843 static.tmz.com — Cisco Umbrella Rank: 62718 imagez.tmz.com — Cisco Umbrella Rank: 49686 smetrics.tmz.com — Cisco Umbrella Rank: 62854	1 MB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 251 fox.demdex.net — Cisco Umbrella Rank: 22152	6 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 142 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248	131 KB
2	foxnews.com static.foxnews.com — Cisco Umbrella Rank: 9918	19 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 192	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	161 KB
2	fox.com strike.fox.com — Cisco Umbrella Rank: 17142	150 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1124	517 B
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 1514	501 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84	20 KB
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2321	345 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	27 KB
47	12

	Domain	Requested by
15	imagez.tmz.com	www.tmz.com
8	static.tmz.com	www.tmz.com static.tmz.com
4	smetrics.tmz.com	www.tmz.com
3	dpm.demdex.net	1 redirects
2	static.foxnews.com	strike.fox.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	sb.scorecardresearch.com	www.tmz.com
2	www.googletagmanager.com	www.tmz.com
2	strike.fox.com	www.tmz.com strike.fox.com
2	www.tmz.com	static.tmz.com
1	cm.everesttech.net	1 redirects
1	fox.demdex.net	www.tmz.com
1	www.google.co.uk	www.tmz.com
1	www.google-analytics.com	www.tmz.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagservices.com	www.tmz.com
47	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.tmztour.com
apps.apple.com
play.google.com
www.linkedin.com
instagram.com
itunes.apple.com

Subject Issuer	Validity	Valid
tmz.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
strike.fox.com DigiCert ECC Secure Server CA	`2022-02-19` - `2023-02-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.tmz.com R3	`2022-10-20` - `2023-01-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.foxnews.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.tmz.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-13` - `2023-09-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Frame ID: FC0E04AFED0E251919359BFB8DC5D64D
Requests: 63 HTTP requests in this frame

Frame: https://fox.demdex.net/dest5.html?d_nsid=0
Frame ID: D7DEA228700FECF07771BB176B6C06E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

47
Requests

96 %
HTTPS

65 %
IPv6

12
Domains

17
Subdomains

17
IPs

5
Countries

1968 kB
Transfer

4424 kB
Size

15
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/TMZ
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TMZ
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TMZ
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tmz_tv/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.tmztour.com/
Title: Tours

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id299948601?pt=201436&ct=Mobile%20Menu&mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.rhythmnewmedia.tmz&hl=en_US&gl=US&utm_source=Mobile%20Menu
Title: Google Play

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/careersite/tmz
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/tmz

Search URL Search Domain Scan URL

URL: https://instagram.com/tmz_tv/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/apple-store/id299948601?pt=201436&ct=Footer%20Link&mt=8
Title: Download the TMZ App on the Apple App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.rhythmnewmedia.tmz&referrer=utm_source%3Dtmzfooter%26utm_medium%3Dnative%26utm_campaign%3Dfooter%26anid%3Dadmob
Title: Download the TMZ App on the Google Play Store

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504

Request Chain 59

https://cm.everesttech.net/cm/dd?d_uuid=06043338941043347300065006098973212309 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-

47 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/ 389 KB
391 KB 223ms
175ms Document
text/html 2600:9000:214f:6600:b:ee9a:1d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:6600:b:ee9a:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

511902df92a5c5d2929fc536cafc1eaa432e3a7370511ae3ef43246e2be6c86d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, public, s-maxage=120
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 13:44:29 GMT
link: <https://imagez.tmz.com>; rel="preconnect"; crossorigin="anonymous",<https://static.tmz.com>; rel="preconnect"; crossorigin="anonymous"
referrer-policy: unsafe-url
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: CloudFront-Viewer-Country
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-id: gzi-wYUKg-JSm6NF0qLC7YRS06366nXzRIEnJOA1PA3_P2IdKmcPOA==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-fpc: miss
x-fpc-key: 0ae917b729d1808c6b5c652727aa7f7e6b8459788d5d4effd37283372b16ceb5
x-frame-options: SAMEORIGIN
x-node-ref: tmz:article:32f4793f-256a-43c6-90d5-e17fc33407b3
x-node-updated-at: 1669798858
x-xss-protection: 1; mode=block

GET
H2 200 main.desktop.73842676f4c328c670a5.css
static.tmz.com/tmz-web/client/v3.5/ 782 KB
272 KB 52ms
8ms Stylesheet
text/css 2600:9000:2057:ce00:a:ddda:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Requested by: Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d54f95f3cdb1a8f496fd932d57ba91fbdee0fd8e4498b7edd66a2bf27055820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:07:54 GMT
x-amz-version-id: AGaxM7F5VbHck7U69E0AG.cF9z7EeLI9
content-encoding: gzip
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1096596
x-amz-meta-app-version: 3.5.5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified: Thu, 17 Nov 2022 21:02:26 GMT
server: AmazonS3
etag: W/"933ada21f779d6d207d2c1e421219f54"
vary: Accept-Encoding
content-type: text/css
x-amz-meta-app-build: 15b91a1
cache-control: max-age=31536000
x-amz-meta-app-id: tmz-web
x-amz-cf-id: evBSbS1KU31_2smIF9BkuP6nkxEKsgFyzwYUayymXUuQ4Q43zNPANg==

GET
H2 200 main.desktop.b0a68d90.js Show response
static.tmz.com/tmz-web/client/v3.5/ 534 KB
161 KB 51ms
7ms Script
application/javascript 2600:9000:2057:ce00:a:ddda:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.b0a68d90.js
Requested by: Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9a541b8309a9c98a210d8a2f67b057e91e15337bd7b7bfb80ff99ed53aa20b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:07:54 GMT
x-amz-version-id: bFPEa.tXdq_jAxLaZ48k8VraqKLtxGuV
content-encoding: gzip
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1096596
x-amz-meta-app-version: 3.5.5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-meta-app-deployment-id
last-modified: Thu, 17 Nov 2022 21:02:26 GMT
server: AmazonS3
etag: W/"43fad11f1f7184349c19125c2e8b88a4"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-app-build: 15b91a1
cache-control: max-age=31536000
x-amz-meta-app-id: tmz-web
x-amz-cf-id: zYiySNVzPc9vfLJ5HV5iOil-U7z0t22_hf33Kvj4yy_4VyDkUI9JIg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e8e8c9964a446fba9a9473662b21fae9b3b9b54a391f5d637e5e7e6b426aa5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27287
x-xss-protection: 0
server: sffe
etag: "1407 / 746 of 1000 / last-modified: 1669810420"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Nov 2022 13:44:30 GMT

GET
H2 200 loader.js Show response
strike.fox.com/static/tmz/display/ 26 KB
3 KB 144ms
11ms Script
application/javascript 2a02:26f0:1700:d::1737:6ebe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://strike.fox.com/static/tmz/display/loader.js

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f4596b8f70765ac359440801b4366c45c43dc9d80a0eef302eb98c2536e2a516

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: eQS5Ig.VqH3q8pBnu99jU505LTrS_CcX
content-encoding: gzip
date: Wed, 30 Nov 2022 13:44:30 GMT
strict-transport-security: max-age=15768000 ; preload
x-amz-request-id: 8BYK49C51H17QA72
content-length: 2355
x-amz-id-2: iAktYgIgZ8RAeKeNrUuRK0mNCK92OrwS//EPswJv56S4dGksv19G+jhZtunSN6rswGUl0D5uwDc=
last-modified: Mon, 28 Nov 2022 18:11:30 GMT
server: AmazonS3
etag: "09a5934cfdc36aa5a5918a1b06a0f618"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
accept-ranges: bytes
expires: Wed, 30 Nov 2022 13:54:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 55ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

144a7eca00a40bd37ae2e0658b51423c4914918f392c0034cc5a1c5daf2dab5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77496
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 13:44:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
86 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTN543J&gtm_cookies_win=x

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be274931bfd06793da33557f7e0f099a0ff8b5ccceea5609752a11341f2cd590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87132
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 13:44:30 GMT

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f87e0dcba2abd16cb866b949dd143edfa89dbc536b48a8d612b5a38365a256e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 SourceSansPro-Regular.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/ 13 KB
13 KB 23ms
9ms Font
binary/octet-stream 2600:9000:2057:ce00:a:ddda:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/SourceSansPro-Regular.woff2
Requested by: Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Request headers

Referer: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin: https://www.tmz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:08:04 GMT
x-amz-version-id: S.Vk6c4Pb8E8H6.m_8hjPo_WXe6sP99z
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age: 1096587
x-amz-cf-pop: FRA6-C1
x-amz-meta-app-version: 3.5.5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12960
x-amz-meta-app-deployment-id
last-modified: Thu, 17 Nov 2022 21:02:25 GMT
server: AmazonS3
etag: "967c60da0742e7f2bdfbde13accaf519"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control: max-age=31536000
x-amz-meta-app-build: 15b91a1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id: tmz-web
x-amz-cf-id: RXdYKOKmWu40-l6wC11oUp4EdgfmtIPcPgb-XyqTS6aGnlBEcyOHPA==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bec0ffd165ea083d019c7eaf6751df04c44f23fedf9f003ee93abec9549890e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd8aa6afb1cb32a958af8de7a67bb5ba03bdf396b38fcdb760510728937f700a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7012c52e94ac1bbe1e1b1cd8246e3ef624d303cc53e76a11be2b10a65c0f1119

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef355ff29a5e65e0a41ae3aaff2d13fef94f38ff30c69090c6f89acb6752e50d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7fcd7819c44473cbd40aabdc1295459afceecd0ddb53f73494f7d964a5ee519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 black-webfont.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/proxima-nova-extra-condensed/ 17 KB
18 KB 13ms
13ms Font
binary/octet-stream 2600:9000:2057:ce00:a:ddda:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tmz.com/tmz-web/client/v3.5/fonts/proxima-nova-extra-condensed/black-webfont.woff2
Requested by: Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b36f3075218f2b29c578581c453b28827b8621643878c86bd87aa9f6a1f5082a

Request headers

Referer: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin: https://www.tmz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:07:47 GMT
x-amz-version-id: ZO92ZUpJoGFhCVyyMHtSol_xyM1IhLDU
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age: 1096604
x-amz-cf-pop: FRA6-C1
x-amz-meta-app-version: 3.5.5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17880
x-amz-meta-app-deployment-id
last-modified: Thu, 17 Nov 2022 21:02:25 GMT
server: AmazonS3
etag: "66e7b6660a29694e64c02561f9e14490"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control: max-age=31536000
x-amz-meta-app-build: 15b91a1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id: tmz-web
x-amz-cf-id: HzzSmbw7HWG1MVDHmznXKz4QkenRS68XTWdkPXoi6M_lytTZX9FsGw==

GET
H3 200 Cousine-Regular.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/cousine/ 9 KB
9 KB 11ms
10ms Font
binary/octet-stream 2600:9000:2057:ce00:a:ddda:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tmz.com/tmz-web/client/v3.5/fonts/cousine/Cousine-Regular.woff2
Requested by: Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 498cdc663af8386da9619e180dac64083911a0eda94f0aad30af3195f88f30c3

Request headers

Referer: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin: https://www.tmz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:07:47 GMT
x-amz-version-id: WfZxZ8igEYOI6qhANMsqu.IiKSEiy1R_
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age: 1096604
x-amz-cf-pop: FRA6-C1
x-amz-meta-app-version: 3.5.5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 8748
x-amz-meta-app-deployment-id
last-modified: Thu, 17 Nov 2022 21:02:25 GMT
server: AmazonS3
etag: "c417ddf1b447836f9e8274339f6dfaeb"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control: max-age=31536000
x-amz-meta-app-build: 15b91a1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id: tmz-web
x-amz-cf-id: STyvqjmHymlEuZy7jn5INAmdnI3Htd-k2cNgEQ0gaASx62YWnb_F0w==

GET
DATA 200
OK truncated
/ 968 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a94387ee27cfd20bff92b62976e9664f14abe8b1c09c81d49f18de24a2324bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 604 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4770f1d988a9ee981ecf5db15f5aa20f166bdbe225f4466715c2da29b938171d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 SourceSansPro-Bold.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/ 12 KB
13 KB 10ms
10ms Font
binary/octet-stream 2600:9000:2057:ce00:a:ddda:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/SourceSansPro-Bold.woff2
Requested by: Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085

Request headers

Referer: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin: https://www.tmz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:08:04 GMT
x-amz-version-id: R5C3TFKvm82QdYMlUiVJgB7vfE2_E8NT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age: 1096587
x-amz-cf-pop: FRA6-C1
x-amz-meta-app-version: 3.5.5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12600
x-amz-meta-app-deployment-id
last-modified: Thu, 17 Nov 2022 21:02:25 GMT
server: AmazonS3
etag: "35c8f8dfc61f476426607c74422b7d17"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control: max-age=31536000
x-amz-meta-app-build: 15b91a1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id: tmz-web
x-amz-cf-id: UMf4tJN3_pnlvJaKcUZL71PFXgezuUeaMHf99r2XFIHo23B97bes-Q==

GET
H3 200 SourceSansPro-Semibold.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/ 11 KB
12 KB 10ms
10ms Font
binary/octet-stream 2600:9000:2057:ce00:a:ddda:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/SourceSansPro-Semibold.woff2
Requested by: Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 115ea8ccc77135e889658e3922a3ce4747db8cd8a9ffc82286d4b48c771c4da0

Request headers

Referer: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin: https://www.tmz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:08:04 GMT
x-amz-version-id: Ulvif4v6MaYaiA6aStneLxqOr8Csx9nk
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age: 1096587
x-amz-cf-pop: FRA6-C1
x-amz-meta-app-version: 3.5.5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11256
x-amz-meta-app-deployment-id
last-modified: Thu, 17 Nov 2022 21:02:25 GMT
server: AmazonS3
etag: "e80eefb2e693f982ade7d2f9c41c59ea"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control: max-age=31536000
x-amz-meta-app-build: 15b91a1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id: tmz-web
x-amz-cf-id: MxO-h8f9golRBvDPoTyT4i8NrlV_deQLPoc9X4KPpgamxrptqscrIQ==

GET
H2 200 57a5c0a1cda7439fb88332eb9451cf02_xs.jpg
imagez.tmz.com/image/57/16by9/2022/11/29/ 7 KB
7 KB 559ms
176ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/57/16by9/2022/11/29/57a5c0a1cda7439fb88332eb9451cf02_xs.jpg

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a65b248a606ee896694873795575b70e93e0c7c5377a666ca982f60c03e44c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 cd3b189d4dff15bd0a2ccf14f97ffda2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 76780
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=542509 idim=1200x900 ifmt=jpeg ofsz=6960 odim=300x169 ofmt=webp
fastly-stats: io=1
content-length: 6960
x-served-by: cache-iad-kcgs7200145-IAD, cache-bog2260035-BOG
x-timer: S1669815871.659836,VS0,VE0
etag: "nCLHbEBb5hQYqkI04xGdSpvcxJFpYr/J5kfxGJS7ySo"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 63, 4

GET
H2 200 d5413a24c04e437bab11790909d8bf58_xs.jpg
imagez.tmz.com/image/d5/16by9/2022/11/29/ 14 KB
15 KB 558ms
176ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/d5/16by9/2022/11/29/d5413a24c04e437bab11790909d8bf58_xs.jpg

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ef404db25db2be8b7b0c5e4e9f61f44d22b55308b24486d8b042e52baef8a2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 70048
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=139547 idim=700x397 ifmt=jpeg ofsz=14352 odim=300x169 ofmt=webp
fastly-stats: io=1
content-length: 14352
x-served-by: cache-iad-kcgs7200050-IAD, cache-bog2260035-BOG
x-timer: S1669815871.659845,VS0,VE0
etag: "Ph4sSfKfEy1emDs/g3aq3nqK5fqyQF2e8ah7Zi7Y/Q0"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 80, 3

GET
H2 200 e40e2ff265914bc9820eb814f403c25b_xs.png
imagez.tmz.com/image/e4/16by9/2022/11/29/ 39 KB
39 KB 755ms
372ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/e4/16by9/2022/11/29/e40e2ff265914bc9820eb814f403c25b_xs.png

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d625f275ead52b0b3740fc732756a53aa620ecf5af0b79d4e5094dd292e7fe96

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 795fca0399f361701665c0d9fab45324.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 48817
x-cache: Hit from cloudfront, HIT, HIT
fastly-io-info: ifsz=400927 idim=1200x900 ifmt=png ofsz=39666 odim=300x169 ofmt=webp
fastly-stats: io=1
content-length: 39666
x-served-by: cache-iad-kcgs7200044-IAD, cache-bog2260035-BOG
x-timer: S1669815871.660558,VS0,VE1
etag: "9y1DD6u5iBCXMnDnL5ZctX1jLG86EwIsllkzq2Jsok0"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 86, 1

GET
H2 200 c89e39eb376d442fabcf9a1913a2a5c0_xs.jpg
imagez.tmz.com/image/c8/16by9/2022/11/29/ 16 KB
16 KB 754ms
372ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/c8/16by9/2022/11/29/c89e39eb376d442fabcf9a1913a2a5c0_xs.jpg

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

188443415e8991f998cb10a0d9014f5d5d78b72d1e106ed0093fc6032dcf2abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 17d601c1a37e4e7f1ee73eac5ce62cf4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 69707
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=159314 idim=700x397 ifmt=jpeg ofsz=16390 odim=300x169 ofmt=webp
fastly-stats: io=1
content-length: 16390
x-served-by: cache-iad-kiad7000086-IAD, cache-bog2260035-BOG
x-timer: S1669815871.660497,VS0,VE0
etag: "wG2QdEhoY80cGl6nqD4u4/1TPNBqUx1ksVBr8CIcr+Y"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 105, 3

GET
H2 200 fe1919f2f23244db941c4d434d9d5e14_xs.png
imagez.tmz.com/image/fe/16by9/2022/11/29/ 65 KB
65 KB 753ms
372ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/fe/16by9/2022/11/29/fe1919f2f23244db941c4d434d9d5e14_xs.png

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4888de9727a5eff309b0da178876456cd57adec176daa97f988d1167e88031dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 51538
x-cache: Miss from cloudfront, MISS, HIT
fastly-io-info: ifsz=569722 idim=1200x900 ifmt=png ofsz=66240 odim=300x169 ofmt=webp
fastly-stats: io=1
content-length: 66240
x-served-by: cache-iad-kcgs7200065-IAD, cache-bog2260035-BOG
x-timer: S1669815871.660075,VS0,VE1
etag: "vGcuNxc9G3QJCRPPvDgOBQiTn6uEbAjVoNz7QcdV+ik"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 0, 86

GET
DATA 200
OK truncated
/ 1017 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df9d59befe3cdcdcb635da58ddbcf2cb780968aae5d8eedb828e1a1ee6ff77f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 309 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23aa2477d57f3c5e361191e56e891751ecebb1e90fbf4bbce66316d21f6d321e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 SourceSansPro-Black.woff2
static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/ 12 KB
12 KB 9ms
8ms Font
binary/octet-stream 2600:9000:2057:ce00:a:ddda:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.tmz.com/tmz-web/client/v3.5/fonts/sourcesanspro/SourceSansPro-Black.woff2
Requested by: Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2057:ce00:a:ddda:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe1fd2390971d20586c515c99cbdf53ed0f3a9e4ddb091222dfafeae3a5eabff

Request headers

Referer: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.73842676f4c328c670a5.css
Origin: https://www.tmz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 21:08:11 GMT
x-amz-version-id: nV3aSYxeb36VMTceJ5ByckXcWpUS2JDI
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
age: 1096580
x-amz-cf-pop: FRA6-C1
x-amz-meta-app-version: 3.5.5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12148
x-amz-meta-app-deployment-id
last-modified: Thu, 17 Nov 2022 21:02:25 GMT
server: AmazonS3
etag: "435f7b2523c3412a713b3560e07e5f72"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Type, ETag, x-amz-meta-app-id, x-amz-meta-app-version, x-amz-meta-app-build, x-amz-meta-app-deployment-id
cache-control: max-age=31536000
x-amz-meta-app-build: 15b91a1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-meta-app-id: tmz-web
x-amz-cf-id: XVCyMU9jTGqDA2q3s1GgJ1I7ceGPZuYkZza8U5G6xH9NBFWIiOXLAA==

GET
H2 200 ab13676869ef47a5b48366b60e9eb3f7_md.jpg
imagez.tmz.com/image/ab/4by3/2022/11/29/ 57 KB
57 KB 561ms
211ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/ab/4by3/2022/11/29/ab13676869ef47a5b48366b60e9eb3f7_md.jpg

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

875a1c49674ff80c8b511c4853f7321c13a9a88f45eff5356c42384f28625175

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 2e8c2e7cad8a51072f754f4edb4b5714.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 54656
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=592116 idim=1200x900 ifmt=jpeg ofsz=58020 odim=728x546 ofmt=webp
fastly-stats: io=1
content-length: 58020
x-served-by: cache-iad-kiad7000173-IAD, cache-bog2260035-BOG
x-timer: S1669815871.660070,VS0,VE0
etag: "ECWwdUxHANQF0rDp2dw4q9vvQkEDkzAbwaerClJEnCM"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 107, 3

GET
H2 200 057da00fd83d47ff85a59298cb779180_md.jpg
imagez.tmz.com/image/05/4by3/2022/11/29/ 25 KB
25 KB 363ms
362ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/05/4by3/2022/11/29/057da00fd83d47ff85a59298cb779180_md.jpg

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e89590be51bdcf7b28b7d028f10be05aff19d8062a919d8c5c6b52162990bad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 2159b07a5dc01058f6b0620d8e160fea.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 55597
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=386411 idim=1200x900 ifmt=jpeg ofsz=25422 odim=728x546 ofmt=webp
fastly-stats: io=1
content-length: 25422
x-served-by: cache-iad-kcgs7200173-IAD, cache-bog2260035-BOG
x-timer: S1669815871.671604,VS0,VE0
etag: "3kMjs8kBkPtwD4OE5QmHWVDAWvpbmvmiQg00KIC2hKg"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 107, 3

GET
H2 200 01cf92b507814cb294e6e0048d2e1a90_xxs.png
imagez.tmz.com/image/01/1by1/2022/11/15/ 23 KB
23 KB 363ms
362ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/01/1by1/2022/11/15/01cf92b507814cb294e6e0048d2e1a90_xxs.png

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b6c7de739d39cb6ee98ca7bdb101ca6f222d8355c1a4ef4166523b0c428c7e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 223385
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=1842542 idim=1200x900 ifmt=png ofsz=23554 odim=125x125 ofmt=webp
fastly-stats: io=1
content-length: 23554
x-served-by: cache-iad-kjyo7100023-IAD, cache-bog2260035-BOG
x-timer: S1669815871.671590,VS0,VE0
etag: "lCV6V0Q2934pRVlX44AXatEGTFHTyN0jsgBJBa7ZS78"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 122, 8

GET
H2 200 412c134bd59e437fadcda8a5a7fc78bf_md.jpg
imagez.tmz.com/image/41/4by3/2022/11/24/ 62 KB
62 KB 366ms
366ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/41/4by3/2022/11/24/412c134bd59e437fadcda8a5a7fc78bf_md.jpg

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fa55d4034609787cfef2b64b76240aacab9e4b0cdb255ce25d78033ec5536e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 516194
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=590790 idim=1200x900 ifmt=jpeg ofsz=63486 odim=728x546 ofmt=webp
fastly-stats: io=1
content-length: 63486
x-served-by: cache-iad-kiad7000151-IAD, cache-bog2260035-BOG
x-timer: S1669815871.836296,VS0,VE0
etag: "Wuyfk9Xi5TiumfTow1YHRVvS1CxGbRujjZA0cTHgDVs"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 5291, 4

GET
H2 200 124838206fc745d3b5fce83505048b89_xs.jpg
imagez.tmz.com/image/12/16by9/2022/11/26/ 10 KB
11 KB 366ms
365ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/12/16by9/2022/11/26/124838206fc745d3b5fce83505048b89_xs.jpg

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c9fa4f8032a53ae19f17d3acd80de773e1b357d9360dcaf37542895c175dac81

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 c5bb940b2890383b4ca2d8b74b68699a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 313298
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=274758 idim=1200x900 ifmt=jpeg ofsz=10652 odim=300x169 ofmt=webp
fastly-stats: io=1
content-length: 10652
x-served-by: cache-iad-kcgs7200026-IAD, cache-bog2260035-BOG
x-timer: S1669815871.835744,VS0,VE0
etag: "0Gq2C3a4KlQeu/7hcpfjE8tBHi5TUD+q2CGoada8oZM"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 68, 381

GET
H2 200 86045e8c759f482e869a803fd37a30c5_xs.jpg
imagez.tmz.com/image/86/16by9/2021/10/03/ 4 KB
5 KB 363ms
362ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/86/16by9/2021/10/03/86045e8c759f482e869a803fd37a30c5_xs.jpg

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

918be1459c6e2b7f56a69b4fea6daec0a395623d26e7ac692b3464c2a2f36c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 28601bc57104f7fc6c8886bc07b5e7bc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 1873764
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=409681 idim=1200x900 ifmt=jpeg ofsz=4550 odim=300x169 ofmt=webp
fastly-stats: io=1
content-length: 4550
x-served-by: cache-iad-kjyo7100160-IAD, cache-bog2260035-BOG
x-timer: S1669815871.835729,VS0,VE0
etag: "1umBmHBp7Du2AakFyw1qMCDxFAS8qqNGiHnCAY/V0lU"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 117, 3

GET
DATA 200
OK truncated
/ 309 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 885986bfdfa66051cdd230317d32e32825bfc0555028dbfb4c7b0cf8ffe62f32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 127 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f5edf0a6fa9c455c21ce1d529e63ae18bf76aced3f563ce0457af25bea55f40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 468 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18db706e6d0a4507c3931ad24000f6e1049c8b15f1e8378965d21a2bc33fa1e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33b376131cb7d939491f5112b411e6cd804c1d003810a388e9217af1122f4e35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6f5be3b0b673d35437fd786f930a0e03fb3361f09919841681fb986ea0bcfd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4b3d838fac35e2bab26cdcfb3d24d43a506f527f1876b618021a52c0a0fc755

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 45ms
8ms Script
application/javascript 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 13:45:34 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 86337
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 4vRpPEMSUGLXpWxndqJA9eQWcm7xVKOW_os1aPmz0FM_UwQlcdbboA==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
345 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NCN9V8PMQF&gtm=2oebs0&_p=1536333135&_gaz=1&cid=2125111719.1669815870&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669815870&sct=1&seg=0&dl=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&dt=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 13:44:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tmz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
345 B 52ms
17ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NCN9V8PMQF&cid=2125111719.1669815870&gtm=2oebs0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCN9V8PMQF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 13:44:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tmz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 13:24:43 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1187
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 30 Nov 2022 15:24:43 GMT

GET
H3 200 sidebar.json Show response
www.tmz.com/_/promotion/news-sidebar/ 147 KB
148 KB 23ms
11ms Fetch
application/json 2600:9000:214f:6600:b:ee9a:1d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tmz.com/_/promotion/news-sidebar/sidebar.json

Requested by

Host: static.tmz.com
URL: https://static.tmz.com/tmz-web/client/v3.5/main.desktop.b0a68d90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:214f:6600:b:ee9a:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

04ba07a3779e487247d64a0ba5df072138949a702cbc47b8ee09b8cad2190629

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:42:47 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
age: 103
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
server: Apache
x-fpc-key: 84988ea07d915ab597f19d0c3afb9b79d60d44a751183df4f5384ab8eb95f6dd
x-frame-options: SAMEORIGIN
vary: CloudFront-Viewer-Country
content-type: application/json
cache-control: max-age=304, public, s-maxage=304
x-robots-tag: noindex
x-fpc: miss
x-amz-cf-id: 7O4Nf9QKBWFulK19Pix0-BSb8c6T4kOZ5pPaBhfJtjIDHHr2JVFNLg==

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 62ms
37ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NCN9V8PMQF&cid=2125111719.1669815870&gtm=2oebs0&aip=1&z=2105449904

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 13:44:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Nov 2023 13:09:15 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 428 B
800 B 64ms
42ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tmz.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e58f6ebff6e8fbaa831eca08ab13f80675e103737a814e5ee3f0d54cc09e51f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164
x-xss-protection: 0
expires: Wed, 30 Nov 2022 13:44:30 GMT

GET
H2 200 app.v84.js Show response
strike.fox.com/static/tmz/display/ver/ 982 KB
147 KB 29ms
28ms Script
application/javascript 2a02:26f0:1700:d::1737:6ebe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://strike.fox.com/static/tmz/display/ver/app.v84.js

Requested by

Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:d::1737:6ebe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0dbe80906b65b8ffb777e6fd51da0f5a74eb1cbc8f282530fa3a441eeff32dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: p.oemVt1mBZenOYaU0z1g6jap83RqF9V
content-encoding: gzip
date: Wed, 30 Nov 2022 13:44:30 GMT
strict-transport-security: max-age=15768000 ; preload
x-amz-request-id: NMWXCQQW1T5BETHG
x-amz-id-2: fcHmhREYVqAdEyHA4JxeiTcqKFNZXxONdfnW7mn6CRwM/KZk55hIkuckNY3aKxv+adxIjnIVwps=
last-modified: Mon, 28 Nov 2022 18:11:30 GMT
server: AmazonS3
etag: "a72d09774058b0b6fd822d4e8ac16cd7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600
accept-ranges: bytes
expires: Wed, 30 Nov 2022 13:54:30 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
189 B 10ms
9ms Image
text/plain 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3000013&cs_ucfr=0&cs_it=b3&cv=3.8.0.210223&ns__t=1669815870408&ns_c=UTF-8&c7=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&c8=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&c9=
Requested by: Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -5ai3UXGwTV8JUcYW9vgJfQCbZkR-5mh_6XjDFJbM_D6xHqjaPzOZA==
x-cache: Miss from cloudfront

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbc9fb5c776718322e4bf5201090fe5d5daf040d9c393c1b11011da1f190347b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 01cf92b507814cb294e6e0048d2e1a90_xxs.png
imagez.tmz.com/image/01/4by3/2022/11/15/ 17 KB
18 KB 363ms
363ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/01/4by3/2022/11/15/01cf92b507814cb294e6e0048d2e1a90_xxs.png

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18588d2387972bde966c4697995fe564454d2939ab80c5b170fbb0eac3634b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 4715507645a6516d2df35cd342cb5be0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 129113
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=1842542 idim=1200x900 ifmt=png ofsz=17506 odim=125x94 ofmt=webp
fastly-stats: io=1
content-length: 17506
x-served-by: cache-iad-kjyo7100023-IAD, cache-bog2260035-BOG
x-timer: S1669815871.835747,VS0,VE0
etag: "ve8V8dFkGhkQ11YMnxWpwK1A9d9yKGlzhY+zfM5sjBE"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 30, 2

GET
H2 200 6088406dea98462fb3e127104d0bde91_xxs.png
imagez.tmz.com/image/60/4by3/2022/11/27/ 15 KB
15 KB 367ms
366ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/60/4by3/2022/11/27/6088406dea98462fb3e127104d0bde91_xxs.png

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca5a32846cac806920c1094d4450e0369d7e33c2719356471e99076206683709

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 243809
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=731398 idim=1200x900 ifmt=png ofsz=15440 odim=125x94 ofmt=webp
fastly-stats: io=1
content-length: 15440
x-served-by: cache-iad-kiad7000038-IAD, cache-bog2260035-BOG
x-timer: S1669815871.835700,VS0,VE1
etag: "4PaT6yE9/pYo13HriDcSjDaOPfNsQtF0W8B3WEuRTyE"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 72, 1

GET
H2 200 52b1ba80edb54db0b0c88dd0fc9a1004_xxs.png
imagez.tmz.com/image/52/4by3/2022/11/29/ 19 KB
19 KB 366ms
366ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/52/4by3/2022/11/29/52b1ba80edb54db0b0c88dd0fc9a1004_xxs.png

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ebccb57aefb788cec5cca1c6ec2318050c0ff378b8a2a1362248102e8a5c3b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 b3e6aa6408d9b27acff39fa80612846a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 77547
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=1188807 idim=1200x900 ifmt=png ofsz=19360 odim=125x94 ofmt=webp
fastly-stats: io=1
content-length: 19360
x-served-by: cache-iad-kjyo7100091-IAD, cache-bog2260035-BOG
x-timer: S1669815871.835689,VS0,VE1
etag: "rcwkR5JFTcaGcnTZuSG+opOs2FkuvqRQABLuR+iuifs"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 124, 1

GET
H2 200 23d608d28aa149b3acb909ab91a79515_xxs.png
imagez.tmz.com/image/23/4by3/2022/11/28/ 23 KB
23 KB 366ms
365ms Image
image/webp 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagez.tmz.com/image/23/4by3/2022/11/28/23d608d28aa149b3acb909ab91a79515_xxs.png

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b1920de40914bc145251834621741e07e76d43e49481a21b9450c846f6237d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 139322
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=604051 idim=1200x900 ifmt=png ofsz=23650 odim=125x94 ofmt=webp
fastly-stats: io=1
content-length: 23650
x-served-by: cache-iad-kcgs7200058-IAD, cache-bog2260035-BOG
x-timer: S1669815871.835680,VS0,VE0
etag: "F4gTnBV2LyVKz5c9p9UNee1sxjIBZwWPyqbf/iMwYxY"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000, public
access-control-allow-credentials: false
vary: Accept
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 329, 2

GET
H2 200 geo.js Show response
static.foxnews.com/static/orion/scripts/core/utils/ 5 KB
5 KB 107ms
30ms Script
text/plain 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.foxnews.com/static/orion/scripts/core/utils/geo.js?cb=1669815870458&v=v84

Requested by

Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d011bb2cd622a1ec295f6a23f0a0e86d67f87acb0532b3e4337e86b9cc5f46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by: cache-hhn4055-HHN
date: Wed, 30 Nov 2022 13:44:30 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST
x-cache: HIT
access-control-allow-origin: *
cache-control: public, max-age=600
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5164
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504

362 B
1 KB

119ms
119ms

XHR
application/json

34.248.30.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504

Protocol

HTTP/1.1

Server

34.248.30.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-30-105.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0bd9552a2c654d1cca8e9195b6ebfd6119a4538faec2cee558cb0e0593352a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-06ebc79ba.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: M9pBAajYTx4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.tmz.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 306
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-0a888e68a.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: D/9Sju6lSi0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.tmz.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&d_nsid=0&ts=1669815870504
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 lodash.js Show response
static.foxnews.com/static/strike/scripts/libs/ 37 KB
13 KB 9ms
8ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.foxnews.com/static/strike/scripts/libs/lodash.js?v=v84

Requested by

Host: strike.fox.com
URL: https://strike.fox.com/static/tmz/display/ver/app.v84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

695f451e4fc7dcd1cf77c4bb26f4b8bfd64dcee1b35f7f131d08bd0017044064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 72819
x-cache: HIT, HIT
content-length: 13367
x-served-by: cache-iad-kiad7000029-IAD, cache-hhn4055-HHN
last-modified: Tue, 15 Nov 2022 21:13:16 GMT
x-timer: S1669815871.579736,VS0,VE1
etag: "e5b73a0c7c56d44909a07f7f0cd37c3d"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
x-debug-path: /static/strike/scripts/libs/lodash.js
access-control-allow-headers: *
x-cache-hits: 1, 30

GET
H/1.1 200
OK dest5.html Show response
fox.demdex.net/ Frame D7DE 7 KB
3 KB 560ms
152ms Document
text/html 3.248.137.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fox.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.137.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-137-172.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bhf+kzgkS8o=
content-encoding: gzip
date: Wed, 30 Nov 2022 13:44:31 GMT
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.tmz.com/ 48 B
455 B 660ms
247ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.tmz.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&mid=00853450629233735470696580386397418740&ts=1669815871131

Requested by

Host: www.tmz.com
URL: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a7334889d220f7f70d2c8d599509a347b12f17e5dc70c35fbdbde531598aa6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 30 Nov 2022 13:44:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.tmz.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=06043338941043347300065006098973212309
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-

42 B
942 B

116ms
116ms

Image
image/gif

34.248.30.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-

Protocol

HTTP/1.1

Server

34.248.30.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-30-105.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6paqI58zSkc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4dePwAAAKpZxAN-
Date: Wed, 30 Nov 2022 13:44:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s25471027606283
smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/ 43 B
311 B 166ms
165ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/s25471027606283?AQB=1&ndh=1&pf=1&t=30%2F10%2F2022%2013%3A44%3A31%203%200&mid=00853450629233735470696580386397418740&aamlh=6&ce=UTF-8&cdp=3&pageName=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&g=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&cc=USD&v0=share-tw&events=event6%2Cevent3%3D321&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=tmz-web&v1=tmz-web&c2=article&v2=article&c3=news&v3=news&c5=legal&v5=legal&c6=n%2Fa&v6=n%2Fa&c7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&v7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&c13=321&v13=321&c14=n%2Fa&v14=n%2Fa&c15=5%3A00AM&v15=5%3A00AM&c16=Wednesday&v16=Wednesday&c17=Weekday&v17=Weekday&c18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&v18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&c20=9%3A00AM&v20=9%3A00AM&c21=Wednesday&v21=Wednesday&c22=Weekday&v22=Weekday&c23=2022-11-30T09%3A00%3A58.896Z&v23=2022-11-30T09%3A00%3A58.896Z&c27=New&v27=New&c34=desktop&v34=desktop&c43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&v43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&c44=32f4793f-256a-43c6-90d5-e17fc33407b3&v44=32f4793f-256a-43c6-90d5-e17fc33407b3&c45=share-tw&v45=share-tw&c51=9%3A00AM&v51=9%3A00AM&c52=Wednesday&v52=Wednesday&c53=Weekday&v53=Weekday&c54=2022-11-30T09%3A00%3A44.000Z&v54=2022-11-30T09%3A00%3A44.000Z&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 13:44:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 01 Dec 2022 13:44:31 GMT
server: jag
etag: 3585902279363297280-4619635397719159181
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 29 Nov 2022 13:44:31 GMT

GET
H2 200 s28656928944118
smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/ 43 B
299 B 167ms
166ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/s28656928944118?AQB=1&ndh=1&pf=1&t=30%2F10%2F2022%2013%3A44%3A31%203%200&mid=00853450629233735470696580386397418740&aamlh=6&ce=UTF-8&cdp=3&pageName=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&g=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&cc=USD&events=event15%3D389.29999923706055%2Cevent3%3D321&c1=tmz-web&v1=tmz-web&c2=article&v2=article&c3=news&v3=news&c5=legal&v5=legal&c6=n%2Fa&v6=n%2Fa&c7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&v7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&c13=321&v13=321&c14=n%2Fa&v14=n%2Fa&c18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&v18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&c20=9%3A00AM&v20=9%3A00AM&c21=Wednesday&v21=Wednesday&c22=Weekday&v22=Weekday&c23=2022-11-30T09%3A00%3A58.896Z&v23=2022-11-30T09%3A00%3A58.896Z&c34=desktop&v34=desktop&c43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&v43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&c44=32f4793f-256a-43c6-90d5-e17fc33407b3&v44=32f4793f-256a-43c6-90d5-e17fc33407b3&c51=9%3A00AM&v51=9%3A00AM&c52=Wednesday&v52=Wednesday&c53=Weekday&v53=Weekday&c54=2022-11-30T09%3A00%3A44.000Z&v54=2022-11-30T09%3A00%3A44.000Z&c60=389.29999923706055&v60=389.29999923706055&pe=lnk_o&pev2=track%20web%20vitals&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 13:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 01 Dec 2022 13:44:32 GMT
server: jag
etag: 3585902282409902080-4619785848807051914
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 29 Nov 2022 13:44:32 GMT

GET
H2 200 s26074066193462
smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/ 43 B
231 B 235ms
235ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.tmz.com/b/ss/wbrostmz/1/JS-2.19.0/s26074066193462?AQB=1&ndh=1&pf=1&t=30%2F10%2F2022%2013%3A44%3A31%203%200&mid=00853450629233735470696580386397418740&aamlh=6&ce=UTF-8&cdp=3&pageName=Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim&g=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F%3Fadid%3Dshare-tw&cc=USD&events=event16%3D223.39999961853027%2Cevent3%3D321&c1=tmz-web&v1=tmz-web&c2=article&v2=article&c3=news&v3=news&c5=legal&v5=legal&c6=n%2Fa&v6=n%2Fa&c7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&v7=money%2C%20fashion%2C%20exclusive%2C%20fairly-legal&c13=321&v13=321&c14=n%2Fa&v14=n%2Fa&c18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&v18=https%3A%2F%2Fwww.tmz.com%2F2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash%2F&c20=9%3A00AM&v20=9%3A00AM&c21=Wednesday&v21=Wednesday&c22=Weekday&v22=Weekday&c23=2022-11-30T09%3A00%3A58.896Z&v23=2022-11-30T09%3A00%3A58.896Z&c34=desktop&v34=desktop&c43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&v43=2022%2F11%2F30%2Fbalenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash&c44=32f4793f-256a-43c6-90d5-e17fc33407b3&v44=32f4793f-256a-43c6-90d5-e17fc33407b3&c51=9%3A00AM&v51=9%3A00AM&c52=Wednesday&v52=Wednesday&c53=Weekday&v53=Weekday&c54=2022-11-30T09%3A00%3A44.000Z&v54=2022-11-30T09%3A00%3A44.000Z&c61=223.39999961853027&v61=223.39999961853027&pe=lnk_o&pev2=track%20web%20vitals&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=69AD1D725DDBE4560A495ECF%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tmz.com/2022/11/30/balenciaga-attack-production-company-distract-source-north-six-sue-ads-children-backlash/?adid=share-tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 13:44:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 01 Dec 2022 13:44:32 GMT
server: jag
etag: 3585902281968779264-4619364857646252756
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 29 Nov 2022 13:44:32 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tmz.com/	1970-01-20 17:26:15	Name: _ga_NCN9V8PMQF Value: GS1.1.1669815870.1.0.1669815870.60.0.0
.tmz.com/	1970-01-20 17:26:15	Name: _ga Value: GA1.2.2125111719.1669815870
.tmz.com/	1970-01-20 07:51:42	Name: _gid Value: GA1.2.187454983.1669815870
www.tmz.com/	1970-01-20 07:51:42	Name: FXN_flk Value: 1
.demdex.net/	1970-01-20 12:09:27	Name: demdex Value: 06043338941043347300065006098973212309
.tmz.com/	1969-12-31 23:59:59	Name: AMCVS_69AD1D725DDBE4560A495ECF%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 16:35:51	Name: everest_g_v2 Value: g_surferid~Y4dePwAAAKpZxAN-
.dpm.demdex.net/	1970-01-20 12:09:27	Name: dpm Value: 06043338941043347300065006098973212309
.tmz.com/	1970-01-20 17:26:15	Name: s_ecid Value: MCMID%7C00853450629233735470696580386397418740
.tmz.com/	1970-01-20 17:26:15	Name: AMCV_69AD1D725DDBE4560A495ECF%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19327%7CMCMID%7C00853450629233735470696580386397418740%7CMCAAMLH-1670420671%7C6%7CMCAAMB-1670420671%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1669823071s%7CNONE%7CMCSYNCSOP%7C411-19334%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.www.tmz.com/	1969-12-31 23:59:59	Name: s_campaign Value: share-tw
.www.tmz.com/	1970-01-20 07:50:17	Name: s_ppn Value: Balenciaga%20Attacking%20Marketing%20Agency%20to%20Deflect%20Mistakes%2C%20Sources%20Claim
.www.tmz.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.www.tmz.com/	1970-01-20 08:33:27	Name: s_nrv Value: 1669815871803-New
.smetrics.tmz.com/	1970-01-20 17:26:15	Name: s_ecid Value: MCMID%7C00853450629233735470696580386397418740

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
dpm.demdex.net
fox.demdex.net
imagez.tmz.com
region1.analytics.google.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smetrics.tmz.com
static.foxnews.com
static.tmz.com
stats.g.doubleclick.net
strike.fox.com
www.google-analytics.com
www.google.co.uk
www.googletagmanager.com
www.googletagservices.com
www.tmz.com
15.188.95.229
151.101.130.132
2001:4860:4802:32::36
2600:9000:2057:ce00:a:ddda:cf00:93a1
2600:9000:214f:6600:b:ee9a:1d00:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c0c::9d
2a02:26f0:1700:d::1737:6ebe
2a04:4e42:400::644
3.248.137.172
34.248.30.105
54.77.60.152
99.86.4.32
04ba07a3779e487247d64a0ba5df072138949a702cbc47b8ee09b8cad2190629
0bd9552a2c654d1cca8e9195b6ebfd6119a4538faec2cee558cb0e0593352a8c
0d54f95f3cdb1a8f496fd932d57ba91fbdee0fd8e4498b7edd66a2bf27055820
115ea8ccc77135e889658e3922a3ce4747db8cd8a9ffc82286d4b48c771c4da0
144a7eca00a40bd37ae2e0658b51423c4914918f392c0034cc5a1c5daf2dab5c
18588d2387972bde966c4697995fe564454d2939ab80c5b170fbb0eac3634b89
188443415e8991f998cb10a0d9014f5d5d78b72d1e106ed0093fc6032dcf2abd
18db706e6d0a4507c3931ad24000f6e1049c8b15f1e8378965d21a2bc33fa1e9
1d011bb2cd622a1ec295f6a23f0a0e86d67f87acb0532b3e4337e86b9cc5f46b
23aa2477d57f3c5e361191e56e891751ecebb1e90fbf4bbce66316d21f6d321e
33b376131cb7d939491f5112b411e6cd804c1d003810a388e9217af1122f4e35
3e8e8c9964a446fba9a9473662b21fae9b3b9b54a391f5d637e5e7e6b426aa5d
3f5edf0a6fa9c455c21ce1d529e63ae18bf76aced3f563ce0457af25bea55f40
4770f1d988a9ee981ecf5db15f5aa20f166bdbe225f4466715c2da29b938171d
4888de9727a5eff309b0da178876456cd57adec176daa97f988d1167e88031dd
498cdc663af8386da9619e180dac64083911a0eda94f0aad30af3195f88f30c3
511902df92a5c5d2929fc536cafc1eaa432e3a7370511ae3ef43246e2be6c86d
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
695f451e4fc7dcd1cf77c4bb26f4b8bfd64dcee1b35f7f131d08bd0017044064
7012c52e94ac1bbe1e1b1cd8246e3ef624d303cc53e76a11be2b10a65c0f1119
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
875a1c49674ff80c8b511c4853f7321c13a9a88f45eff5356c42384f28625175
885986bfdfa66051cdd230317d32e32825bfc0555028dbfb4c7b0cf8ffe62f32
8a94387ee27cfd20bff92b62976e9664f14abe8b1c09c81d49f18de24a2324bf
918be1459c6e2b7f56a69b4fea6daec0a395623d26e7ac692b3464c2a2f36c85
9f87e0dcba2abd16cb866b949dd143edfa89dbc536b48a8d612b5a38365a256e
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
a0dbe80906b65b8ffb777e6fd51da0f5a74eb1cbc8f282530fa3a441eeff32dc
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a65b248a606ee896694873795575b70e93e0c7c5377a666ca982f60c03e44c01
a7334889d220f7f70d2c8d599509a347b12f17e5dc70c35fbdbde531598aa6ad
b1920de40914bc145251834621741e07e76d43e49481a21b9450c846f6237d50
b36f3075218f2b29c578581c453b28827b8621643878c86bd87aa9f6a1f5082a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6c7de739d39cb6ee98ca7bdb101ca6f222d8355c1a4ef4166523b0c428c7e33
b9a541b8309a9c98a210d8a2f67b057e91e15337bd7b7bfb80ff99ed53aa20b1
be274931bfd06793da33557f7e0f099a0ff8b5ccceea5609752a11341f2cd590
bec0ffd165ea083d019c7eaf6751df04c44f23fedf9f003ee93abec9549890e1
c9fa4f8032a53ae19f17d3acd80de773e1b357d9360dcaf37542895c175dac81
ca5a32846cac806920c1094d4450e0369d7e33c2719356471e99076206683709
cd8aa6afb1cb32a958af8de7a67bb5ba03bdf396b38fcdb760510728937f700a
d625f275ead52b0b3740fc732756a53aa620ecf5af0b79d4e5094dd292e7fe96
df9d59befe3cdcdcb635da58ddbcf2cb780968aae5d8eedb828e1a1ee6ff77f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f6ebff6e8fbaa831eca08ab13f80675e103737a814e5ee3f0d54cc09e51f4
e6f5be3b0b673d35437fd786f930a0e03fb3361f09919841681fb986ea0bcfd0
e89590be51bdcf7b28b7d028f10be05aff19d8062a919d8c5c6b52162990bad6
ebccb57aefb788cec5cca1c6ec2318050c0ff378b8a2a1362248102e8a5c3b5a
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef355ff29a5e65e0a41ae3aaff2d13fef94f38ff30c69090c6f89acb6752e50d
ef404db25db2be8b7b0c5e4e9f61f44d22b55308b24486d8b042e52baef8a2b5
f4596b8f70765ac359440801b4366c45c43dc9d80a0eef302eb98c2536e2a516
f4b3d838fac35e2bab26cdcfb3d24d43a506f527f1876b618021a52c0a0fc755
f7fcd7819c44473cbd40aabdc1295459afceecd0ddb53f73494f7d964a5ee519
fa55d4034609787cfef2b64b76240aacab9e4b0cdb255ce25d78033ec5536e64
fbc9fb5c776718322e4bf5201090fe5d5daf040d9c393c1b11011da1f190347b
fe1fd2390971d20586c515c99cbdf53ed0f3a9e4ddb091222dfafeae3a5eabff

www.tmz.com Open in urlscan Pro 2600:9000:214f:6600:b:ee9a:1d00:93a1

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

65 %IPv6

12 Domains

17 Subdomains

17 IPs

5 Countries

1968 kBTransfer

4424 kBSize

15 Cookies

12 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tmz.com
2600:9000:214f:6600:b:ee9a:1d00:93a1

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

65 %
IPv6

12
Domains

17
Subdomains

17
IPs

5
Countries

1968 kB
Transfer

4424 kB
Size

15
Cookies

47 HTTP transactions
17 data transactions