kristalsanatlar.com Open in urlscan Pro
37.148.212.176 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Submission: On August 12 via api (August 12th 2024, 4:40:15 am UTC) from GB — Scanned from GB

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 33 domains to perform 41 HTTP transactions. The main IP is 37.148.212.176, located in Turkey and belongs to CIZGI, TR. The main domain is kristalsanatlar.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 2nd 2024. Valid for: 9 months.

This is the only time kristalsanatlar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	37.148.212.176 37.148.212.176	34619 (CIZGI) (CIZGI)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	199.60.103.28 199.60.103.28	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2600:9000:267... 2600:9000:2670:1a00:8:bfa9:8d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.173.205.32 18.173.205.32	16509 (AMAZON-02) (AMAZON-02)
1	2.19.224.125 2.19.224.125	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a04:4e42:400... 2a04:4e42:400::272	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::604	54113 (FASTLY) (FASTLY)
1	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	95.100.65.183 95.100.65.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.33.187.51 13.33.187.51	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	92.205.184.140 92.205.184.140	21499 (GODADDY-SXB) (GODADDY-SXB)
1	186.192.91.9 186.192.91.9	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	2600:9000:264... 2600:9000:2646:1a00:d:3fc8:2e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:6a::84 2a04:4e42:6a::84	54113 (FASTLY) (FASTLY)
1	104.18.15.227 104.18.15.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:710... 2a02:26f0:7100:3a5::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.0.193 151.101.0.193	54113 (FASTLY) (FASTLY)
1	104.18.8.10 104.18.8.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:4780:24:... 2a02:4780:24:3549:7aee:7a9d:5ed7:141a	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ecd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.117.88.159 34.117.88.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
41	31

2 37.148.212.176 (Turkey)

ASN34619 (CIZGI, TR)
PTR: qresel.com

kristalsanatlar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.60.103.28 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.betterup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2670:1a00:8:bfa9:8d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.apmcdn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-32.fra56.r.cloudfront.net

ca-times.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.224.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-224-125.deploy.static.akamaitechnologies.com

learnenglish.britishcouncil.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::604 (United States)

ASN54113 (FASTLY, US)

images.hellomagazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.114 (San Francisco, United States)

ASN54113 (FASTLY, US)

img.huffingtonpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.65.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-65-183.deploy.static.akamaitechnologies.com

home.barclays	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-51.fra60.r.cloudfront.net

www.ccaa.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.205.184.140 (Strasbourg, France)

ASN21499 (GODADDY-SXB, DE)
PTR: 140.184.205.92.host.secureserver.net

www.textmanuscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.91.9 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com

s2-techtudo.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:1a00:d:3fc8:2e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

wl-incrivel.cf.tsp.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:6a::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.15.227 (None, )

ASN13335 (CLOUDFLARENET, US)

images.yampi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:3a5::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is1-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.193 (San Francisco, United States)

ASN54113 (FASTLY, US)

pm1.aminoapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.10 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cloudflare.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:24:3549:7aee:7a9d:5ed7:141a (Meppel, Netherlands)

ASN47583 (AS-HOSTINGER, CY)

www.just-coloring-pages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ecd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.freepik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.88.159 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.88.117.34.bc.googleusercontent.com

images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 426	200 KB
2	mzstatic.com is1-ssl.mzstatic.com — Cisco Umbrella Rank: 1024	309 KB
2	wp.com i0.wp.com — Cisco Umbrella Rank: 5176	127 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
2	kristalsanatlar.com kristalsanatlar.com	12 KB
1	wixmp.com images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com — Cisco Umbrella Rank: 33622	175 KB
1	freepik.com img.freepik.com — Cisco Umbrella Rank: 32680	1 MB
1	just-coloring-pages.com www.just-coloring-pages.com — Cisco Umbrella Rank: 513419	27 KB
1	steamstatic.com cdn.cloudflare.steamstatic.com — Cisco Umbrella Rank: 19959	29 KB
1	aminoapps.com pm1.aminoapps.com — Cisco Umbrella Rank: 116655	91 KB
1	yampi.io images.yampi.io	25 KB
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 2625	93 KB
1	tsp.li wl-incrivel.cf.tsp.li	69 KB
1	glbimg.com s2-techtudo.glbimg.com — Cisco Umbrella Rank: 939548	13 KB
1	textmanuscripts.com www.textmanuscripts.com	8 MB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 4162	156 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 117	29 KB
1	ccaa.com.br www.ccaa.com.br	56 KB
1	home.barclays home.barclays — Cisco Umbrella Rank: 637867	125 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 1020	170 KB
1	huffingtonpost.com img.huffingtonpost.com — Cisco Umbrella Rank: 45465	31 KB
1	hellomagazine.com images.hellomagazine.com — Cisco Umbrella Rank: 115468	86 KB
1	britishcouncil.org learnenglish.britishcouncil.org — Cisco Umbrella Rank: 328925	251 KB
1	brightspotcdn.com ca-times.brightspotcdn.com — Cisco Umbrella Rank: 44160	50 KB
1	apmcdn.org img.apmcdn.org — Cisco Umbrella Rank: 225076	33 KB
1	betterup.com www.betterup.com — Cisco Umbrella Rank: 332586	72 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	82 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	807 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	31 KB
0	sap.com Failed blogs.sap.com Failed
0	tiktok.com Failed www.tiktok.com Failed
0	unicef.org Failed www.unicef.org Failed
0	fbsbx.com Failed lookaside.fbsbx.com Failed
41	33

	Domain	Requested by
3	m.media-amazon.com	kristalsanatlar.com
2	is1-ssl.mzstatic.com	kristalsanatlar.com
2	i0.wp.com	kristalsanatlar.com
2	kristalsanatlar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com	kristalsanatlar.com
1	img.freepik.com	kristalsanatlar.com
1	www.just-coloring-pages.com	kristalsanatlar.com
1	cdn.cloudflare.steamstatic.com	kristalsanatlar.com
1	pm1.aminoapps.com	kristalsanatlar.com
1	images.yampi.io	kristalsanatlar.com
1	i.pinimg.com	kristalsanatlar.com
1	wl-incrivel.cf.tsp.li	kristalsanatlar.com
1	s2-techtudo.glbimg.com	kristalsanatlar.com
1	www.textmanuscripts.com	kristalsanatlar.com
1	upload.wikimedia.org	kristalsanatlar.com
1	i.ytimg.com	kristalsanatlar.com
1	www.ccaa.com.br	kristalsanatlar.com
1	home.barclays	kristalsanatlar.com
1	s.yimg.com	kristalsanatlar.com
1	img.huffingtonpost.com	kristalsanatlar.com
1	images.hellomagazine.com	kristalsanatlar.com
1	learnenglish.britishcouncil.org	kristalsanatlar.com
1	ca-times.brightspotcdn.com	kristalsanatlar.com
1	img.apmcdn.org	kristalsanatlar.com
1	www.betterup.com	kristalsanatlar.com
1	www.googletagmanager.com	kristalsanatlar.com
1	fonts.googleapis.com	kristalsanatlar.com
1	pagead2.googlesyndication.com	kristalsanatlar.com
1	www.google-analytics.com	kristalsanatlar.com
0	blogs.sap.com Failed	kristalsanatlar.com
0	www.tiktok.com Failed	kristalsanatlar.com
0	www.unicef.org Failed	kristalsanatlar.com
0	lookaside.fbsbx.com Failed	kristalsanatlar.com
41	34

This site contains no links.

Subject Issuer	Validity	Valid
kristalsanatlar.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-02` - `2024-10-05`	9 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
www.betterup.com WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
*.apmcdn.org Amazon RSA 2048 M03	`2024-07-21` - `2025-08-18`	a year	crt.sh
cdn.ca-times.psdops.com Amazon RSA 2048 M02	`2024-06-18` - `2025-07-17`	a year	crt.sh
*.britishcouncil.org DigiCert TLS RSA SHA256 2020 CA1	`2024-07-07` - `2025-07-09`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-03-18` - `2025-03-09`	a year	crt.sh
images.hellomagazine.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-22` - `2024-12-23`	a year	crt.sh
www.huffpost.com GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-25` - `2025-08-26`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2024-09-18`	2 months	crt.sh
home.barclays DigiCert EV RSA CA G2	`2024-03-21` - `2024-11-05`	8 months	crt.sh
*.ccaa.com.br Amazon RSA 2048 M02	`2024-02-29` - `2025-03-30`	a year	crt.sh
edgestatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
textmanuscripts.com R10	`2024-06-18` - `2024-09-16`	3 months	crt.sh
*.glbimg.com RapidSSL TLS RSA CA G1	`2024-04-12` - `2025-04-12`	a year	crt.sh
*.cf.tsp.li Go Daddy Secure Certificate Authority - G2	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
yampi.io Cloudflare Inc ECC CA-3	`2024-02-25` - `2024-12-31`	10 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
pm1.narvii.com R10	`2024-06-20` - `2024-09-18`	3 months	crt.sh
cloudflare.steamstatic.com Cloudflare Inc ECC CA-3	`2024-06-15` - `2024-12-31`	7 months	crt.sh
just-coloring-pages.com R10	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.freepik.com E5	`2024-06-13` - `2024-09-11`	3 months	crt.sh
*.wixmp.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-27` - `2024-11-23`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Frame ID: 687EF99A4C6AFEC591FBFB1402467C56
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

One in four - mental health campaign - I'm fine can mean many things, o que significa m fine - kristalsanatlar.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

41
Requests

85 %
HTTPS

50 %
IPv6

33
Domains

34
Subdomains

31
IPs

8
Countries

11910 kB
Transfer

12165 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request health-campaign-I-m-fine-can-mean-many-things-2718300.html Show response
kristalsanatlar.com/ 46 KB
11 KB 1081ms
813ms Document
text/html 37.148.212.176
CIZGI

General

Check archive.org

Show headers Download Go to

Full URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 37.148.212.176 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: qresel.com
Software: LiteSpeed /
Resource Hash: 43d81d0555ac1e0faec1aef4d106655be70e316995deace3a987278faed4d0e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-length: 11182
content-type: text/html; charset=utf-8
date: Mon, 12 Aug 2024 04:40:08 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 118ms
33ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Aug 2024 03:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5104
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 12 Aug 2024 05:15:05 GMT

GET
H3 200 gpt.js Show response
pagead2.googlesyndication.com/tag/js/ 102 KB
31 KB 122ms
49ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/tag/js/gpt.js

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7122533b65e0ddb325844a21eba019b5c3c9d82e68f15a0f2d5192862e5ecead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32086
x-xss-protection: 0
server: cafe
etag: 571 / 19947 / m202408060101 / config-hash: 9072019561209455628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Aug 2024 04:40:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 799 B
807 B 127ms
44ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Slabo+27px&display=swap

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af1108dc8b93c371224e9936e052668edaaf28bc60d0afe09e87230fa7a01897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Aug 2024 04:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 03:13:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Aug 2024 04:40:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
82 KB 139ms
52ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MBWCTIVMEW

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08fdf54e82ddb39fb09185e21b5030ff95164a89a8f28abb84a30afb90ff01bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84022
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Aug 2024 04:40:09 GMT

GET /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0

GET
H2 200 032923-NEWSOM-MENTAL-HEALTH-OVERHAUL-AP-AH-CM.jpg
i0.wp.com/calmatters.org/wp-content/uploads/2022/06/ 53 KB
54 KB 296ms
223ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/calmatters.org/wp-content/uploads/2022/06/032923-NEWSOM-MENTAL-HEALTH-OVERHAUL-AP-AH-CM.jpg?fit=1200%2C800&ssl=1

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

610c9bf59f8145d0f40a1a045fe2b351ad1b9f1fb9c2eeddfe176602d341377b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 54470
x-nc: MISS lhr 6
last-modified: Mon, 12 Aug 2024 04:40:09 GMT
server: nginx
etag: "6ea9592f5246ad9e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://calmatters.org/wp-content/uploads/2022/06/032923-NEWSOM-MENTAL-HEALTH-OVERHAUL-AP-AH-CM.jpg>; rel="canonical"
expires: Wed, 12 Aug 2026 16:40:09 GMT

GET
H3 200 mental-health-awareness-man-next-to-window.jpg
www.betterup.com/hubfs/Blog%20Images/ 71 KB
72 KB 886ms
823ms Image
image/jpeg 199.60.103.28
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.betterup.com/hubfs/Blog%20Images/mental-health-awareness-man-next-to-window.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.28 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4272a280baf8a025bf5886939ec5783edcb796dfb2ea4fd201e2270f5316947a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-64262296417,FD-49295886619,P-9253440,FLS-ALL
x-amz-request-id: DYSFNP0A6NGT86H8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-64262296417,FD-49295886619,P-9253440,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "b08d4f5641d9c7879edda688fde3460c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1642612912005
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 12 Aug 2024 04:40:09 GMT
strict-transport-security: max-age=31536000
via: 1.1 02b64e603ed38c4fa65e6d087701f8de.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: rRG0T0ofk6wYwGcIImzcPuqiuWHtlUoS
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-64262296417,FD-49295886619,P-9253440,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 72547
x-amz-id-2: dVLGsuLOzMC9yagn7qkdO6EJkKeYfYnHNsgQXYW1MuXCApjqS3N7xOoBzw0cvFSfgXRfC9b8xl05rv7jwLRcsUJS6OM0ffNk
last-modified: Wed, 19 Jan 2022 17:21:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sm%2FuhHRUyeM8ogr5xbq4R0SiVPXbkcxy2ZLoWueHtdrudsGUBEA4PQVcpHOB8rmU2nhhxkd%2BWVIkMaxckwV899oqTyJ74C4Gja3uyYWGpl%2BnsL8Cfwkh0TLno8RVbcCeSH0%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b1dc92139afcd0e-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: AZaVOSQ9UG11zAF5uNpZFk6b9lWRJ6Zvm-Ulrv7QUOq5ZVx6E-EYlA==

GET
H2 200 ad820b-20210519-under-pressure-600.jpg
img.apmcdn.org/1cc46ccefc2d27a97a04dfa83ff6e2efbd0b6596/uncropped/ 32 KB
33 KB 172ms
55ms Image
image/jpeg 2600:9000:2670:1a00:8:bfa9:8d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.apmcdn.org/1cc46ccefc2d27a97a04dfa83ff6e2efbd0b6596/uncropped/ad820b-20210519-under-pressure-600.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:1a00:8:bfa9:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e424bc5f669778046b72d274764cd8c5487714603863f63fd44d6fb70b25028

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 05:09:40 GMT
via: 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 20:07:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
age: 171030
etag: "d91c3d49217d6d6e9b6942de0f4512ff"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31556952
content-disposition: inline; filename="ad820b-20210519-under-pressure-600.jpg"; filename*=UTF-8''ad820b-20210519-under-pressure-600.jpg
accept-ranges: bytes
content-length: 33086
x-amz-cf-id: AGoRrNK3JB3Lhd49ON0sPvPfoeir1m6Pms8Ejnr-JdaLedHS5bfK1A==

GET
H2 200 /
ca-times.brightspotcdn.com/dims4/default/2a4897c/2147483647/strip/true/crop/2998x1688+0+155/resize/840x473!/quality/75/ 50 KB
50 KB 171ms
42ms Image
image/jpeg 18.173.205.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca-times.brightspotcdn.com/dims4/default/2a4897c/2147483647/strip/true/crop/2998x1688+0+155/resize/840x473!/quality/75/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F34%2F1b%2F525fcf194505a57148d349eb693f%2Fcity-council-transcript-3x2.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-32.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 43cfcc140693afde8f33a48d3ff2570e193ac1ff67dee57968c3edc4fa57c03f

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 04:28:33 GMT
via: 1.1 506bffda4b1949c4425629ce0bdce052.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P12
age: 1469495
etag: 3daee7ad63dc64f2acca52a6b67b5ca9
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
alt-svc: h3=":443"; ma=86400
content-length: 51050
x-amz-cf-id: dgJTjxnGuOuHdta1_3P6AR4rLna4AmJfaGws2xs8K3QaDPKQZjiSSQ==
expires: Sat, 26 Jul 2025 04:28:34 GMT

GET
H2 200 RS7860_ThinkstockPhotos-499389880-hig_2.jpg
learnenglish.britishcouncil.org/sites/podcasts/files/ 251 KB
251 KB 193ms
85ms Image
image/jpeg 2.19.224.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://learnenglish.britishcouncil.org/sites/podcasts/files/RS7860_ThinkstockPhotos-499389880-hig_2.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.224.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-224-125.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

53b0e9684ea4f8841f253417ef709ebcba0f88bd1ca4d6f09ed64f5d19fd00c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Oct 2021 05:53:42 GMT
server: Apache
etag: "3eb5d-5cda8c4b77330"
x-varnish: 719882265
content-type: image/jpeg
cache-control: max-age=31536000
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=24, ak_p; desc="1723437609175_389993732_156479798_3669_9422_34_37_219";dur=1
accept-ranges: bytes
content-length: 256861
expires: Tue, 12 Aug 2025 04:40:09 GMT

GET
H2 400 51j+O9upu9L._AC_UF1000,1000_QL80_.jpg
m.media-amazon.com/images/W/MEDIAX_792452-T2/images/I/ 11 B
325 B 214ms
106ms Image
text/plain 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/W/MEDIAX_792452-T2/images/I/51j+O9upu9L._AC_UF1000,1000_QL80_.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Mon, 12 Aug 2024 05:40:09 GMT
date: Mon, 12 Aug 2024 04:40:09 GMT
age: 0
x-cache: MISS from fastly, MISS from fastly
content-type: text/plain
cache-control: max-age=3600,public
x-amz-ir-id: 39bd58e7-84e9-4b35-8cd7-52787838e1e2
server-timing: provider;desc="fy"
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11
x-served-by: cache-iad-kjyo7100176-IAD, cache-lcy-eglc8600091-LCY

GET
H2 200 13735fb84cb8-roman-kemp-exclusive-t.jpg
images.hellomagazine.com/horizon/landscape/ 85 KB
86 KB 326ms
231ms Image
image/webp 2a04:4e42:600::604
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.hellomagazine.com/horizon/landscape/13735fb84cb8-roman-kemp-exclusive-t.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::604 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9c3b1ff0035dac335619cc2bfd812c68ff0d3aa24c85291109c5be913e47c6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
expiration: expiry-date="Wed, 21 Aug 2024 00:00:00 GMT", rule-id="derived_image"
content-disposition: inline; filename="13735fb84cb8-roman-kemp-exclusive-t.jpg.webp"
server-timing: cld-fastly;mitm=p;dur=208;cpu=0;start=2024-08-12T04:40:09.195Z;desc=miss,rtt;dur=20,content-info;desc="width=1920,height=1080,owidth=1920,oheight=1080,obytes=121083,oformat=jpg,rt=1,t=\"Zl9hdXRvLHFfYXV0bzpiZXN0\"",cloudinary;dur=126;start=2024-08-12T04:40:09.238Z
content-length: 87220
last-modified: Fri, 21 Jun 2024 19:33:33 GMT
server: Cloudinary
etag: "bc27025ecadb77bb3d1b7d00b0d5fa0f"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 583587d6180000270c30fa58.png
img.huffingtonpost.com/asset/ 30 KB
31 KB 178ms
103ms Image
image/jpeg 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/583587d6180000270c30fa58.png?ops=scalefit_720_noupscale

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.114 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a3748bc4dc461cbcd321bc15f81f0a18bad1fcfb406badb5abbff2c4b40494b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 1618051
x-dns-prefetch-control: off
x-cache: HIT, MISS
content-length: 30864
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100176-IAD, cache-lcy-eglc8600063-LCY
referrer-policy: no-referrer-when-downgrade
x-timer: S1723437609.175236,VS0,VE81
etag: W/"7890-WovCingySx2P5DZA1nDpcmzf7F4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 8, 0

GET
H2 200 b905e2f0-5f05-11ee-9f27-4039f304fc8f
s.yimg.com/ny/api/res/1.2/Pq2CMrVINbu5Oqrm0_VMFA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTE2MDA7aD05ODA7cT01MA--/https://s.yimg.com/os/creatr-uploaded-images/2023-09/ 169 KB
170 KB 240ms
36ms Image
image/jpeg 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ny/api/res/1.2/Pq2CMrVINbu5Oqrm0_VMFA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTE2MDA7aD05ODA7cT01MA--/https://s.yimg.com/os/creatr-uploaded-images/2023-09/b905e2f0-5f05-11ee-9f27-4039f304fc8f

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b4700a27bf17a18a4ae167fa395c4fa469b9a4d4aef47d15ae8793030d2ada16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sat, 13 Jul 2024 15:46:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
age: 2552043
expiration: expiry-date="Mon, 30 Sep 2024 00:00:00 GMT", rule-id="delete fetch for mysterio after 180 days"
x-image-height: 980
server-timing: cld-fastly;mitm=po;dur=2;cpu=1;start=2024-07-13T15:46:06.426Z;desc=hit,rtt;dur=87,content-info;desc="width=1600,height=980,bytes=172917,owidth=2400,oheight=1470,obytes=2525044,ef=(1,13,17,30,97)"
content-length: 172917
x-xss-protection: 1; mode=block
x-image-width: 1600
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 02 Apr 2024 01:24:46 GMT
server: ATS
etag: "8d8b45c1223aaa3a2bb3230528200680"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0

GET
H2 200 HERO-BARCLAYS-PETER-TOAL-16_9.large.medium_quality.jpg
home.barclays/content/dam/home-barclays/images/news/2020/03/ 124 KB
125 KB 209ms
56ms Image
image/jpeg 95.100.65.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.barclays/content/dam/home-barclays/images/news/2020/03/HERO-BARCLAYS-PETER-TOAL-16_9.large.medium_quality.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.65.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-65-183.deploy.static.akamaitechnologies.com

Software

Resource Hash

1637d5fecdf60d191a06fca88875f3bf38e28a7039776799dfe737577ef28c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-dispatcher: dispatcher2euwest1-b80
date: Mon, 12 Aug 2024 04:40:09 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
last-modified: Fri, 12 Jul 2024 16:38:55 GMT
etag: "1f0fa-61d0f83f6d8c5"
x-vhost: publish
content-type: image/jpeg
cache-control: max-age=541
accept-ranges: bytes
content-length: 127226
x-xss-protection: 1;mode=block
expires: Mon, 12 Aug 2024 04:49:10 GMT

GET
H2 200 birth-control-episode-collage-final.jpg
i0.wp.com/revealnews.org/wp-content/uploads/2022/10/ 73 KB
74 KB 200ms
198ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/revealnews.org/wp-content/uploads/2022/10/birth-control-episode-collage-final.jpg?fit=1200%2C667&ssl=1

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0d851fa21a3efb43c9f1ffe36f2a90cd636e1d02b5d62bc91c60e1ba45aa49ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 74900
x-nc: MISS lhr 2
last-modified: Mon, 12 Aug 2024 04:40:09 GMT
server: nginx
etag: "85c4ded626acadd6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://revealnews.org/wp-content/uploads/2022/10/birth-control-episode-collage-final.jpg>; rel="canonical"
expires: Wed, 12 Aug 2026 16:40:09 GMT

GET EN_ED_Letter_Assets_1_Hero_ED_0.png
www.unicef.org/sites/default/files/styles/media_large_image/public/ 0
0

GET
H2 200 WhatsApp_Image_2022-06-28_at_11.36.10.jpg
www.ccaa.com.br/wp-content/uploads/2022/06/ 56 KB
56 KB 905ms
728ms Image
image/jpeg 13.33.187.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ccaa.com.br/wp-content/uploads/2022/06/WhatsApp_Image_2022-06-28_at_11.36.10.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-51.fra60.r.cloudfront.net
Software: Apache/2.4.58 (Ubuntu) /
Resource Hash: f1d6d48f1502731ae1cb942fe0bce9c1f317200ba60e189d344bf68106a6ce02

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
content-encoding: gzip
via: 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
last-modified: Thu, 28 Mar 2024 18:29:04 GMT
server: Apache/2.4.58 (Ubuntu)
x-amz-cf-pop: FRA60-P9
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=10368000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 56867
x-amz-cf-id: Y3AjmiV-uoxjBNsvifhZ5hIHLtej7guKrOjvEd5_6v3d4h-4LO1dWw==
expires: Tue, 10 Dec 2024 04:40:09 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/uvQ1bC8tJas/ 29 KB
29 KB 148ms
57ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/uvQ1bC8tJas/hqdefault.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4052a091e90a7330da2955ad6d882ae647fc967fb1a894cb0fd20bd8b0d05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29658
x-xss-protection: 0
server: sffe
etag: "1446745057"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 12 Aug 2024 06:40:09 GMT

GET
H2 200 800px-OK-button_-_Macro_photography_of_a_remote_control.jpg
upload.wikimedia.org/wikipedia/commons/thumb/1/17/OK-button_-_Macro_photography_of_a_remote_control.jpg/ 155 KB
156 KB 127ms
56ms Image
image/jpeg 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/1/17/OK-button_-_Macro_photography_of_a_remote_control.jpg/800px-OK-button_-_Macro_photography_of_a_remote_control.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

e1427ff13516eb1f8e7bc357487cb2da857d0226a971d5c9be1fe4f05ca57b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 10:48:17 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 64312
x-cache-status: hit-local
x-cache: cp3078 hit, cp3078 miss
content-disposition: inline;filename*=UTF-8''OK-button_-_Macro_photography_of_a_remote_control.jpg
server-timing: cache;desc="hit-local", host;desc="cp3078"
content-length: 158411
x-client-ip: 2a02:8c8:c10:30::17
last-modified: Fri, 03 Jun 2022 17:36:09 GMT
server: envoy
etag: 99d69ae87b023cfe10e952a290705fe7
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET /
www.tiktok.com/api/img/ 0
0

GET
H2 200 1111%204.png
www.textmanuscripts.com/images/tm/TM-1111/46671/image-thumb__46671__tm-inventoryDetailLarge/ 8 MB
8 MB 269ms
41ms Image
image/png 92.205.184.140
GODADDY-SXB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.textmanuscripts.com/images/tm/TM-1111/46671/image-thumb__46671__tm-inventoryDetailLarge/1111%204.png

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.205.184.140 Strasbourg, France, ASN21499 (GODADDY-SXB, DE),

Reverse DNS

140.184.205.92.host.secureserver.net

Software

nginx / PleskLin

Resource Hash

785502fe9a766fe9bcea30b96a1152f5ffadcad0e3b3aec634822aa0879639c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
strict-transport-security: max-age=15768000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 04 Apr 2023 11:56:02 GMT
server: nginx
etag: "839eaa-5f8815c084e98"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8625834
expires: Tue, 12 Aug 2025 04:40:09 GMT

GET
H2 200 2012-11-09-tiques-do-whatsapp-causam-confusao-em-muitos-usuarios.jpg
s2-techtudo.glbimg.com/6zFGIUi8pB3Qh0UgsyVU4YQ9G-o=/0x0:620x292/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_08fbf48bc0524877943fe86e43087e7a/internal_photos/bs/2021/a/n/NvtKgATsOW6f8gVN... 13 KB
13 KB 1698ms
327ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-techtudo.glbimg.com/6zFGIUi8pB3Qh0UgsyVU4YQ9G-o=/0x0:620x292/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_08fbf48bc0524877943fe86e43087e7a/internal_photos/bs/2021/a/n/NvtKgATsOW6f8gVNyFSQ/2012-11-09-tiques-do-whatsapp-causam-confusao-em-muitos-usuarios.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 268e25cafc6954576a229ec7e67825cafd0b5e9aa32b158db1baf87f90f57d71

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:10 GMT
via: 2.0 CachOS
x-bip: 838460275 ra09 20 10
age: 0
x-cache-server: thumbor/nginx-cache
content-length: 13302
x-cached: MISS
x-request-id: f79ad390-5772-457a-aa8d-7217f60ca42d
x-forwarded-host: s2-techtudo.glbimg.com
x-thanos: 0AB4D01E
etag: "3baaf30b02a95317634c4aab8cc4cafb66dbcadb"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 11 Sep 2024 04:40:10 GMT

GET
H2 200 81Bg1HL3diL._AC_UF1000,1000_QL80_.jpg
m.media-amazon.com/images/I/ 111 KB
111 KB 222ms
142ms Image
image/jpeg 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/81Bg1HL3diL._AC_UF1000,1000_QL80_.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eab2d071c5515bd5657a5d7a47fb90816549163f5a640ab956b9a7a843547039

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
age: 0
x-cache: MISS from fastly, MISS from fastly
x-nginx-cache-status: HIT
server-timing: provider;desc="fy"
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113848
x-served-by: cache-iad-kcgs7200089-IAD, cache-lcy-eglc8600091-LCY
last-modified: Wed, 27 Feb 2013 18:32:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: d0701ddb-9a1c-4d8a-b575-139407d026ef
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Fri, 22 Jul 2044 08:18:26 GMT

GET
H2 200 fcced75fadb9024d5a7cc462ab.jpg
wl-incrivel.cf.tsp.li/resize/728x/jpg/8fc/51a/ 68 KB
69 KB 380ms
204ms Image
image/jpeg 2600:9000:2646:1a00:d:3fc8:2e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wl-incrivel.cf.tsp.li/resize/728x/jpg/8fc/51a/fcced75fadb9024d5a7cc462ab.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1a00:d:3fc8:2e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d61e24b2e7f9ebd95ce4cf0e7bc45518366e5369f0c71e1e79003e952ebcea12

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:10 GMT
via: 1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 13:49:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
etag: "6cc532abe3805f30f50fa7ebb5ff0490"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 69754
x-amz-cf-id: Zz-L8NlWOPMbtFeRxE87jnnzTKsHC0q92DFsl0RGhcwn2DH8XB7Dhw==

GET
H2 200 71tFl5Pm0KL._AC_UY1000_.jpg
m.media-amazon.com/images/I/ 87 KB
88 KB 194ms
112ms Image
image/jpeg 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/71tFl5Pm0KL._AC_UY1000_.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7465fe926ed65ad86f7b7e692da6beb2be961c057515b062bc119307ef7f88d3

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
age: 283689
x-cache: HIT from fastly, MISS from fastly
x-nginx-cache-status: HIT
server-timing: provider;desc="fy"
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 89589
x-served-by: cache-iad-kcgs7200082-IAD, cache-lcy-eglc8600091-LCY
last-modified: Thu, 24 Dec 2020 09:18:52 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: f8e8f100-6c76-4bf9-a442-d126a35d9106
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Sat, 30 Jul 2044 20:15:06 GMT

GET /
lookaside.fbsbx.com/lookaside/crawler/media/ 0
0

GET
H2 200 826341491c2867a618ecd6f8edc452db.jpg
i.pinimg.com/originals/82/63/41/ 93 KB
93 KB 119ms
40ms Image
image/jpeg 2a04:4e42:6a::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/82/63/41/826341491c2867a618ecd6f8edc452db.jpg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:6a::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0879bb5d0c2a656b5350211f6634d542d00b181ae6c356a84310173bb1349e1a

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
x-cdn: fastly
etag: "a4f572f708477eedc74418b7243bcee7"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
x-amz-replication-status: COMPLETED
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 94976

GET
H3 200 Adidas-seuper-Branco-Preto1_1000x1000.jpg
images.yampi.io/unsafe/fit-in/700x700/filters:background_color(white):upscale()/https://cdn.shopify.com/s/files/1/0573/6395/5891/products/ 25 KB
25 KB 837ms
793ms Image
image/jpeg 104.18.15.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.yampi.io/unsafe/fit-in/700x700/filters:background_color(white):upscale()/https://cdn.shopify.com/s/files/1/0573/6395/5891/products/Adidas-seuper-Branco-Preto1_1000x1000.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.15.227 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f42f7d1e2e9b56fd8e46a313582cf28ef8f363f98bf32ea7bd30c455badc050d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
cf-polished: origSize=27094
alt-svc: h3=":443"; ma=86400
content-length: 25658
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "1e22d8dce1e934e2037b762a23f34aa546b422aa"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8b1dc9214db888b3-LHR
expires: Tue, 13 Aug 2024 04:40:09 GMT

GET
H2 200 300x0w.jpg
is1-ssl.mzstatic.com/image/thumb/Purple113/v4/75/9b/7f/759b7fb0-a6fb-5828-3db5-41b3aa64ddd3/pr_source.png/ 50 KB
51 KB 212ms
85ms Image
image/jpeg 2a02:26f0:7100:3a5::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple113/v4/75/9b/7f/759b7fb0-a6fb-5828-3db5-41b3aa64ddd3/pr_source.png/300x0w.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:3a5::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/5 /

Resource Hash

d17b5a0677c8909f4903ccf63ae8f93eb0f629a16486c9869fc83080266bc9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 52UWN4PJCVXY3ZWIQNWF3TYOSE
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Aug 2024 04:40:09 GMT
x-b3-traceid: 9747e8f7749238e6
x-daiquiri-instance: daiquiri:13624001:mr85p00it-hyhk04174601:7987:24RELEASE161:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338003:mr47p00it-qujn05120301:7987:24RELEASE161:daiquiri-amp-all-l7shared-int-001-mr
cdnuuid: 23b34c15-993d-4c13-9408-75c80a40221e-4299895542
x-cache: TCP_MISS from a2-17-100-188.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
x-b3-parentspanid: 219dc68d233b2dbc
b3: eea966f1e9156f8de6c8836c5dcf0e91-e69c49bf71c1d10c
content-length: 51555
apple-tk: false
server: daiquiri/5
apple-seq: 0.0
last-modified: Tue, 30 Jul 2024 03:53:05 GMT
x-cache-remote: TCP_MISS from a23-38-99-88.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
etag: "MSwxLjg2LjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzIyMzExNTg1NjUzLDI0SjE3LGFkMTFkNDlhLG5vRWZmZWN0"
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: eea966f1-e915-6f8d-e6c8-836c5dcf0e91
x-b3-spanid: e69c49bf71c1d10c
cache-control: no-transform, max-age=14882200
timing-allow-origin: *

GET
H2 200 5866cd4ec80e65a7b9a1a3ec6773b96c8d6e2904r1-706-1000v2_uhq.jpg
pm1.aminoapps.com/8750/ 90 KB
91 KB 496ms
425ms Image
image/jpeg 151.101.0.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pm1.aminoapps.com/8750/5866cd4ec80e65a7b9a1a3ec6773b96c8d6e2904r1-706-1000v2_uhq.jpg

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.193 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3c9aa1dc2c09b9ef868401282e0f2db46b33dbbfa24493ff3a9484eb58d51092

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
via: 1.1 e7b7c1bf4679a281bf65ea41c2939274.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=300
age: 0
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, MISS
content-length: 92453
x-served-by: cache-pdx12329-PDX, cache-lcy-eglc8600020-LCY
last-modified: Fri, 18 Aug 2023 12:43:17 GMT
server: AmazonS3
x-timer: S1723437609.197952,VS0,VE403
etag: "17c231b51f39f841fc82629faa713085"
content-type: image/jpeg
access-control-allow-origin: https://aminoapps.com
cache-control: s-max-age: 31536000, max-age: 31536000, public
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 header.jpg
cdn.cloudflare.steamstatic.com/steam/apps/1816930/ 29 KB
29 KB 113ms
55ms Image
image/jpeg 104.18.8.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudflare.steamstatic.com/steam/apps/1816930/header.jpg?t=1678130755
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4698574ba6d458be057e04dfbc114963aa20988caaf4168385fddf51c475aad

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 06 Dec 2021 22:39:35 GMT
server: cloudflare
etag: "61ae9127-7273"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
cf-ray: 8b1dc92169f263ec-LHR
content-length: 29299
expires: Mon, 12 Aug 2024 12:58:20 GMT

GET BV.png
blogs.sap.com/wp-content/uploads/2023/03/ 0
0

GET
H2 200 toca-life-guy.png
www.just-coloring-pages.com/wp-content/uploads/2023/06/ 26 KB
27 KB 1223ms
692ms Image
image/webp 2a02:4780:24:3549:7aee:7a9d:5ed7:141a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.just-coloring-pages.com/wp-content/uploads/2023/06/toca-life-guy.png
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:24:3549:7aee:7a9d:5ed7:141a Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: bdd0d00625cc1072ffae4a70f1a3a336be244bf4cc996ad6d91bf4254aace27a

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:10 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 1371d67dbaf365dfa6674a9a7088d7c1-srv-edge3
content-type: image/webp
cache-control: public, max-age=31557600
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.660
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 26950

GET
H2 200 estrada-no-bairro-de-beacon-hill-no-centro-de-boston-ma-eua_250132-21466.jpg
img.freepik.com/fotos-premium/ 1 MB
1 MB 172ms
68ms Image
image/avif 2a02:26f0:480:f::213:7ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.freepik.com/fotos-premium/estrada-no-bairro-de-beacon-hill-no-centro-de-boston-ma-eua_250132-21466.jpg?w=2000
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ecd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3094da7fea723f242ae6ad127a1c95e3d831fc49cd104526520a3d012ba63b93

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
last-modified: Fri, 09 Aug 2024 05:15:29 GMT
etag: "fa1f100ddbf004eae4eb6b5829afc1ac"
content-type: image/avif
cache-control: private, no-transform, max-age=604800
x-robots-tag: noimageai
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1138594
expires: Mon, 19 Aug 2024 04:40:09 GMT

GET
H2 200 1200x630wa.png
is1-ssl.mzstatic.com/image/thumb/Purple112/v4/7c/c1/1e/7cc11e93-1a00-4d11-a639-719ad0ba2a79/AppIcon-0-0-1x_U007emarketing-0-0-0-10-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 257 KB
258 KB 1025ms
1025ms Image
image/png 2a02:26f0:7100:3a5::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple112/v4/7c/c1/1e/7cc11e93-1a00-4d11-a639-719ad0ba2a79/AppIcon-0-0-1x_U007emarketing-0-0-0-10-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/1200x630wa.png

Requested by

Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:3a5::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/5 /

Resource Hash

fe2cbc7b1d1a49cbe11c6a0781103e85daf3efbec57a337bb79e96bca7342248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key: Q6QNQIZ6EZIWMCUNNVR32UEHGU
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Aug 2024 04:40:10 GMT
x-b3-traceid: 65ffd65980f35f89
x-daiquiri-instance: daiquiri:13624001:mr85p00it-hyhk04174601:7987:24RELEASE161:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338001:mr47p00it-qujn04120302:7987:24RELEASE161:daiquiri-amp-all-l7shared-int-001-mr
cdnuuid: 0a7579fe-4939-43d9-b7b0-0f587f223815-3412501233
x-cache: TCP_MISS from a2-17-100-188.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
x-b3-parentspanid: aadd14cc00d1c9fa
b3: 87a0d8233e2651660a8d6d63bd508735-d78df9782532cfed
content-length: 262902
apple-tk: false
server: daiquiri/5
apple-seq: 0.0
last-modified: Mon, 12 Aug 2024 04:40:10 GMT
x-cache-remote: TCP_MISS from a2-20-179-68.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
etag: "MSwxLjg2LjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzIzNDM3NjEwMTYwLDI0SjE3LGU0NTdkMzY2LG5vRWZmZWN0"
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 87a0d823-3e26-5166-0a8d-6d63bd508735
x-b3-spanid: d78df9782532cfed
cache-control: no-transform, max-age=14906898
timing-allow-origin: *

GET
H2 200 d1rgxks-d07d2154-11c1-4f9d-a8ee-d7e8faeb2566.jpg
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/068feb04-3151-4598-97fa-df129818834b/ 175 KB
175 KB 397ms
316ms Image
image/jpeg 34.117.88.159
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com/f/068feb04-3151-4598-97fa-df129818834b/d1rgxks-d07d2154-11c1-4f9d-a8ee-d7e8faeb2566.jpg?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1cm46YXBwOjdlMGQxODg5ODIyNjQzNzNhNWYwZDQxNWVhMGQyNmUwIiwiaXNzIjoidXJuOmFwcDo3ZTBkMTg4OTgyMjY0MzczYTVmMGQ0MTVlYTBkMjZlMCIsIm9iaiI6W1t7InBhdGgiOiJcL2ZcLzA2OGZlYjA0LTMxNTEtNDU5OC05N2ZhLWRmMTI5ODE4ODM0YlwvZDFyZ3hrcy1kMDdkMjE1NC0xMWMxLTRmOWQtYThlZS1kN2U4ZmFlYjI1NjYuanBnIn1dXSwiYXVkIjpbInVybjpzZXJ2aWNlOmZpbGUuZG93bmxvYWQiXX0.JvUbfq1Hnxm6zmC9auEO0esKoSLtTCyECOpNl_K2mkg
Requested by: Host: kristalsanatlar.com
URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.88.159 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 159.88.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 7e0e1067d88ac32b59796276f27975b18a2daa44bbee4bed1a7c71d7cc10e0b5

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:40:09 GMT
via: 1.1 google
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178888
wix-tracer: 2kXl4Ljb42HP9bGsN7uluZFLVfi
x-seen-by: image-manipulator-7cd5cd68f6-vdxrs

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 96ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MBWCTIVMEW&gtm=45je4880za200&_p=1723437609087&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=831604110.1723437609&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723437609&sct=1&seg=0&dl=https%3A%2F%2Fkristalsanatlar.com%2Fhealth-campaign-I-m-fine-can-mean-many-things-2718300.html&dt=One%20in%20four%20-%20mental%20health%20campaign%20-%20I%27m%20fine%20can%20mean%20many%20things%2C%20o%20que%20significa%20m%20fine%20-%20kristalsanatlar.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1484
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBWCTIVMEW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:40:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kristalsanatlar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
kristalsanatlar.com/ 467 B
441 B 822ms
822ms Other
text/html 37.148.212.176
CIZGI

General

Check archive.org

Show headers Download Go to

Full URL: https://kristalsanatlar.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 37.148.212.176 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: qresel.com
Software: LiteSpeed /
Resource Hash: 0c6b79f83e835956cff911f6a218a73056daae4cb35d8e39deabeccabc88df40

Request headers

Referer: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:40:11 GMT
content-encoding: gzip
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 260
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lookaside.fbsbx.com
URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=2402438856439077

Domain: lookaside.fbsbx.com
URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=100064814196097

Domain: www.unicef.org
URL: https://www.unicef.org/sites/default/files/styles/media_large_image/public/EN_ED_Letter_Assets_1_Hero_ED_0.png?itok=aormNf3g

Domain: www.tiktok.com
URL: https://www.tiktok.com/api/img/?itemId=7268006428219051266&location=0&aid=1988

Domain: lookaside.fbsbx.com
URL: https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=167342387156790

Domain: blogs.sap.com
URL: https://blogs.sap.com/wp-content/uploads/2023/03/BV.png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
home.barclays/	1970-01-20 22:54:02	Name: AWSALBCORS Value: sNaUkuzO+eUwhW35N/kZZUKrPMKyQcjn2WtLUFQYfnnOisdZ9uK2CUy8olnWJlw45QZ98wSa4p14xaxnMwww89ABfKUBaI6aKw+arHvt0yWM29dhOlh8veCjacA/
.kristalsanatlar.com/	1970-01-21 08:19:57	Name: _ga_MBWCTIVMEW Value: GS1.1.1723437609.1.0.1723437609.0.0.0
.kristalsanatlar.com/	1970-01-21 08:19:57	Name: _ga Value: GA1.1.831604110.1723437609
.www.betterup.com/	1970-01-20 22:43:59	Name: __cf_bm Value: maLM8xx37g7QpTPUvg_PtV.VWSapnjnxu9VOUPlTwlw-1723437609-1.0.1.1-qCXyz7OGSBeAM76k7y.11jncR5EolOhSlxJLawvag7Fs.utHmR79g.RiDMIzZKavfm9gXxJ6CQIOt1KGAKSR.A
.www.betterup.com/	1969-12-31 23:59:59	Name: __cfruid Value: 08d2b159dee7189bdc9653053c09659319274c29-1723437609
kristalsanatlar.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 01jtkfb371umulvl26k4tkg8rd

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html Message: Mixed Content: The page at 'https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html' was loaded over HTTPS, but requested an insecure element 'http://pm1.aminoapps.com/8750/5866cd4ec80e65a7b9a1a3ec6773b96c8d6e2904r1-706-1000v2_uhq.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html(Line 570) Message: Mixed Content: The page at 'https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html' was loaded over HTTPS, but requested an insecure element 'http://pm1.aminoapps.com/8750/5866cd4ec80e65a7b9a1a3ec6773b96c8d6e2904r1-706-1000v2_uhq.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://m.media-amazon.com/images/W/MEDIAX_792452-T2/images/I/51j+O9upu9L._AC_UF1000,1000_QL80_.jpg Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html Message: The resource https://pagead2.googlesyndication.com/tag/js/gpt.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://kristalsanatlar.com/health-campaign-I-m-fine-can-mean-many-things-2718300.html Message: The resource https://www.google-analytics.com/analytics.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogs.sap.com
ca-times.brightspotcdn.com
cdn.cloudflare.steamstatic.com
fonts.googleapis.com
home.barclays
i.pinimg.com
i.ytimg.com
i0.wp.com
images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com
images.hellomagazine.com
images.yampi.io
img.apmcdn.org
img.freepik.com
img.huffingtonpost.com
is1-ssl.mzstatic.com
kristalsanatlar.com
learnenglish.britishcouncil.org
lookaside.fbsbx.com
m.media-amazon.com
pagead2.googlesyndication.com
pm1.aminoapps.com
region1.google-analytics.com
s.yimg.com
s2-techtudo.glbimg.com
upload.wikimedia.org
wl-incrivel.cf.tsp.li
www.betterup.com
www.ccaa.com.br
www.google-analytics.com
www.googletagmanager.com
www.just-coloring-pages.com
www.textmanuscripts.com
www.tiktok.com
www.unicef.org
blogs.sap.com
lookaside.fbsbx.com
www.tiktok.com
www.unicef.org
104.18.15.227
104.18.8.10
13.33.187.51
142.250.185.98
151.101.0.193
151.101.2.114
18.173.205.32
186.192.91.9
192.0.77.2
199.60.103.28
2.19.224.125
2001:4860:4802:32::36
2600:9000:2646:1a00:d:3fc8:2e00:93a1
2600:9000:2670:1a00:8:bfa9:8d80:93a1
2a00:1288:80:807::1
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2016
2a00:1450:4001:811::2008
2a02:26f0:480:f::213:7ecd
2a02:26f0:7100:3a5::2a1
2a02:4780:24:3549:7aee:7a9d:5ed7:141a
2a02:ec80:300:ed1a::2:b
2a04:4e42:400::272
2a04:4e42:600::604
2a04:4e42:6a::84
34.117.88.159
37.148.212.176
92.205.184.140
95.100.65.183
0879bb5d0c2a656b5350211f6634d542d00b181ae6c356a84310173bb1349e1a
08fdf54e82ddb39fb09185e21b5030ff95164a89a8f28abb84a30afb90ff01bf
0c6b79f83e835956cff911f6a218a73056daae4cb35d8e39deabeccabc88df40
0d851fa21a3efb43c9f1ffe36f2a90cd636e1d02b5d62bc91c60e1ba45aa49ee
1637d5fecdf60d191a06fca88875f3bf38e28a7039776799dfe737577ef28c9f
268e25cafc6954576a229ec7e67825cafd0b5e9aa32b158db1baf87f90f57d71
3094da7fea723f242ae6ad127a1c95e3d831fc49cd104526520a3d012ba63b93
3c9aa1dc2c09b9ef868401282e0f2db46b33dbbfa24493ff3a9484eb58d51092
4272a280baf8a025bf5886939ec5783edcb796dfb2ea4fd201e2270f5316947a
43cfcc140693afde8f33a48d3ff2570e193ac1ff67dee57968c3edc4fa57c03f
43d81d0555ac1e0faec1aef4d106655be70e316995deace3a987278faed4d0e5
53b0e9684ea4f8841f253417ef709ebcba0f88bd1ca4d6f09ed64f5d19fd00c5
610c9bf59f8145d0f40a1a045fe2b351ad1b9f1fb9c2eeddfe176602d341377b
7122533b65e0ddb325844a21eba019b5c3c9d82e68f15a0f2d5192862e5ecead
7465fe926ed65ad86f7b7e692da6beb2be961c057515b062bc119307ef7f88d3
785502fe9a766fe9bcea30b96a1152f5ffadcad0e3b3aec634822aa0879639c7
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
7e0e1067d88ac32b59796276f27975b18a2daa44bbee4bed1a7c71d7cc10e0b5
7e424bc5f669778046b72d274764cd8c5487714603863f63fd44d6fb70b25028
9c3b1ff0035dac335619cc2bfd812c68ff0d3aa24c85291109c5be913e47c6e1
9c4052a091e90a7330da2955ad6d882ae647fc967fb1a894cb0fd20bd8b0d05f
a3748bc4dc461cbcd321bc15f81f0a18bad1fcfb406badb5abbff2c4b40494b6
af1108dc8b93c371224e9936e052668edaaf28bc60d0afe09e87230fa7a01897
b4700a27bf17a18a4ae167fa395c4fa469b9a4d4aef47d15ae8793030d2ada16
bdd0d00625cc1072ffae4a70f1a3a336be244bf4cc996ad6d91bf4254aace27a
d17b5a0677c8909f4903ccf63ae8f93eb0f629a16486c9869fc83080266bc9d1
d61e24b2e7f9ebd95ce4cf0e7bc45518366e5369f0c71e1e79003e952ebcea12
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1427ff13516eb1f8e7bc357487cb2da857d0226a971d5c9be1fe4f05ca57b5c
eab2d071c5515bd5657a5d7a47fb90816549163f5a640ab956b9a7a843547039
f1d6d48f1502731ae1cb942fe0bce9c1f317200ba60e189d344bf68106a6ce02
f42f7d1e2e9b56fd8e46a313582cf28ef8f363f98bf32ea7bd30c455badc050d
f4698574ba6d458be057e04dfbc114963aa20988caaf4168385fddf51c475aad
fe2cbc7b1d1a49cbe11c6a0781103e85daf3efbec57a337bb79e96bca7342248

kristalsanatlar.com Open in urlscan Pro 37.148.212.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

85 %HTTPS

50 %IPv6

33 Domains

34 Subdomains

31 IPs

8 Countries

11910 kBTransfer

12165 kBSize

6 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kristalsanatlar.com Open in urlscan Pro
37.148.212.176 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

85 %
HTTPS

50 %
IPv6

33
Domains

34
Subdomains

31
IPs

8
Countries

11910 kB
Transfer

12165 kB
Size

6
Cookies

41 HTTP transactions
0 data transactions