www.always.roxiweb.com Open in urlscan Pro
185.9.37.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://always.roxiweb.com/
Effective URL:
https://www.always.roxiweb.com/
Submission: On July 30 via api (July 30th 2024, 1:07:59 pm UTC) from US — Scanned from US

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 57 HTTP transactions. The main IP is 185.9.37.113, located in Turkey and belongs to BIRBIR, TR. The main domain is www.always.roxiweb.com.
TLS certificate: Issued by R10 on July 29th 2024. Valid for: 3 months.

This is the only time www.always.roxiweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	185.9.37.113 185.9.37.113	199608 (BIRBIR) (BIRBIR)
3	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:400d:c09::5f	15169 (GOOGLE) (GOOGLE)
5	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::71	15169 (GOOGLE) (GOOGLE)
9	185.244.144.186 185.244.144.186	199608 (BIRBIR) (BIRBIR)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
57	13

23 185.9.37.113 (Turkey) 1 redirects

ASN199608 (BIRBIR, TR)
PTR: 185-9-37-113.birbir.com.tr

always.roxiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.always.roxiweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c09::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.244.144.186 (Turkey)

ASN199608 (BIRBIR, TR)
PTR: 185-244-144-186.birbir.com.tr

cdn7.emlakkobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	roxiweb.com 1 redirects always.roxiweb.com www.always.roxiweb.com	476 KB
9	emlakkobi.com cdn7.emlakkobi.com	392 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	301 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	58 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	71 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	gstatic.com fonts.gstatic.com	82 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	192 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	85 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
57	13

	Domain	Requested by
22	www.always.roxiweb.com	www.always.roxiweb.com
9	cdn7.emlakkobi.com	www.always.roxiweb.com
8	mc.yandex.com	2 redirects www.always.roxiweb.com mc.yandex.ru
5	cdnjs.cloudflare.com	www.always.roxiweb.com cdnjs.cloudflare.com
3	cdn.jsdelivr.net	www.always.roxiweb.com
2	www.facebook.com	www.always.roxiweb.com
2	mc.yandex.ru	1 redirects www.always.roxiweb.com
2	connect.facebook.net	www.always.roxiweb.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.always.roxiweb.com www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	code.jquery.com	www.always.roxiweb.com
1	fonts.googleapis.com	www.always.roxiweb.com
1	always.roxiweb.com	1 redirects
57	14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
*.always.roxiweb.com R10	`2024-07-29` - `2024-10-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
cdn7.emlakkobi.com R10	`2024-06-08` - `2024-09-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-08` - `2024-08-06`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.always.roxiweb.com/
Frame ID: DDC800F875550896F5121CE5D2C62B85
Requests: 58 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 2A349E13B69AFFA20D0106B759417FAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Yeni Nesil Yatırım | Redwoork Gayrimenkul

Page URL History Show full URLs

https://always.roxiweb.com/ HTTP 301
https://www.always.roxiweb.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

57
Requests

96 %
HTTPS

75 %
IPv6

13
Domains

14
Subdomains

13
IPs

4
Countries

1735 kB
Transfer

3438 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/redwoorktr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/redwoorktr/

Search URL Search Domain Scan URL

URL: https://twitter.com/redwoorktr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://always.roxiweb.com/ HTTP 301
https://www.always.roxiweb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10446.0gca7i-idnwKo7aKmxAye8CuxqUc-MqZPTynm4AKHjOE1VtJPiCsk5ujDDHpeGG1.CgXxol3dNhMpayCxDtZiICmcFtk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10446.fHWLTi3FiXexMxwOfzq0D42LyrIPsdolDo5dVLxgZQc4cm2sLytUeep20v_o1Sk3eSqqFyfyPuI1UqHQa_eeT82-EmJRhw_czQ5_A7qxiV9rFHaMM2rJgvkvtNfooTrJouaRYlZ-ZD5JTq-Dx5tURSBH8KiOfHPzMC4YMPdelRdpky72wgwcmT8L4KBHV2za-aQAEcMJ1BrghznhcRK2mxVaSvWq863cE_zC1_tyHhc%2C.vE-eknlBk8Q0IkfPZrPUtTot0sQ%2C

Request Chain 54

https://mc.yandex.com/watch/95789813?wmode=7&page-url=https%3A%2F%2Fwww.always.roxiweb.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A1394663414635%3Ahid%3A217318251%3Az%3A-600%3Ai%3A20240730030753%3Aet%3A1722344873%3Ac%3A1%3Arn%3A979436298%3Arqn%3A1%3Au%3A1722344873218029991%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2189%3Awv%3A2%3Ads%3A0%2C0%2C264%2C2%2C1228%2C0%2C%2C1009%2C0%2C%2C%2C%2C2697%3Aco%3A0%3Acpf%3A1%3Ans%3A1722344869499%3Agi%3AR0ExLjEuNTM4NjQxODMyLjE3MjIzNDQ4NzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722344874%3At%3AYeni%20Nesil%20Yat%C4%B1r%C4%B1m%20%7C%20Redwoork%20Gayrimenkul&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21561860)ti(1) HTTP 302
https://mc.yandex.com/watch/95789813/1?wmode=7&page-url=https%3A%2F%2Fwww.always.roxiweb.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A1394663414635%3Ahid%3A217318251%3Az%3A-600%3Ai%3A20240730030753%3Aet%3A1722344873%3Ac%3A1%3Arn%3A979436298%3Arqn%3A1%3Au%3A1722344873218029991%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2189%3Awv%3A2%3Ads%3A0%2C0%2C264%2C2%2C1228%2C0%2C%2C1009%2C0%2C%2C%2C%2C2697%3Aco%3A0%3Acpf%3A1%3Ans%3A1722344869499%3Agi%3AR0ExLjEuNTM4NjQxODMyLjE3MjIzNDQ4NzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722344874%3At%3AYeni%20Nesil%20Yat%C4%B1r%C4%B1m%20%7C%20Redwoork%20Gayrimenkul&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821561860%29ti%281%29

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.always.roxiweb.com/
Redirect Chain

https://always.roxiweb.com/
https://www.always.roxiweb.com/

58 KB
7 KB

457ms
265ms

Document
text/html

185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 2267a79f3cb90da61ecb5a0adac829e620427ae1e385394d7103b656702bd5d1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=7200, private, must-revalidate
content-encoding: br
content-type: text/html; Charset=UTF-8;charset=UTF-8; charset=UTF-8
date: Tue, 30 Jul 2024 13:07:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 795
content-type: text/html
date: Tue, 30 Jul 2024 13:07:50 GMT
location: https://www.always.roxiweb.com/
server: LiteSpeed

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 216 KB
33 KB 98ms
30ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.always.roxiweb.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 13:07:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1675926
x-jsd-version: 5.3.0-alpha1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
x-served-by: cache-fra-eddf8230112-FRA, cache-mia-kmia1760039-MIA
x-jsd-version-type: version
etag: W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 186ms
67ms Stylesheet
text/css 2607:f8b0:400d:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a2d8b2d5c6ff24f9613926f193921377e2845260b63f64cb2b3223006427532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 11:44:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jul 2024 13:07:51 GMT

GET
H3 200 bootstrap-select.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.14.0-beta2/css/ 12 KB
3 KB 105ms
67ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.14.0-beta2/css/bootstrap-select.min.css

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52a884cab5b5b01e5de990f37165ca7d8091e0c29560c11d5cd8c975ef387237

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1037993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1992
last-modified: Fri, 26 Mar 2021 06:31:33 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "605d7fc5-2e38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fW8VXMXbwHuWmr4I8hOmKOxt0L1V2YeYuYs96dmL%2BrMOE4bW1th67zPPb88cTpu8pk2bo9pHZO09adpPvQjKlPW%2F3DsP4VUT%2BGHhTUTHL%2BjFlkzzqVDMnyaW6aF3e2lC2WYm6oVp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab592f53c6d498c-MIA
expires: Sun, 20 Jul 2025 13:07:51 GMT

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/ 100 KB
19 KB 75ms
38ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1060191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18778
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-495a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfYq0DqeXffzNPM3MFWGKah9sP40ok09YdSdYsmyHOb0pS%2BA3medfsTRYGbCa6lzuedKAxPA8douHFCv9OsSZE0mgpi0%2BcnxcpPT4d3lZjniV9socIzpmSTPv9wBE1usH7HoKp23"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab592f53c6b498c-MIA
expires: Sun, 20 Jul 2025 13:07:51 GMT

GET
H2 200 custom.css
www.always.roxiweb.com/ekobi-temalar/konsept/css/ 17 KB
3 KB 382ms
379ms Stylesheet
text/css 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/custom.css?v=8eb9f51be5381e3493c4512fece87c18
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 96998947330350e6aab3d6e567accb2dff1ad5e2bcb13a83b3f78a2fad7dd02d

Request headers

Referer: https://www.always.roxiweb.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
last-modified: Tue, 30 Jul 2024 12:21:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 3427
expires: Thu, 08 Aug 2024 05:27:51 GMT

GET
H2 200 owl.carousel.min.css
www.always.roxiweb.com/ekobi-temalar/konsept/css/ 3 KB
1 KB 381ms
379ms Stylesheet
text/css 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/owl.carousel.min.css?v=08082023
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 123ec16b0c064a4974331cd142dca44daa5327562ddcb2ebf56dfb7f8d1cce79

Request headers

Referer: https://www.always.roxiweb.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
last-modified: Fri, 07 Apr 2023 14:31:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 926
expires: Thu, 08 Aug 2024 05:27:51 GMT

GET
H2 200 owl.theme.default.min.css
www.always.roxiweb.com/ekobi-temalar/konsept/css/ 3 KB
653 B 382ms
380ms Stylesheet
text/css 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/owl.theme.default.min.css?v=08082023
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: ce76107ca395050cdc0fdcdedc5e024d3ef8a767f7f69232e9e42c68729bb04b

Request headers

Referer: https://www.always.roxiweb.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
last-modified: Fri, 07 Apr 2023 15:35:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 597
expires: Thu, 08 Aug 2024 05:27:51 GMT

GET
H2 200 phone-editor.css
www.always.roxiweb.com/ekobi-temalar/konsept/css/ 24 KB
3 KB 382ms
380ms Stylesheet
text/css 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/phone-editor.css
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 9c2e4a8b182d1db69ad31b1369d2b08c1f2e323ac4efb2da424162b01b286988

Request headers

Referer: https://www.always.roxiweb.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 23:03:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 2543
expires: Thu, 08 Aug 2024 05:27:51 GMT

GET
H2 200 logo.png
www.always.roxiweb.com/img/ 24 KB
24 KB 382ms
381ms Image
image/png 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.always.roxiweb.com/img/logo.png
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 77e8023141b4d4dba9e24fbafab57bb2d82eac2f106d45aa939c20a57acfa20d

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
last-modified: Mon, 29 Jul 2024 17:40:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 24885
expires: Fri, 30 Aug 2024 13:07:51 GMT

GET
H2 200 loading-slider-bg.jpg
www.always.roxiweb.com/img/ 80 KB
80 KB 383ms
382ms Image
image/jpeg 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.always.roxiweb.com/img/loading-slider-bg.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: b1399acf87abddc5ab448ac9a58a51910f27ffacb6aacd8376bbec69dc36b69e

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
last-modified: Mon, 04 Dec 2023 20:51:46 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 82076
expires: Fri, 30 Aug 2024 13:07:51 GMT

GET
H2 200 load.svg
www.always.roxiweb.com/img/ 460 B
367 B 376ms
374ms Image
image/svg+xml 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.always.roxiweb.com/img/load.svg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 2ddfde6b9701fce75e63c2c79e9091723aa80237eda12371502f896bad37f1b5

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 21:48:00 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 260
expires: Tue, 06 Aug 2024 13:07:51 GMT

GET
H2 200 twitter-x.png
www.always.roxiweb.com/img/ 5 KB
5 KB 191ms
191ms Image
image/png 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.always.roxiweb.com/img/twitter-x.png
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 886806baa420e445c89d9d3e900d8e32abe9dc28ab81792ba6e93655e7edff54

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
last-modified: Mon, 04 Dec 2023 23:58:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 5359
expires: Fri, 30 Aug 2024 13:07:52 GMT

GET
H2 200 jquery-3.6.3.js Show response
code.jquery.com/ 287 KB
85 KB 93ms
30ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.3.js
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953

Request headers

Referer: https://www.always.roxiweb.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 369120
x-cache: HIT, HIT
content-length: 86394
x-served-by: cache-lga21934-LGA, cache-mia-kmia1760062-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1722344871.293259,VS0,VE0
etag: W/"28feccc0-47b27"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2005, 631

GET
H2 200 owl.carousel.min.js Show response
www.always.roxiweb.com/ekobi-temalar/konsept/js/ 43 KB
11 KB 376ms
374ms Script
text/javascript 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/js/owl.carousel.min.js?v=07092023
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: f766ccf5cfda3282b04e986062a2e8a427c15426b7405faf0fd81357494fcdb3

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
last-modified: Fri, 07 Apr 2023 14:56:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400, private
accept-ranges: bytes
content-length: 11137
expires: Fri, 30 Aug 2024 13:07:51 GMT

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/ 20 KB
8 KB 108ms
62ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/popper.min.js

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.always.roxiweb.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 13:07:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 483283
x-jsd-version: 2.11.6
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7656
x-served-by: cache-fra-eddf8230136-FRA, cache-mia-kmia1760039-MIA
x-jsd-version-type: version
etag: W/"4e7f-YDO5/9GsCmSrp3VxzVXmgduuK5k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ 59 KB
17 KB 87ms
42ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.min.js

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34f2409f58b3fd380f8efcde331e18531e6c4bce3ac22ffaa01ef2a8ed2efd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.always.roxiweb.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 30 Jul 2024 13:07:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2961573
x-jsd-version: 5.3.0-alpha1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17444
x-served-by: cache-fra-eddf8230084-FRA, cache-mia-kmia1760039-MIA
x-jsd-version-type: version
etag: W/"ec8a-z/PmJCRGsgLcOzQ/ORPiUuHO4kQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 youtube.js Show response
www.always.roxiweb.com/ekobi-temalar/konsept/js/ 6 KB
2 KB 375ms
375ms Script
text/javascript 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/js/youtube.js?v=07092023
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 26329a667ea36cc453511a24bf1fdcefb5b0316101422d49ac3bcf0a3d6ced8e

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
last-modified: Thu, 07 Sep 2023 07:29:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400, private
accept-ranges: bytes
content-length: 1940
expires: Fri, 30 Aug 2024 13:07:51 GMT

GET
H2 200 bootstrap-select.min.js Show response
www.always.roxiweb.com/ekobi-temalar/konsept/js/ 56 KB
16 KB 375ms
375ms Script
text/javascript 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/js/bootstrap-select.min.js
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: f89cb151625df32688aa0c8e3889b18d5793231980a623e6aa5d128b054f6376

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
last-modified: Sun, 20 Aug 2023 07:50:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400, private
accept-ranges: bytes
content-length: 16701
expires: Fri, 30 Aug 2024 13:07:51 GMT

GET
H2 200 lazysizes.js Show response
www.always.roxiweb.com/ekobi-temalar/konsept/js/ 19 KB
6 KB 192ms
191ms Script
text/javascript 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/js/lazysizes.js?v=07092023
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 7bf5e413f0351aeb9a57ac6dc124ddb9c28cd44941265e17473562958a9ff581

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
content-encoding: br
last-modified: Mon, 04 Jul 2022 11:40:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400, private
accept-ranges: bytes
content-length: 5626
expires: Fri, 30 Aug 2024 13:07:52 GMT

GET
H2 200 slick.js Show response
www.always.roxiweb.com/ekobi-temalar/konsept/js/ 41 KB
10 KB 192ms
191ms Script
text/javascript 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/js/slick.js?v=07092023
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 5bd085ae9683aaf57ae67bb6bd1f645359b5a1150b548e79ee0c7be68a2e3a23

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
content-encoding: br
last-modified: Sat, 02 Sep 2023 07:18:41 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400, private
accept-ranges: bytes
content-length: 10112
expires: Fri, 30 Aug 2024 13:07:52 GMT

GET
H2 200 phone-editor.js Show response
www.always.roxiweb.com/ekobi-temalar/konsept/js/ 66 KB
12 KB 191ms
190ms Script
text/javascript 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/js/phone-editor.js
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 3da73bcfcc2995aee6542c38f80c598eedfe0bf69972d54b1eebfbde1c7a221a

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 23:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400, private
accept-ranges: bytes
content-length: 11967
expires: Fri, 30 Aug 2024 13:07:52 GMT

GET
H2 200 phone-utils.js Show response
www.always.roxiweb.com/ekobi-temalar/konsept/js/ 241 KB
53 KB 192ms
191ms Script
text/javascript 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/js/phone-utils.js
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 0979ca8b0d7035d7782f405e0460472cd8420e6c213a37b69ae57d90182f1ba6

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 22:52:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400, private
accept-ranges: bytes
content-length: 54616
expires: Fri, 30 Aug 2024 13:07:52 GMT

GET
H2 200 start.js Show response
www.always.roxiweb.com/ekobi-temalar/konsept/js/ 4 KB
1 KB 192ms
192ms Script
text/javascript 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/js/start.js?v=08122023-v1
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: b898e3ca353340594f56288c4a937e352cd7f40cdfd0a98bffb12e3d99041011

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
content-encoding: br
last-modified: Sat, 09 Dec 2023 10:53:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400, private
accept-ranges: bytes
content-length: 1142
expires: Fri, 30 Aug 2024 13:07:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 253 KB
91 KB 198ms
84ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCHRF686

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c19d25bd81de01060cbce671aca83730381155d8f61798fb564461ac6586319c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92542
x-xss-protection: 0
last-modified: Tue, 30 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jul 2024 13:07:51 GMT

GET
H2 200 property-img-load.jpg
www.always.roxiweb.com/img/ 18 KB
18 KB 323ms
323ms Image
image/jpeg 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.always.roxiweb.com/img/property-img-load.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/custom.css?v=8eb9f51be5381e3493c4512fece87c18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: e2692441e32a86091e5055dba9fb8c0c5f4d7b4a8c75db8aa294d4f841107a57

Request headers

Referer: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/custom.css?v=8eb9f51be5381e3493c4512fece87c18
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
last-modified: Mon, 29 Jul 2024 17:45:23 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 18175
expires: Fri, 30 Aug 2024 13:07:51 GMT

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo-icon.png
www.always.roxiweb.com/img/ 2 KB
2 KB 324ms
324ms Image
image/png 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.always.roxiweb.com/img/logo-icon.png
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/custom.css?v=8eb9f51be5381e3493c4512fece87c18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 7d495669d79ae887cd6907570c0bd40a6f5b6be7f3ae2ed1accd6f11dfb7dee6

Request headers

Referer: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/custom.css?v=8eb9f51be5381e3493c4512fece87c18
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
last-modified: Tue, 05 Dec 2023 08:36:59 GMT
server: LiteSpeed
content-type: image/png
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 2170
expires: Fri, 30 Aug 2024 13:07:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 172ms
56ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 01:33:28 GMT
x-content-type-options: nosniff
age: 473663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Jul 2025 01:33:28 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ 107 KB
108 KB 40ms
39ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 462885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109808
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-1acf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUJoneEbgAxXaTrtVoCOWEVPCedzTMCE6B24yIwqBtQ9w%2BCPh%2FVy4LzA8wFp6IPQCsZbCmREqiQ7cDulOLhl402a3o631COZLNNtGlLpQZh0Uxc7ZLTZpu8HkSpd193N9zvQlZQt"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab592f7cf03498c-MIA
expires: Sun, 20 Jul 2025 13:07:51 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ 147 KB
147 KB 69ms
68ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1552304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-24a04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41MB5II6NCZlffJv1%2BxH%2FBozZpLLhNUzyje%2BVcMPTbLh8OabNxpZtLrFsX2MFqthnSntsz5BcSK1X9FQ%2BvWJR1B5W%2F%2FA%2BLPAWOCtr%2BR6csB3VgXY4nN7yyQeHyg9EJg2ht6llQBE"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab592f7cf06498c-MIA
expires: Sun, 20 Jul 2025 13:07:51 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/ 24 KB
24 KB 160ms
159ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 510018
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 24488
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cac444-5fa8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWMGsBRZ8WsJZfthS8wvLUWsnWf0fs5mUJ7IBdYMKUAcmqVEmj2EkXkPN6GXEo7g8TxoaLWLHrtV7XxB5pggR4TsTVD%2BT40iXYp2CG564WeGqi4SJkaU3y2H175isI8%2F2wmUu1uq"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8ab592f7cf07498c-MIA
expires: Sun, 20 Jul 2025 13:07:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 252ms
138ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.always.roxiweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 01:33:34 GMT
x-content-type-options: nosniff
age: 473657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35328
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Jul 2025 01:33:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 87ms
86ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R9WJ1B853G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCHRF686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f2b7ccf58a8aab96113fd73e8b418f4eebdd345a86ab5170131c90c765caa21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103842
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jul 2024 13:07:51 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 178ms
64ms Fetch
text/plain 2607:f8b0:4004:c1d::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R9WJ1B853G&gtm=45je47t0v9172602045z89172594838za200zb9172594838&_p=1722344871581&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=538641832.1722344872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722344872&sct=1&seg=0&dl=https%3A%2F%2Fwww.always.roxiweb.com%2F&dt=Yeni%20Nesil%20Yat%C4%B1r%C4%B1m%20%7C%20Redwoork%20Gayrimenkul&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2610
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R9WJ1B853G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 13:07:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.always.roxiweb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 slider-orjinal.jpg
www.always.roxiweb.com/img/ 148 KB
148 KB 193ms
191ms Image
image/jpeg 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.always.roxiweb.com/img/slider-orjinal.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 25d77bb1f844b6cea61cd37fdac2ec0bcee2aa09b00b73cbc7d5e100cbc13bd2

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
last-modified: Tue, 30 Jul 2024 10:07:41 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 151558
expires: Fri, 30 Aug 2024 13:07:52 GMT

GET
H/1.1 200
OK mini-o_1hp8d5knkabimftgil1t5thhne.jpg
cdn7.emlakkobi.com/upload/2024/03/redwoork/ 43 KB
43 KB 800ms
211ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2024/03/redwoork/mini-o_1hp8d5knkabimftgil1t5thhne.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: 534ce6bc164d30dc011165852b670b4bc1cf2b76b3b77b2bd39fc25b30381360

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:52 GMT
Last-Modified: Mon, 18 Mar 2024 09:09:39 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43640
Expires: Wed, 30 Jul 2025 13:07:52 GMT

GET
H/1.1 200
OK mini-o_1hp8cf05e2716e8k9qika14g1e.jpg
cdn7.emlakkobi.com/upload/2024/03/redwoork/ 43 KB
43 KB 782ms
211ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2024/03/redwoork/mini-o_1hp8cf05e2716e8k9qika14g1e.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: a64d3f2cec810a0925f8f23c8c130aac36e64db2b26b2907f42a522fcc62cc2a

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:52 GMT
Last-Modified: Mon, 18 Mar 2024 08:57:17 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43545
Expires: Wed, 30 Jul 2025 13:07:52 GMT

GET
H/1.1 200
OK mini-o_1hp8b0lot18c31emn1n4j1p7lb21e.jpg
cdn7.emlakkobi.com/upload/2024/03/redwoork/ 50 KB
50 KB 791ms
219ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2024/03/redwoork/mini-o_1hp8b0lot18c31emn1n4j1p7lb21e.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: 5534b669e89d01df1562085de9d44bd9c28b8d372ee6bc2edca3bc578239ea4b

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:52 GMT
Last-Modified: Mon, 18 Mar 2024 08:31:59 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51293
Expires: Wed, 30 Jul 2025 13:07:52 GMT

GET
H/1.1 200
OK mini-o_1hp8a8iff15et11n6gkrog15fie.jpg
cdn7.emlakkobi.com/upload/2024/03/redwoork/ 50 KB
50 KB 774ms
194ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2024/03/redwoork/mini-o_1hp8a8iff15et11n6gkrog15fie.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: 5534b669e89d01df1562085de9d44bd9c28b8d372ee6bc2edca3bc578239ea4b

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:52 GMT
Last-Modified: Mon, 18 Mar 2024 08:18:49 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51293
Expires: Wed, 30 Jul 2025 13:07:52 GMT

GET
H/1.1 200
OK mini-o_1h57l1i6f11ubrgl13lv14ap132he.jpg
cdn7.emlakkobi.com/upload/2023/07/redwoork/ 27 KB
28 KB 773ms
194ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2023/07/redwoork/mini-o_1h57l1i6f11ubrgl13lv14ap132he.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: f641d5951a85e3323f98b8778e96fc491f6e6ab67177d002035b2193d1ace0cb

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:52 GMT
Last-Modified: Thu, 13 Jul 2023 12:53:55 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27836
Expires: Wed, 30 Jul 2025 13:07:52 GMT

GET
H/1.1 200
OK mini-o_1h4g18o17101a1muuuo1ae91jd4e.jpg
cdn7.emlakkobi.com/upload/2023/07/redwoork/ 54 KB
54 KB 780ms
196ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2023/07/redwoork/mini-o_1h4g18o17101a1muuuo1ae91jd4e.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: 01dc41d7409099c9d150adac5ebd409556754f251f4186dcebff76209a83aa1e

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:52 GMT
Last-Modified: Tue, 04 Jul 2023 08:45:31 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 54862
Expires: Wed, 30 Jul 2025 13:07:52 GMT

GET
H2 200 phone-flags.png
www.always.roxiweb.com/img/ 69 KB
69 KB 191ms
191ms Image
image/png 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.always.roxiweb.com/img/phone-flags.png
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/phone-editor.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

Referer: https://www.always.roxiweb.com/ekobi-temalar/konsept/css/phone-editor.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
last-modified: Mon, 04 Dec 2023 22:52:55 GMT
server: LiteSpeed
content-type: image/png
cache-control: max-age=2678400, public
accept-ranges: bytes
content-length: 70857
expires: Fri, 30 Aug 2024 13:07:52 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 174ms
58ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 13:07:52 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 5VdMalRomE7Ypnta7azR9bzfRjzESuDLdbxXh9qxPsMNR4vd4rm3OH7Irs0bAbkke+gpDTyTtHvH+Fs6V536Rg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 737ms
367ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

184ff4719d5c387812c3b3d9ba9522c3cf597085ba2092079142903e994dc304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:52 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66a0f74a-1166d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71277
expires: Tue, 30 Jul 2024 14:07:52 GMT

GET
H2 200 3479155542334346 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 108ms
107ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3479155542334346?v=2.9.162&r=stable&domain=www.always.roxiweb.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7e4b09cce64be98a319ccb4086df27693c73400ed0999a9008321f02acfbb85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 13:07:52 GMT
document-policy: force-load-at-top
x-fb-server-load: 39
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=64, mss=1297, tbw=64189, tp=-1, tpl=-1, uplat=50, ullat=1
pragma: public
x-fb-debug: s+jlrYGTQzFHUB1675If9PRg1JhPFWthzXZOM4Z8DYKaR5DdquBdhzf9y3us+EKOcs6zAImwOIo2Hx+4aWuDmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 174ms
58ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3479155542334346&ev=PageView&dl=https%3A%2F%2Fwww.always.roxiweb.com%2F&rl=&if=false&ts=1722344872664&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722344872662.357979445406179360&ler=empty&cdl=API_unavailable&it=1722344872529&coo=false&rqm=GET

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2796, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jul 2024 13:07:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 240ms
124ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3479155542334346&ev=PageView&dl=https%3A%2F%2Fwww.always.roxiweb.com%2F&rl=&if=false&ts=1722344872664&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722344872662.357979445406179360&ler=empty&cdl=API_unavailable&it=1722344872529&coo=false&rqm=FGET

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 30 Jul 2024 13:07:52 GMT
document-policy: force-load-at-top
x-fb-server-load: 39
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397414898972843874", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=3110, tp=-1, tpl=-1, uplat=63, ullat=0
pragma: no-cache
x-fb-debug: Gjzj3LQGtqz6cGTwNGPAwFCLUtJZd/44vW1z1ckS+ohRkxQFAaRBsRFvUkBGNzvOYLT4VPNGuebR5Ph8/eALHg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397414898972843874"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK mini-o_1h4e63a5cihk1cbj1o4j1p9s1gl54l.jpeg
cdn7.emlakkobi.com/upload/2023/07/redwoork/ 53 KB
54 KB 212ms
208ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2023/07/redwoork/mini-o_1h4e63a5cihk1cbj1o4j1p9s1gl54l.jpeg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: 780de7d90c533c0051680b3b758aadcbea0538ae53b83bd822825482f144041a

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:53 GMT
Last-Modified: Mon, 03 Jul 2023 15:33:36 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 54462
Expires: Wed, 30 Jul 2025 13:07:53 GMT

GET
H/1.1 200
OK mini-o_1h3fih68suq1jt9cti1lj31h0jg.jpg
cdn7.emlakkobi.com/upload/2023/06/redwoork/ 42 KB
42 KB 189ms
189ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2023/06/redwoork/mini-o_1h3fih68suq1jt9cti1lj31h0jg.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: 4dfcd130d4dad834f70c206381f6f80df9893f683aa03f383619bd62b30a7b79

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:53 GMT
Last-Modified: Wed, 21 Jun 2023 18:12:33 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 42728
Expires: Wed, 30 Jul 2025 13:07:53 GMT

GET
H/1.1 200
OK mini-o_1h32lolc71vsjh7i1v0jhsl18p9e.jpg
cdn7.emlakkobi.com/upload/2023/06/redwoork/ 28 KB
28 KB 193ms
192ms Image
image/jpeg 185.244.144.186
BIRBIR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn7.emlakkobi.com/upload/2023/06/redwoork/mini-o_1h32lolc71vsjh7i1v0jhsl18p9e.jpg
Requested by: Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.144.186 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-244-144-186.birbir.com.tr
Software: Apache /
Resource Hash: 44ea9e02e31cc3e4123e3b220dfbc3c87ba5dd2b2f2a592e5b36daff2e56a891

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 30 Jul 2024 13:07:53 GMT
Last-Modified: Fri, 16 Jun 2023 17:58:58 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=31536000 , public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 28382
Expires: Wed, 30 Jul 2025 13:07:53 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10446.0gca7i-idnwKo7aKmxAye8CuxqUc-MqZPTynm4AKHjOE1VtJPiCsk5ujDDHpeGG1.CgXxol3dNhMpayCxDtZiICmcFtk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10446.fHWLTi3FiXexMxwOfzq0D42LyrIPsdolDo5dVLxgZQc4cm2sLytUeep20v_o1Sk3eSqqFyfyPuI1UqHQa_eeT82-EmJRhw_czQ5_A7qxiV9rFHaMM2rJgvkvtNfooTrJouaRYlZ-ZD...

43 B
675 B

188ms
187ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10446.fHWLTi3FiXexMxwOfzq0D42LyrIPsdolDo5dVLxgZQc4cm2sLytUeep20v_o1Sk3eSqqFyfyPuI1UqHQa_eeT82-EmJRhw_czQ5_A7qxiV9rFHaMM2rJgvkvtNfooTrJouaRYlZ-ZD5JTq-Dx5tURSBH8KiOfHPzMC4YMPdelRdpky72wgwcmT8L4KBHV2za-aQAEcMJ1BrghznhcRK2mxVaSvWq863cE_zC1_tyHhc%2C.vE-eknlBk8Q0IkfPZrPUtTot0sQ%2C

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 13:07:53 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10446.fHWLTi3FiXexMxwOfzq0D42LyrIPsdolDo5dVLxgZQc4cm2sLytUeep20v_o1Sk3eSqqFyfyPuI1UqHQa_eeT82-EmJRhw_czQ5_A7qxiV9rFHaMM2rJgvkvtNfooTrJouaRYlZ-ZD5JTq-Dx5tURSBH8KiOfHPzMC4YMPdelRdpky72wgwcmT8L4KBHV2za-aQAEcMJ1BrghznhcRK2mxVaSvWq863cE_zC1_tyHhc%2C.vE-eknlBk8Q0IkfPZrPUtTot0sQ%2C
date: Tue, 30 Jul 2024 13:07:53 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
595 B 186ms
185ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 13:07:53 GMT
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66a0f74a-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 30 Jul 2024 14:07:53 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 2A34 0
0 558ms
196ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.always.roxiweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 30 Jul 2024 13:07:54 GMT
etag: "66a0f74a-416"
expires: Tue, 30 Jul 2024 14:07:54 GMT
last-modified: Wed, 24 Jul 2024 12:44:58 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/95789813/
Redirect Chain

https://mc.yandex.com/watch/95789813?wmode=7&page-url=https%3A%2F%2Fwww.always.roxiweb.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/95789813/1?wmode=7&page-url=https%3A%2F%2Fwww.always.roxiweb.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Aut...

499 B
783 B

185ms
185ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/95789813/1?wmode=7&page-url=https%3A%2F%2Fwww.always.roxiweb.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A1394663414635%3Ahid%3A217318251%3Az%3A-600%3Ai%3A20240730030753%3Aet%3A1722344873%3Ac%3A1%3Arn%3A979436298%3Arqn%3A1%3Au%3A1722344873218029991%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2189%3Awv%3A2%3Ads%3A0%2C0%2C264%2C2%2C1228%2C0%2C%2C1009%2C0%2C%2C%2C%2C2697%3Aco%3A0%3Acpf%3A1%3Ans%3A1722344869499%3Agi%3AR0ExLjEuNTM4NjQxODMyLjE3MjIzNDQ4NzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722344874%3At%3AYeni%20Nesil%20Yat%C4%B1r%C4%B1m%20%7C%20Redwoork%20Gayrimenkul&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821561860%29ti%281%29

Requested by

Host: www.always.roxiweb.com
URL: https://www.always.roxiweb.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

97f82589e3caf5c44fbfc03c4d2f93058122998a7d017e9844e35b38febb912d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 30 Jul 2024 13:07:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 30-Jul-2024 13:07:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.always.roxiweb.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 499
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 13:07:54 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2024 13:07:53 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30-Jul-2024 13:07:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/95789813/1?wmode=7&page-url=https%3A%2F%2Fwww.always.roxiweb.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1400%3Acn%3A1%3Adp%3A0%3Als%3A1394663414635%3Ahid%3A217318251%3Az%3A-600%3Ai%3A20240730030753%3Aet%3A1722344873%3Ac%3A1%3Arn%3A979436298%3Arqn%3A1%3Au%3A1722344873218029991%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2189%3Awv%3A2%3Ads%3A0%2C0%2C264%2C2%2C1228%2C0%2C%2C1009%2C0%2C%2C%2C%2C2697%3Aco%3A0%3Acpf%3A1%3Ans%3A1722344869499%3Agi%3AR0ExLjEuNTM4NjQxODMyLjE3MjIzNDQ4NzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722344874%3At%3AYeni%20Nesil%20Yat%C4%B1r%C4%B1m%20%7C%20Redwoork%20Gayrimenkul&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821561860%29ti%281%29
access-control-allow-origin: https://www.always.roxiweb.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 13:07:53 GMT

GET
H2 404 favicon-979de58b65d95875409729fc1f775877e04d544e.png
www.always.roxiweb.com/upload/resim/ 2 KB
854 B 201ms
200ms Other
text/html 185.9.37.113
BIRBIR

General

Check archive.org

Show headers Download Go to

Full URL: https://www.always.roxiweb.com/upload/resim/favicon-979de58b65d95875409729fc1f775877e04d544e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.9.37.113 , Turkey, ASN199608 (BIRBIR, TR),
Reverse DNS: 185-9-37-113.birbir.com.tr
Software: LiteSpeed /
Resource Hash: e49d9172e7f281871db7488f4f9d3a10feb1f2d10e9810fa94a9103a5608bb2c

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 13:07:54 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html; Charset=UTF-8;charset=UTF-8; charset=UTF-8
cache-control: max-age=7200, private, must-revalidate
content-length: 790
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 95789813
mc.yandex.com/webvisor/ 43 B
0 921ms
348ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/95789813?wv-part=1&wv-type=7&wmode=0&wv-hit=217318251&page-url=https%3A%2F%2Fwww.always.roxiweb.com%2F&rn=408093845&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1722344878%3Aw%3A1600x1200%3Av%3A1400%3Az%3A-600%3Ai%3A20240730030757%3Au%3A1722344873218029991%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Ast%3A1722344878&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 13:07:58 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30-Jul-2024 13:07:58 GMT
content-type: image/gif
access-control-allow-origin: https://www.always.roxiweb.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 13:07:58 GMT

POST
H2 200 95789813
mc.yandex.com/webvisor/ 43 B
0 521ms
369ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/95789813?wv-part=1&wv-type=7&wmode=0&wv-hit=217318251&page-url=https%3A%2F%2Fwww.always.roxiweb.com%2F&rn=16364459&browser-info=we%3A1%3Aet%3A1722344878%3Aw%3A1600x1200%3Av%3A1400%3Az%3A-600%3Ai%3A20240730030758%3Au%3A1722344873218029991%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Ast%3A1722344878&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.always.roxiweb.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jul 2024 13:07:58 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30-Jul-2024 13:07:58 GMT
content-type: image/gif
access-control-allow-origin: https://www.always.roxiweb.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 30-Jul-2024 13:07:58 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.always.roxiweb.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c649b94427e60752c4e803a0db3f9001
.roxiweb.com/	1970-01-21 00:35:20	Name: _gcl_au Value: 1.1.674506422.1722344872
.roxiweb.com/	1970-01-21 08:01:44	Name: _ga_R9WJ1B853G Value: GS1.1.1722344872.1.0.1722344872.0.0.0
.roxiweb.com/	1970-01-21 08:01:44	Name: _ga Value: GA1.1.538641832.1722344872
.roxiweb.com/	1970-01-21 00:35:20	Name: _fbp Value: fb.1.1722344872662.357979445406179360
.yandex.ru/	1970-01-21 08:01:44	Name: i Value: mltkk6KHxkUZfdr0DPiS6ErTWRhJaX6NlGXjoEc6dTtun3MtftKljRyFNa/iQiGEjTfnqXy7xWuDszFEx2RQqNyoek4=
.yandex.ru/	1970-01-21 08:01:44	Name: yandexuid Value: 7304264161722344872
.yandex.ru/	1970-01-21 07:11:20	Name: yashr Value: 7866002591722344872
.roxiweb.com/	1970-01-21 07:11:20	Name: _ym_uid Value: 1722344873218029991
.roxiweb.com/	1970-01-21 07:11:20	Name: _ym_d Value: 1722344873
.mc.yandex.com/	1970-01-20 22:25:45	Name: sync_cookie_csrf Value: 3580723070fake
.yandex.com/	1970-01-21 07:11:20	Name: yashr Value: 8627829651722344873
.roxiweb.com/	1970-01-20 22:26:56	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 22:25:45	Name: sync_cookie_csrf Value: 4238066420fake
.yandex.com/	1970-01-21 07:11:20	Name: yandexuid Value: 7304264161722344872
.yandex.com/	1970-01-21 07:11:20	Name: yuidss Value: 7304264161722344872
.yandex.com/	1970-01-21 08:01:44	Name: i Value: mltkk6KHxkUZfdr0DPiS6ErTWRhJaX6NlGXjoEc6dTtun3MtftKljRyFNa/iQiGEjTfnqXy7xWuDszFEx2RQqNyoek4=
.yandex.com/	1970-01-21 08:01:44	Name: yp Value: 1722431273.yu.9944754801722344873
.mc.yandex.com/	1970-01-20 22:27:11	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 793847821722344873
.yandex.com/	1970-01-21 07:11:20	Name: ymex Value: 1724936873.oyu.9944754801722344873#1753880873.yrts.1722344873
.yandex.com/	1970-01-21 07:11:20	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:01:44	Name: bh Value: KgI/MGCqy6O1Bg==
.roxiweb.com/	1970-01-20 22:25:46	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.always.roxiweb.com/upload/resim/favicon-979de58b65d95875409729fc1f775877e04d544e.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

always.roxiweb.com
cdn.jsdelivr.net
cdn7.emlakkobi.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
www.always.roxiweb.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.17.25.14
185.244.144.186
185.9.37.113
2607:f8b0:4004:c06::61
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c1d::71
2607:f8b0:400d:c09::5f
2a02:6b8::1:119
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:200::649
01dc41d7409099c9d150adac5ebd409556754f251f4186dcebff76209a83aa1e
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0979ca8b0d7035d7782f405e0460472cd8420e6c213a37b69ae57d90182f1ba6
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
123ec16b0c064a4974331cd142dca44daa5327562ddcb2ebf56dfb7f8d1cce79
184ff4719d5c387812c3b3d9ba9522c3cf597085ba2092079142903e994dc304
2267a79f3cb90da61ecb5a0adac829e620427ae1e385394d7103b656702bd5d1
25d77bb1f844b6cea61cd37fdac2ec0bcee2aa09b00b73cbc7d5e100cbc13bd2
26329a667ea36cc453511a24bf1fdcefb5b0316101422d49ac3bcf0a3d6ced8e
2ddfde6b9701fce75e63c2c79e9091723aa80237eda12371502f896bad37f1b5
34f2409f58b3fd380f8efcde331e18531e6c4bce3ac22ffaa01ef2a8ed2efd4b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3da73bcfcc2995aee6542c38f80c598eedfe0bf69972d54b1eebfbde1c7a221a
44ea9e02e31cc3e4123e3b220dfbc3c87ba5dd2b2f2a592e5b36daff2e56a891
4dfcd130d4dad834f70c206381f6f80df9893f683aa03f383619bd62b30a7b79
4f2b7ccf58a8aab96113fd73e8b418f4eebdd345a86ab5170131c90c765caa21
52a884cab5b5b01e5de990f37165ca7d8091e0c29560c11d5cd8c975ef387237
534ce6bc164d30dc011165852b670b4bc1cf2b76b3b77b2bd39fc25b30381360
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5534b669e89d01df1562085de9d44bd9c28b8d372ee6bc2edca3bc578239ea4b
5bd085ae9683aaf57ae67bb6bd1f645359b5a1150b548e79ee0c7be68a2e3a23
77e8023141b4d4dba9e24fbafab57bb2d82eac2f106d45aa939c20a57acfa20d
780de7d90c533c0051680b3b758aadcbea0538ae53b83bd822825482f144041a
7bf5e413f0351aeb9a57ac6dc124ddb9c28cd44941265e17473562958a9ff581
7d495669d79ae887cd6907570c0bd40a6f5b6be7f3ae2ed1accd6f11dfb7dee6
886806baa420e445c89d9d3e900d8e32abe9dc28ab81792ba6e93655e7edff54
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
96998947330350e6aab3d6e567accb2dff1ad5e2bcb13a83b3f78a2fad7dd02d
97f82589e3caf5c44fbfc03c4d2f93058122998a7d017e9844e35b38febb912d
9a2d8b2d5c6ff24f9613926f193921377e2845260b63f64cb2b3223006427532
9c2e4a8b182d1db69ad31b1369d2b08c1f2e323ac4efb2da424162b01b286988
9d02ee01919145c20b03ee9d3013af7118793dedf5d2c0696a773af90066c953
a64d3f2cec810a0925f8f23c8c130aac36e64db2b26b2907f42a522fcc62cc2a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b1399acf87abddc5ab448ac9a58a51910f27ffacb6aacd8376bbec69dc36b69e
b898e3ca353340594f56288c4a937e352cd7f40cdfd0a98bffb12e3d99041011
c19d25bd81de01060cbce671aca83730381155d8f61798fb564461ac6586319c
ce76107ca395050cdc0fdcdedc5e024d3ef8a767f7f69232e9e42c68729bb04b
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
e2692441e32a86091e5055dba9fb8c0c5f4d7b4a8c75db8aa294d4f841107a57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49d9172e7f281871db7488f4f9d3a10feb1f2d10e9810fa94a9103a5608bb2c
e7e4b09cce64be98a319ccb4086df27693c73400ed0999a9008321f02acfbb85
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
f641d5951a85e3323f98b8778e96fc491f6e6ab67177d002035b2193d1ace0cb
f766ccf5cfda3282b04e986062a2e8a427c15426b7405faf0fd81357494fcdb3
f89cb151625df32688aa0c8e3889b18d5793231980a623e6aa5d128b054f6376
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

www.always.roxiweb.com Open in urlscan Pro 185.9.37.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

75 %IPv6

13 Domains

14 Subdomains

13 IPs

4 Countries

1735 kBTransfer

3438 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.always.roxiweb.com Open in urlscan Pro
185.9.37.113 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

75 %
IPv6

13
Domains

14
Subdomains

13
IPs

4
Countries

1735 kB
Transfer

3438 kB
Size

24
Cookies

57 HTTP transactions
2 data transactions